Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM20BA9110E4A2893CB9D1FA8A33E9F42276F63F9B6F1D5E2925BC2A1F49EE5F0B
HistoryApr 28, 2021 - 6:35 p.m.

Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affect IBM Rational DOORS Next Generation

2021-04-2818:35:50
www.ibm.com
4

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.013 Low

EPSS

Percentile

83.6%

JSON

Summary

IBM Rational DOORS Next Generation® is affected by multiple vulnerabilities in the Oracle Outside In Technology® that is used as a component.

Vulnerability Details

CVE-ID: CVE-2018-2992
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146889&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3103
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146997&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3104
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146998&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3102
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146996&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3099
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146993&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3097
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146991&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3010
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146907&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3098
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146992&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3095
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146989&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3096
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146990&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3093
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146987&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3094
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146988&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3092
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146986&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

CVE-ID: CVE-2018-3009
Description: An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause high confidentiality impact, no integrity impact, and low availability impact.
CVSS Base Score: 7.1
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/146906&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L)

Affected Products and Versions

Rational DOORS Next Generation 6.0.6

Previous versions are not affected.

Remediation/Fixes

For Rational DOORS Next Generation 6.0.6, a fix is available by upgrading to 6.0.6 iFix002 or later
Rational DOORS Next Generation 6.0.6 iFix002

For any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

If the iFix is not found in the iFix Portal please contact IBM support.

Workarounds and Mitigations

None

Related

ibm 1
cve 14
prion 14
checkpoint_advisories 1
oracle 1
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability in Oracle Outside In Technology used by IBM FileNet Content Manager
2019-01-16 21:05:01
cve
cve
CVE-2018-3098
2018-07-18 13:29:00
CVE-2018-3097
2018-07-18 13:29:00
CVE-2018-3010
2018-07-18 13:29:00
prion
prion
Buffer overflow
2018-07-18 13:29:00
Buffer overflow
2018-07-18 13:29:00
Buffer overflow
2018-07-18 13:29:00
checkpoint_advisories
checkpoint_advisories
Oracle Outside In Excel Remote Code Execution (CVE-2018-3010)
2020-01-23 00:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.013 Low

EPSS

Percentile

83.6%

JSON
Related for 20BA9110E4A2893CB9D1FA8A33E9F42276F63F9B6F1D5E2925BC2A1F49EE5F0B
ibm1cve14prion14checkpoint_advisories1oracle1