Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)

2019-10-18T00:00:00

Description

The remote Oracle Database Server is missing the October 2019 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability in the Java VM component of Oracle Database Server, which could allow an unauthenticated, remote attacker to manipulate Java VM accessible data. (CVE-2019-2909) - An unspecified vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server, which could allow an authenticated, remote attacker to cause a denial of serivce of Core RDBMS. (CVE-2019-2956) - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an authenticated, remote attacker to read a subset of Core RDBMS accessible data. (CVE-2019-2913) It is also affected by additional vulnerabilities; see the vendor advisory for more information.

{"id": "ORACLE_RDBMS_CPU_OCT_2019.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)", "description": "The remote Oracle Database Server is missing the October 2019 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified vulnerability in the Java VM component of Oracle Database Server, which could allow an unauthenticated, remote attacker to manipulate Java VM accessible data. (CVE-2019-2909)\n\n - An unspecified vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server, which could allow an authenticated, remote attacker to cause a denial of serivce of Core RDBMS. (CVE-2019-2956)\n\n - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an authenticated, remote attacker to read a subset of Core RDBMS accessible data. (CVE-2019-2913)\n\nIt is also affected by additional vulnerabilities; see the vendor advisory for more information.", "published": "2019-10-18T00:00:00", "modified": "2022-10-21T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/130058", "reporter": "This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000873", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909", "http://www.nessus.org/u?fb3a89d4", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721"], "cvelist": ["CVE-2018-1000873", "CVE-2018-11784", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-2875", "CVE-2018-8034", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "immutableFields": [], "lastseen": "2023-05-24T14:30:18", "viewCount": 70, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:1529"]}, {"type": "amazon", "idList": ["ALAS-2018-1055", "ALAS-2018-1056", "ALAS-2018-1099", "ALAS-2019-1208", "ALAS2-2019-1192", "ALAS2-2020-1402"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CRUC-8412", "ATLASSIAN:FE-7204", "ATLASSIAN:JRASERVER-67695", "ATLASSIAN:JRASERVER-68073", "ATLASSIAN:JSWSERVER-20705", "CRUC-8412", "FE-7204", "JRASERVER-68073", "JSWSERVER-20705"]}, {"type": "avleonov", "idList": ["AVLEONOV:C33EB29E3A78720B630607BECBB3CEF5"]}, {"type": "centos", "idList": ["CESA-2019:0485", "CESA-2019:2205"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0227"]}, {"type": "cisa", "idList": ["CISA:1F248E306735F9135C48F3F3143C4B37"]}, {"type": "cve", "idList": ["CVE-2018-1000873", "CVE-2018-11784", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-2875", "CVE-2018-8034", "CVE-2019-10202", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1453-1:5FFE9", "DEBIAN:DLA-1453-1:CD4E8", "DEBIAN:DLA-1491-1:FF012", "DEBIAN:DLA-1544-1:3B057", "DEBIAN:DLA-1544-1:E09B2", "DEBIAN:DLA-1545-1:8712A", "DEBIAN:DLA-1545-1:FA511", "DEBIAN:DLA-1703-1:8DD2D", "DEBIAN:DLA-1703-1:D506D", "DEBIAN:DSA-4281-1:42CC4", "DEBIAN:DSA-4281-1:EC541", "DEBIAN:DSA-4452-1:F65D2", "DEBIAN:DSA-4596-1:D180A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-11784", "DEBIANCVE:CVE-2018-14719", "DEBIANCVE:CVE-2018-14720", "DEBIANCVE:CVE-2018-14721", "DEBIANCVE:CVE-2018-19360", "DEBIANCVE:CVE-2018-19361", "DEBIANCVE:CVE-2018-19362", "DEBIANCVE:CVE-2018-8034"]}, {"type": "exploitdb", "idList": ["EDB-ID:50118"]}, {"type": "f5", "idList": ["F5:K34468163", "F5:K64921482"]}, {"type": "fedora", "idList": ["FEDORA:12DAE6051076", "FEDORA:2BBC46051742", "FEDORA:32EC36051065", "FEDORA:489136051065", "FEDORA:4DF45605106F", "FEDORA:4FB5560427DA", "FEDORA:62812605106F", "FEDORA:64CD76075F16", "FEDORA:67F5A6051068", "FEDORA:6BF9F60769FE", "FEDORA:6D39A60CC4DC", "FEDORA:7C4736051069", "FEDORA:82BA46051069", "FEDORA:87CE1617FCD1", "FEDORA:957DA605174F", "FEDORA:9E3346051071", "FEDORA:B11A16051070", "FEDORA:B8E2D6051075", "FEDORA:C4FE16051044", "FEDORA:D1E836050C52", "FEDORA:E63546051071", "FEDORA:EC39E6051044"]}, {"type": "freebsd", "idList": ["71C71CE0-0805-11EB-A3A4-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-46J3-R4PJ-4835", "GHSA-4GQ5-CH57-C2MG", "GHSA-4R8Q-GV9J-3XX6", "GHSA-5Q99-F34M-67GC", "GHSA-9MXF-G3X6-WV74", "GHSA-C27H-MCMW-48HV", "GHSA-C8HM-7HPQ-7JHG", "GHSA-F9HV-MG5H-XCW9", "GHSA-H4X4-5QP2-WP46", "GHSA-MX9V-GMH4-MGQW", "GHSA-X2W5-5M2G-7H5M"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "ibm", "idList": ["0C49DC7FF9688CB3C8974272755591BF1B851989940E674D2850C0DB0FAA67A4", "0EF4B59393438EACFD8FC2C07DD8F070A3FBCF00E78AF631B2B3CB8138D69697", "11AC7F14B60A5C486180C6662F02676A29D51924B42EC510A55CFB87D09F8654", "16BD53FF8D4AF4008A6B9480C8D62C5AECEF46E4F486EC150D2D9BBC2C7349FC", "1A6AA3516D11F0180A4B69E33BD49C5A134169FC31172DBADB73DA6B4A0AB5C3", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1B99BE15EF0865EC7D6CAAD98E1510DF110D3FC32411F14658640A57804FCBB5", "1E4F1539C9222B2009668449A6C3CF794AB01AF3B3CFBC399634BBC90D409FE5", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "3012BB3E52EE4606C8FA9F7A269A5447E9F7AA98164D91790578CF490FC3EC84", "306BF7B5D7E7305F643A51A88327446D5A7F4FC6E0960C2CD9DB2B3FDECAC1AB", "30F126C0FEE1D6C0436DFF1A6751EE8FDE2C7921F8AC99F5FF4DF624573C80E8", "3186DEE9AA9FC941B0D671333A8B344358B5DFEC2854CD67C9E38040DAD9FB71", "33950E9254985E3B3391A354C5B2C4D798A874E81BD54623B546411AD4D3DD94", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "366CE799D9AEE4234CE4D38A22D774A769300127F0319D9238DAEC27C48436E1", "3D3BF59CC576F554C3F716540167D85670B56CE61C0AA690764AE05CC62E23C5", "3E1821B985C08682BCDEB3F7FE286DDE1E327BB3B965AB5445D931413229B237", "4A1C188763F3119FDB44FDF3400E538CC823B6DC1E41575318DE1B1E213CBE04", "5103EF573939B8BBFF52DFBA2301C37020104694D7728D02C7FDA9C30D9AFC75", "55156FCD842A2CC421648C286DB79335E98E88FF88D30BADC857588FB7995139", "61FF6F10F0D76277F85A8A525D2C9989283AB04F3D830BEC0894CE78DF0624A3", "7EDB94BFBB09B175B9D9EB0AAAAB691B264C9156774980A04507F74668F108C9", "85861D4AF1E2B895DA9EEAC2B3BF2F2AB732A6FD5B0CCC36E9727CED5282ECCA", "88F3587B22B66042418FF189277EA7BC1A004E4B0D911699062E18728ADEAC9A", "8DE2E6E735F4C865DFF522FC1476032743D235229E5B6DE14A486A6D7ABC31A4", "8ECA6222D3C238F29A31FEE8DEAFD26C737F2975DCA8D95684CFF7F79AA0F358", "90246D34A2A9EC4005A1B788C09D0DF4366E66BC9D5DC5A39EEF5286DE79E161", "9304092E63FBA16253D493D2E1E4C422EF1498D05C9ADDCBBA838C3C29B1EF87", "9CD2C6345E843C9B70159A9582C1E971F7FD66680CA54D6DF0A794C36B729102", "A0AF964F99F6F1CA9CF2FBAB158E4F174891DFEE87F27BC64946EB7750486063", "A0EF1B53F76A87117F5A8C9A4208296020E4E538E12E58B3F85BF4F0ADDB481A", "A2BAC82E395F9C0C2BED37EEE45890A06C1C799AB1B521E972E4D70A5F31ECA7", "A5525E806C3BC29BE214997F5DF6164E4E0C046A575DE1E16DE595D33789AEE3", "A6CA3CD9F33BD687A0216486ED1C39CB8E3C63D1608D060DA9A4AE193481E9D3", "B1340D24CC010D0154CDFA55F2F704541845D2EAB55B6F14185B1E2157AA991A", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "B63E6539A425EB5AF33E03949CFE0D4340525E6C4EDC7F84EBBBB8743E8CB569", "B911DAD83AB3E0E974F19FDCB61519C2EA4B6F82CF730C3070BADC959C6F886C", "C034F4A93C7986F86B5276634B82B774DA1796B9A2CC2371DA4859670D82233E", "C43D155994DCCE177D270B3CE4624689119557653FF027D5D207B41DA93592F4", "C4DC813A93DA07F69C2F39C8B3E13C48A710AA685466181288E8A1BCC3CF3B55", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C7DD07DAD80496C03ABFD0EE55F04C1759F2915C9B0A8C1F66F87E8D2110B95B", "CA9DCF531A11B03DA139506DC9F6319E49C554DF0F64E8DEC99E49C30FB2656F", "D5ADF098FB3E5614108F7FCF78AA40B198A5F906A4707F01E1486D71B56D5BB5", "D6A278AD53F24F8C2A141B0CE86714271C028E265EA5E488D59254EE85EA8F0B", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "E27CF59C9E2E6C51C822E91F4392208E7D3759A654890A485CF9095C81FD8C05", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E51DDF73E3F5CD96B12560329D18889F698C09D96494E43FCCF428FEC32A1F2E", "E875BD367B07EF886594367B6124271F26577318CC2E30A778AF60122992A14B", "F68741984639CBFDDC49BE7EE9CA3EF2293637876A5B2F5F64E94096BF3B9AEA", "F6DD20E2A5E7EF327412295E91D769C6027CD2ECC3986ACAD58115C966FE6009"]}, {"type": "kaspersky", "idList": ["KLA11297", "KLA11327"]}, {"type": "mageia", "idList": ["MGASA-2018-0479"]}, {"type": "nessus", "idList": ["700680.PASL", "700689.PASL", "700695.PASL", "700707.PASL", "700708.PASL", "AL2_ALAS-2019-1192.NASL", "AL2_ALAS-2020-1402.NASL", "ALA_ALAS-2018-1055.NASL", "ALA_ALAS-2018-1056.NASL", "ALA_ALAS-2018-1099.NASL", "ALA_ALAS-2019-1208.NASL", "CENTOS8_RHSA-2019-1529.NASL", "CENTOS_RHSA-2019-0485.NASL", "CENTOS_RHSA-2019-2205.NASL", "DEBIAN_DLA-1453.NASL", "DEBIAN_DLA-1491.NASL", "DEBIAN_DLA-1544.NASL", "DEBIAN_DLA-1545.NASL", "DEBIAN_DLA-1703.NASL", "DEBIAN_DSA-4281.NASL", "DEBIAN_DSA-4452.NASL", "DEBIAN_DSA-4596.NASL", "EULEROS_SA-2019-1602.NASL", "EULEROS_SA-2019-1772.NASL", "EULEROS_SA-2019-1992.NASL", "EULEROS_SA-2019-2047.NASL", "EULEROS_SA-2019-2361.NASL", "EULEROS_SA-2019-2675.NASL", "FEDORA_2018-B1832101B8.NASL", "FEDORA_2019-DF57551F6D.NASL", "FREEBSD_PKG_71C71CE0080511EBA3A40019DBB15B3F.NASL", "JBOSS_EAP_RHSA-2019-1162.NASL", "NEWSTART_CGSL_NS-SA-2019-0059_TOMCAT.NASL", "OPENSUSE-2018-1019.NASL", "OPENSUSE-2018-1129.NASL", "OPENSUSE-2018-1276.NASL", "OPENSUSE-2018-1504.NASL", "OPENSUSE-2019-1547.NASL", "OPENSUSE-2019-1814.NASL", "OPENSUSE-2019-770.NASL", "OPENSUSE-2019-84.NASL", "OPENSUSE-2019-972.NASL", "ORACLELINUX_ELSA-2019-0485.NASL", "ORACLELINUX_ELSA-2019-1529.NASL", "ORACLE_NOSQL_CPU_OCT_2019.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2019.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2019.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2019_CPU.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2019.NBIN", "REDHAT-RHSA-2018-2868.NASL", "REDHAT-RHSA-2019-0131.NASL", "REDHAT-RHSA-2019-0451.NASL", "REDHAT-RHSA-2019-0485.NASL", "REDHAT-RHSA-2019-1107.NASL", "REDHAT-RHSA-2019-1108.NASL", "REDHAT-RHSA-2019-1160.NASL", "REDHAT-RHSA-2019-1161.NASL", "REDHAT-RHSA-2019-1529.NASL", "REDHAT-RHSA-2019-2205.NASL", "SL_20190313_TOMCAT_ON_SL7_X.NASL", "SL_20190806_TOMCAT_ON_SL7_X.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1463.NASL", "TOMCAT_7_0_89.NASL", "TOMCAT_7_0_91.NASL", "TOMCAT_8_0_53.NASL", "TOMCAT_8_5_32.NASL", "TOMCAT_8_5_34.NASL", "TOMCAT_9_0_10.NASL", "TOMCAT_9_0_11.NASL", "TOMCAT_9_0_9.NASL", "UBUNTU_USN-3723-1.NASL", "UBUNTU_USN-3787-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141568", "OPENVAS:1361412562310141569", "OPENVAS:1361412562310704281", "OPENVAS:1361412562310704452", "OPENVAS:1361412562310704596", "OPENVAS:1361412562310813742", "OPENVAS:1361412562310813743", "OPENVAS:1361412562310843599", "OPENVAS:1361412562310843656", "OPENVAS:1361412562310851897", "OPENVAS:1361412562310851962", "OPENVAS:1361412562310852045", "OPENVAS:1361412562310852172", "OPENVAS:1361412562310852253", "OPENVAS:1361412562310852554", "OPENVAS:1361412562310852640", "OPENVAS:1361412562310875012", "OPENVAS:1361412562310875539", "OPENVAS:1361412562310875653", "OPENVAS:1361412562310875658", "OPENVAS:1361412562310875739", "OPENVAS:1361412562310875780", "OPENVAS:1361412562310875809", "OPENVAS:1361412562310875836", "OPENVAS:1361412562310875944", "OPENVAS:1361412562310875964", "OPENVAS:1361412562310875998", "OPENVAS:1361412562310876032", "OPENVAS:1361412562310876132", "OPENVAS:1361412562310876185", "OPENVAS:1361412562310876215", "OPENVAS:1361412562310876220", "OPENVAS:1361412562310876248", "OPENVAS:1361412562310876257", "OPENVAS:1361412562310876270", "OPENVAS:1361412562310876291", "OPENVAS:1361412562310876556", "OPENVAS:1361412562310876830", "OPENVAS:1361412562310883022", "OPENVAS:1361412562310891453", "OPENVAS:1361412562310891491", "OPENVAS:1361412562310891544", "OPENVAS:1361412562310891545", "OPENVAS:1361412562310891703", "OPENVAS:1361412562311220191602", "OPENVAS:1361412562311220191772", "OPENVAS:1361412562311220191992", "OPENVAS:1361412562311220192047", "OPENVAS:1361412562311220192361", "OPENVAS:1361412562311220192675"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJUL2019", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-0485", "ELSA-2019-1529", "ELSA-2019-2205"]}, {"type": "osv", "idList": ["OSV:DLA-1453-1", "OSV:DLA-1491-1", "OSV:DLA-1544-1", "OSV:DLA-1545-1", "OSV:DLA-1703-1", "OSV:DSA-4281-1", "OSV:DSA-4452-1", "OSV:DSA-4596-1", "OSV:GHSA-46J3-R4PJ-4835", "OSV:GHSA-4GQ5-CH57-C2MG", "OSV:GHSA-4R8Q-GV9J-3XX6", "OSV:GHSA-5Q99-F34M-67GC", "OSV:GHSA-9MXF-G3X6-WV74", "OSV:GHSA-C27H-MCMW-48HV", "OSV:GHSA-C8HM-7HPQ-7JHG", "OSV:GHSA-F9HV-MG5H-XCW9", "OSV:GHSA-H4X4-5QP2-WP46", "OSV:GHSA-MX9V-GMH4-MGQW", "OSV:GHSA-X2W5-5M2G-7H5M"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163456"]}, {"type": "photon", "idList": ["PHSA-2018-0116", "PHSA-2018-2.0-0116"]}, {"type": "redhat", "idList": ["RHSA-2018:2867", "RHSA-2018:2868", "RHSA-2019:0130", "RHSA-2019:0131", "RHSA-2019:0450", "RHSA-2019:0451", "RHSA-2019:0485", "RHSA-2019:0782", "RHSA-2019:0877", "RHSA-2019:1106", "RHSA-2019:1107", "RHSA-2019:1108", "RHSA-2019:1140", "RHSA-2019:1159", "RHSA-2019:1160", "RHSA-2019:1161", "RHSA-2019:1162", "RHSA-2019:1529", "RHSA-2019:1782", "RHSA-2019:1797", "RHSA-2019:1822", "RHSA-2019:1823", "RHSA-2019:2205", "RHSA-2019:2804", "RHSA-2019:2858", "RHSA-2019:3002", "RHSA-2019:3140", "RHSA-2019:3149", "RHSA-2019:3892", "RHSA-2019:4037", "RHSA-2020:2564", "RHSA-2020:5568", "RHSA-2021:1230", "RHSA-2021:1515"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1000873", "RH:CVE-2018-11784", "RH:CVE-2018-14719", "RH:CVE-2018-14720", "RH:CVE-2018-14721", "RH:CVE-2018-19360", "RH:CVE-2018-19361", "RH:CVE-2018-19362", "RH:CVE-2018-8034", "RH:CVE-2019-10202"]}, {"type": "rocky", "idList": ["RLSA-2019:1529"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2740-1", "OPENSUSE-SU-2018:3054-1", "OPENSUSE-SU-2018:3453-1", "OPENSUSE-SU-2018:4042-1", "OPENSUSE-SU-2019:0084-1", "OPENSUSE-SU-2019:1547-1", "OPENSUSE-SU-2019:1814-1"]}, {"type": "symantec", "idList": ["SMNTC-105524", "SMNTC-107985", "SMNTC-110429", "SMNTC-110432", "SMNTC-110455", "SMNTC-1463", "SMNTC-1765"]}, {"type": "thn", "idList": ["THN:D761F7EF41472ED13C52BD3AF1E1F9BA"]}, {"type": "tomcat", "idList": ["TOMCAT:15BD868F3B05972CB1A45C65508CE8A7", "TOMCAT:19DF5AAB3C67D0C43C1BB8ACA9B2D28A", "TOMCAT:1CE79F1FB24CB690F26B87530FB0DBF3", "TOMCAT:316BBFD36680C310723B450E67676491", "TOMCAT:A5665B06E2A7BA0C22D9289FA9D00D16", "TOMCAT:B8F5059D8B59B7ED231B7109C5F8A6D8", "TOMCAT:E0D7CC4566625A34425D5CE3D847746F"]}, {"type": "ubuntu", "idList": ["USN-3723-1", "USN-3787-1", "USN-4813-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1000873", "UB:CVE-2018-11784", "UB:CVE-2018-14719", "UB:CVE-2018-14720", "UB:CVE-2018-14721", "UB:CVE-2018-19360", "UB:CVE-2018-19361", "UB:CVE-2018-19362", "UB:CVE-2018-8034"]}, {"type": "veracode", "idList": ["VERACODE:13097", "VERACODE:7124", "VERACODE:7565", "VERACODE:7649", "VERACODE:8091", "VERACODE:8093", "VERACODE:8102", "VERACODE:8105", "VERACODE:8106", "VERACODE:8107"]}, {"type": "zdt", "idList": ["1337DAY-ID-36545"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1055", "ALAS-2018-1056", "ALAS-2019-1208", "ALAS2-2019-1192", "ALAS2-2020-1402"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-67695", "ATLASSIAN:JSWSERVER-20705"]}, {"type": "avleonov", "idList": ["AVLEONOV:C33EB29E3A78720B630607BECBB3CEF5"]}, {"type": "centos", "idList": ["CESA-2019:0485"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0227"]}, {"type": "cisa", "idList": ["CISA:1F248E306735F9135C48F3F3143C4B37"]}, {"type": "cve", "idList": ["CVE-2018-11784", "CVE-2018-8034"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1453-1:5FFE9", "DEBIAN:DLA-1491-1:FF012", "DEBIAN:DLA-1544-1:3B057", "DEBIAN:DLA-1545-1:8712A", "DEBIAN:DLA-1703-1:D506D", "DEBIAN:DSA-4281-1:EC541"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-14719", "DEBIANCVE:CVE-2018-14720", "DEBIANCVE:CVE-2018-14721", "DEBIANCVE:CVE-2018-19360", "DEBIANCVE:CVE-2018-19361", "DEBIANCVE:CVE-2018-19362"]}, {"type": "exploitdb", "idList": ["EDB-ID:50118"]}, {"type": "f5", "idList": ["F5:K34468163"]}, {"type": "fedora", "idList": ["FEDORA:12DAE6051076", "FEDORA:2BBC46051742", "FEDORA:32EC36051065", "FEDORA:489136051065", "FEDORA:4DF45605106F", "FEDORA:62812605106F", "FEDORA:64CD76075F16", "FEDORA:67F5A6051068", "FEDORA:6BF9F60769FE", "FEDORA:6D39A60CC4DC", "FEDORA:7C4736051069", "FEDORA:82BA46051069", "FEDORA:957DA605174F", "FEDORA:9E3346051071", "FEDORA:B11A16051070", "FEDORA:B8E2D6051075", "FEDORA:C4FE16051044", "FEDORA:D1E836050C52", "FEDORA:E63546051071", "FEDORA:EC39E6051044"]}, {"type": "freebsd", "idList": ["71C71CE0-0805-11EB-A3A4-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-46J3-R4PJ-4835", "GHSA-4GQ5-CH57-C2MG", "GHSA-5Q99-F34M-67GC", "GHSA-9MXF-G3X6-WV74", "GHSA-C8HM-7HPQ-7JHG", "GHSA-F9HV-MG5H-XCW9", "GHSA-H4X4-5QP2-WP46", "GHSA-MX9V-GMH4-MGQW", "GHSA-X2W5-5M2G-7H5M"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "ibm", "idList": ["1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "3E1821B985C08682BCDEB3F7FE286DDE1E327BB3B965AB5445D931413229B237", "B911DAD83AB3E0E974F19FDCB61519C2EA4B6F82CF730C3070BADC959C6F886C", "C034F4A93C7986F86B5276634B82B774DA1796B9A2CC2371DA4859670D82233E", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "E51DDF73E3F5CD96B12560329D18889F698C09D96494E43FCCF428FEC32A1F2E"]}, {"type": "kaspersky", "idList": ["KLA11297", "KLA11327"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/RED_HAT-JBOSS_EAP-CVE-2019-10202/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1055.NASL", "ALA_ALAS-2018-1056.NASL", "DEBIAN_DLA-1453.NASL", "DEBIAN_DLA-1544.NASL", "DEBIAN_DLA-1545.NASL", "FREEBSD_PKG_71C71CE0080511EBA3A40019DBB15B3F.NASL", "OPENSUSE-2018-1019.NASL", "OPENSUSE-2018-1129.NASL", "REDHAT-RHSA-2018-2868.NASL", "UBUNTU_USN-3723-1.NASL", "UBUNTU_USN-3787-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141568", "OPENVAS:1361412562310141569", "OPENVAS:1361412562310813742", "OPENVAS:1361412562310813743", "OPENVAS:1361412562310843599", "OPENVAS:1361412562310851897", "OPENVAS:1361412562310875539", "OPENVAS:1361412562310875653", "OPENVAS:1361412562310875658", "OPENVAS:1361412562310875739", "OPENVAS:1361412562310875780", "OPENVAS:1361412562310875809", "OPENVAS:1361412562310875836", "OPENVAS:1361412562310875944", "OPENVAS:1361412562310875964", "OPENVAS:1361412562310875998", "OPENVAS:1361412562310876032", "OPENVAS:1361412562310876132", "OPENVAS:1361412562310876185", "OPENVAS:1361412562310876215", "OPENVAS:1361412562310876220", "OPENVAS:1361412562310876248", "OPENVAS:1361412562310876257", "OPENVAS:1361412562310876270", "OPENVAS:1361412562310876291", "OPENVAS:1361412562310883022", "OPENVAS:1361412562310891453", "OPENVAS:1361412562310891703"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-0485"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163456"]}, {"type": "photon", "idList": ["PHSA-2018-2.0-0116"]}, {"type": "redhat", "idList": ["RHSA-2019:0782", "RHSA-2019:1106", "RHSA-2019:1107", "RHSA-2019:1140", "RHSA-2019:1797"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-14719", "RH:CVE-2018-14721"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:2740-1", "OPENSUSE-SU-2018:3054-1"]}, {"type": "symantec", "idList": ["SMNTC-1463", "SMNTC-1765"]}, {"type": "thn", "idList": ["THN:D761F7EF41472ED13C52BD3AF1E1F9BA"]}, {"type": "tomcat", "idList": ["TOMCAT:19DF5AAB3C67D0C43C1BB8ACA9B2D28A"]}, {"type": "ubuntu", "idList": ["USN-3723-1", "USN-3787-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1000873", "UB:CVE-2018-11784", "UB:CVE-2018-14719", "UB:CVE-2018-14720", "UB:CVE-2018-14721", "UB:CVE-2018-19360", "UB:CVE-2018-19361", "UB:CVE-2018-19362", "UB:CVE-2018-8034"]}, {"type": "zdt", "idList": ["1337DAY-ID-36545"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-1000873", "epss": 0.00205, "percentile": 0.56971, "modified": "2023-05-06"}, {"cve": "CVE-2018-11784", "epss": 0.97477, "percentile": 0.99942, "modified": "2023-05-06"}, {"cve": "CVE-2018-14719", "epss": 0.01493, "percentile": 0.84884, "modified": "2023-05-06"}, {"cve": "CVE-2018-14720", "epss": 0.00696, "percentile": 0.7734, "modified": "2023-05-06"}, {"cve": "CVE-2018-14721", "epss": 0.01077, "percentile": 0.82141, "modified": "2023-05-06"}, {"cve": "CVE-2018-19360", "epss": 0.00691, "percentile": 0.77239, "modified": "2023-05-06"}, {"cve": "CVE-2018-19361", "epss": 0.00691, "percentile": 0.77239, "modified": "2023-05-06"}, {"cve": "CVE-2018-19362", "epss": 0.00691, "percentile": 0.77239, "modified": "2023-05-06"}, {"cve": "CVE-2018-2875", "epss": 0.00054, "percentile": 0.20509, "modified": "2023-05-06"}, {"cve": "CVE-2018-8034", "epss": 0.00843, "percentile": 0.79741, "modified": "2023-05-06"}, {"cve": "CVE-2019-2734", "epss": 0.00054, "percentile": 0.20509, "modified": "2023-05-06"}, {"cve": "CVE-2019-2909", "epss": 0.00089, "percentile": 0.36863, "modified": "2023-05-06"}, {"cve": "CVE-2019-2913", "epss": 0.00054, "percentile": 0.20509, "modified": "2023-05-06"}, {"cve": "CVE-2019-2939", "epss": 0.00054, "percentile": 0.20509, "modified": "2023-05-06"}, {"cve": "CVE-2019-2940", "epss": 0.00046, "percentile": 0.1285, "modified": "2023-05-06"}, {"cve": "CVE-2019-2954", "epss": 0.00046, "percentile": 0.1285, "modified": "2023-05-06"}, {"cve": "CVE-2019-2955", "epss": 0.00046, "percentile": 0.1285, "modified": "2023-05-06"}, {"cve": "CVE-2019-2956", "epss": 0.00059, "percentile": 0.23083, "modified": "2023-05-06"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1685049388, "score": 1698838580, "epss": 0}, "_internal": {"score_hash": "622def976d4e26d441829b906f038cf5"}, "pluginID": "130058", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130058);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/21\");\n\n script_cve_id(\n \"CVE-2018-2875\",\n \"CVE-2018-8034\",\n \"CVE-2018-11784\",\n \"CVE-2018-14719\",\n \"CVE-2018-14720\",\n \"CVE-2018-14721\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\",\n \"CVE-2018-1000873\",\n \"CVE-2019-2734\",\n \"CVE-2019-2909\",\n \"CVE-2019-2913\",\n \"CVE-2019-2939\",\n \"CVE-2019-2940\",\n \"CVE-2019-2954\",\n \"CVE-2019-2955\",\n \"CVE-2019-2956\"\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0379-S\");\n\n script_name(english:\"Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Database Server is missing the October 2019 Critical Patch Update (CPU). It is, therefore, affected\nby multiple vulnerabilities :\n\n - An unspecified vulnerability in the Java VM component of Oracle Database Server, which could allow an\n unauthenticated, remote attacker to manipulate Java VM accessible data. (CVE-2019-2909)\n\n - An unspecified vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server,\n which could allow an authenticated, remote attacker to cause a denial of serivce of Core RDBMS. (CVE-2019-2956)\n\n - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an\n authenticated, remote attacker to read a subset of Core RDBMS accessible data. (CVE-2019-2913)\n\nIt is also affected by additional vulnerabilities; see the vendor advisory for more information.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixDB\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb3a89d4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2019 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-14721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:database_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_rdbms_query_patch_info.nbin\", \"oracle_rdbms_patch_info.nbin\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_rdbms::get_app_info();\n\nvar constraints = [\n # RDBMS:\n {'min_version': '19.5', 'fixed_version': '19.5.0.0.191015', 'missing_patch':'30125133', 'os':'unix', 'component':'db'},\n {'min_version': '19.0', 'fixed_version': '19.5.0.0.191015', 'missing_patch':'30151705', 'os':'win', 'component':'db'},\n {'min_version': '19.4', 'fixed_version': '19.4.1.0.191015', 'missing_patch':'30080447', 'os':'unix', 'component':'db'},\n {'min_version': '19.0', 'fixed_version': '19.3.2.0.191015', 'missing_patch':'30087906', 'os':'unix', 'component':'db'},\n\n {'min_version': '18.8', 'fixed_version': '18.8.0.0.191015', 'missing_patch':'30112122', 'os':'unix', 'component':'db'},\n {'min_version': '18.0', 'fixed_version': '18.8.0.0.191015', 'missing_patch':'30150321', 'os':'win', 'component':'db'},\n {'min_version': '18.7', 'fixed_version': '18.7.0.0.191015', 'missing_patch':'30080518', 'os':'unix', 'component':'db'},\n {'min_version': '18.0', 'fixed_version': '18.6.0.0.191015', 'missing_patch':'30087881', 'os':'unix', 'component':'db'},\n\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.191015', 'missing_patch':'30087824, 30087848, 30138470', 'os':'unix', 'component':'db'},\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.191015', 'missing_patch':'30150416', 'os':'win', 'component':'db'},\n\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.191015', 'missing_patch':'29972716, 29918340', 'os':'unix', 'component':'db'},\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.191015', 'missing_patch':'30049606', 'os':'win', 'component':'db'},\n\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.191015', 'missing_patch':'29938470, 29938455, 29509309, 29913194, 30237239', 'os':'unix', 'component':'db'},\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.191015', 'missing_patch':'30151661', 'os':'win', 'component':'db'},\n\n # OJVM :\n {'min_version': '19.0', 'fixed_version': '19.5.0.0.191015', 'missing_patch':'30128191', 'os':'unix', 'component':'ojvm'},\n\n {'min_version': '18.0', 'fixed_version': '18.8.0.0.191015', 'missing_patch':'30133603', 'os':'unix', 'component':'ojvm'},\n\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.191015', 'missing_patch':'30133625', 'os':'unix', 'component':'ojvm'},\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.191015', 'missing_patch':'30268021', 'os':'win', 'component':'ojvm'},\n\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.191015', 'missing_patch':'30128197', 'os':'unix', 'component':'ojvm'},\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.191015', 'missing_patch':'30268189', 'os':'win', 'component':'ojvm'},\n\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.191015', 'missing_patch':'30132974', 'os':'unix', 'component':'ojvm'},\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.191015', 'missing_patch':'30268157', 'os':'win', 'component':'ojvm'}\n];\n\nvcf::oracle_rdbms::check_version_and_report(app_info:app_info, severity:SECURITY_HOLE, constraints:constraints);\n", "naslFamily": "Databases", "cpe": ["cpe:/a:oracle:database_server"], "solution": "Apply the appropriate patch according to the October 2019 Oracle Critical Patch Update advisory.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2018-19362", "vendor_cvss2": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "7.3"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-10-15T00:00:00", "vulnerabilityPublicationDate": "2019-10-15T00:00:00", "exploitableWith": []}

{"ibm": [{"lastseen": "2022-06-28T22:10:26", "description": "## Summary\n\nOracle Database Server (Publicly disclosed vulnerability) affects IBM Emptoris Supplier Lifecycle Mgmt.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS (jackson-databind) Oracle Database Server component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-2913](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-2875](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169193](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169193>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2909](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Supplier Lifecycle Mgmt| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| ** Versions Affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Supplier Lifecycle Mgmt| 10.1.0.x| [10.1.0.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Supplier+Lifecycle+Management&fixids=EMP-SLM_10.1.0.34&source=SAR> \"10.1.0.34\" ) \nIBM Emptoris Supplier Lifecycle Mgmt| 10.1.1.x| [10.1.1.33](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Supplier+Lifecycle+Management&fixids=EMP-SLM_10.1.1.33&source=SAR> \"10.1.1.33\" ) \nIBM Emptoris Supplier Lifecycle Mgmt| 10.1.3.x| [10.1.3.29](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Supplier+Lifecycle+Management&fixids=EMP-SLM_10.1.3.29&source=SAR> \"10.1.3.29\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n04 Jun 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYRC7\",\"label\":\"Emptoris Supplier Lifecycle Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-11T14:03:30", "type": "ibm", "title": "Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2875", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "modified": "2020-06-11T14:03:30", "id": "C43D155994DCCE177D270B3CE4624689119557653FF027D5D207B41DA93592F4", "href": "https://www.ibm.com/support/pages/node/6226370", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:12:59", "description": "## Summary\n\nOracle Database Server (Publicly disclosed vulnerability) affects IBM Emptoris Strategic Supply Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS (jackson-databind) Oracle Database Server component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-2913](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-2875](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169193](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169193>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2909](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Strategic Supply Management Platform| 10.1.0.x,10.1.1.x,10.1.3.x \n \n\n\n## Remediation/Fixes\n\n** Product Name**| ** Versions Affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Strategic Supply Management| 10.1.0.x| [10.1.0.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.0.34&source=SAR> \"10.1.0.34\" ) \nIBM Emptoris Strategic Supply Management| 10.1.1.x| [10.1.1.33](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.1.33&source=SAR> \"10.1.1.33\" ) \nIBM Emptoris Strategic Supply Management| 10.1.3.x| [10.1.3.29](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.3.29&source=SAR> \"10.1.3.29\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n01 Jun 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ72\",\"label\":\"Emptoris Strategic Supply Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-11T14:11:50", "type": "ibm", "title": "Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2875", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "modified": "2020-06-11T14:11:50", "id": "E875BD367B07EF886594367B6124271F26577318CC2E30A778AF60122992A14B", "href": "https://www.ibm.com/support/pages/node/6226374", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:07:55", "description": "## Summary\n\nOracle Database Server (Publicly disclosed vulnerability) affects IBM Emptoris Contract Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS (jackson-databind) Oracle Database Server component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-2913](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-2875](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169193](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169193>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2909](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Contract Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n## Remediation/Fixes\n\n**Product Name **| ** Versions Affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Contract Management| 10.1.0.x| [10.1.0.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.0.34&source=SAR> \"10.1.0.34\" ) \nIBM Emptoris Contract Management| 10.1.1.x| [10.1.1.33](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.1.33&source=SAR> \"10.1.1.33\" ) \nIBM Emptoris Contract Management| 10.1.3.x| [10.1.3.29](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.3.29&source=SAR> \"10.1.3.29\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n04 Jun 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ89\",\"label\":\"Emptoris Contract Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-11T14:09:11", "type": "ibm", "title": "Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2875", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "modified": "2020-06-11T14:09:11", "id": "3186DEE9AA9FC941B0D671333A8B344358B5DFEC2854CD67C9E38040DAD9FB71", "href": "https://www.ibm.com/support/pages/node/6226372", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:05:21", "description": "## Summary\n\nOracle Database Server (Publicly disclosed vulnerability) affects IBM Emptoris Sourcing.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS (jackson-databind) Oracle Database Server component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-2913](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-2875](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169193](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169193>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2909](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Sourcing| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name**| Versions Affected| Remediation iFix or fix pack \n---|---|--- \nIBM Emptoris Sourcing| 10.1.0.x| [10.1.0.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.0.34&source=SAR> \"10.1.0.34\" ) \nIBM Emptoris Sourcing| 10.1.1.x| [10.1.1.33](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.1.33&source=SAR> \"10.1.1.33\" ) \nIBM Emptoris Sourcing| 10.1.3.x| [10.1.3.29](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.3.29&source=SAR> \"10.1.3.29\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n27 May 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYR8W\",\"label\":\"Emptoris Sourcing\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-11T11:59:07", "type": "ibm", "title": "Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2875", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "modified": "2020-06-11T11:59:07", "id": "B911DAD83AB3E0E974F19FDCB61519C2EA4B6F82CF730C3070BADC959C6F886C", "href": "https://www.ibm.com/support/pages/node/6226296", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:08:00", "description": "## Summary\n\nOracle Database Server (Publicly disclosed vulnerability) affects IBM Emptoris Program Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2734>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2954>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2955>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base score: 3.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169261](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169261>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-2956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2956>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS (jackson-databind) Oracle Database Server component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-2913](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2913>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2939>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-2875](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2875>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169193](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169193>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-2940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2940>) \n** DESCRIPTION: **An unspecified vulnerability in component related to the Core RDBMS Oracle Database Server component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2909](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2909>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Program Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n## Remediation/Fixes\n\n**Product Name **| ** Versions Affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Program Management| 10.1.0.x| [10.1.0.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.0.34&source=SAR> \"10.1.0.34\" ) \nIBM Emptoris Program Management | 10.1.1.x| [10.1.1.33](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.1.33&source=SAR> \"10.1.1.33\" ) \nIBM Emptoris Program Management | 10.1.3.x| [10.1.3.29](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_Manager_10.1.3.29&source=SAR> \"10.1.3.29\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n26 May 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYRER\",\"label\":\"Emptoris Program Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-06-10T07:21:59", "type": "ibm", "title": "Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2875", "CVE-2019-2734", "CVE-2019-2909", "CVE-2019-2913", "CVE-2019-2939", "CVE-2019-2940", "CVE-2019-2954", "CVE-2019-2955", "CVE-2019-2956"], "modified": "2020-06-10T07:21:59", "id": "C4DC813A93DA07F69C2F39C8B3E13C48A710AA685466181288E8A1BCC3CF3B55", "href": "https://www.ibm.com/support/pages/node/6222742", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:47:19", "description": "## Summary\n\nIBM Event Streams has addressed the following vulnerabilities\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n**DESCRIPTION: ** FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154804> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n\n\n**CVEID:**[ ](<https://vulners.com/cve/CVE-2018-14720>)[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n**DESCRIPTION:** An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155091> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n**DESCRIPTION:** An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155092> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n**DESCRIPTION:** An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\nCVE-ID: [CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \nDescription: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155138> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \nCVE-ID: [CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \nDescription: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155139> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \nCVE-ID: [CVE-2018-1472](<https://vulners.com/cve/CVE-2018-14720>)0 \nDescription: FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155137> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \nCVE-ID: [CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \nDescription: FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155136> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Event Streams 2018.3.0\n\nIBM Event Streams 2018.3.1\n\n## Remediation/Fixes\n\nUpgrade to IBM Event Streams 2019.1.1 which is available from [Passport Advantage](<https://www.ibm.com/software/passportadvantage/>).\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-04-26T16:00:01", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-1472", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-04-26T16:00:01", "id": "4A1C188763F3119FDB44FDF3400E538CC823B6DC1E41575318DE1B1E213CBE04", "href": "https://www.ibm.com/support/pages/node/876544", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:49:05", "description": "## Summary\n\nMultiple vulnerabilities affect IBM Cloud Object Storage SDK Java. These vulnerabilities have been addressed in the latest SDK Java releases.\n\n## Vulnerability Details\n\nCVE-ID: CVE-2018-19362 \nDescription: An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155093> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\nCVE-ID: CVE-2018-19361 \nDescription: An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155092> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\nCVE-ID: CVE-2018-19360 \nDescription: An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155091> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\nCVE-ID: CVE-2018-1000873 \nDescription: FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/154804> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nCVE-ID | Affected SDK Releases \n---|--- \nCVE-2018-19362 | IBM COS SDK Java releases prior to 2.4.2 \nCVE-2018-19361 | IBM COS SDK Java releases prior to 2.4.2 \nCVE-2018-19360 | IBM COS SDK Java releases prior to 2.4.2 \nCVE-2018-1000873 | IBM COS SDK Java releases prior to 2.4.2 \n \n## Remediation/Fixes\n\n**_IBM COS SDK Releases_** | **_Link to Fix / Fix Availability Target_** \n---|--- \n[SDK Java 2.4.2](<https://github.com/IBM/ibm-cos-sdk-java/tree/2.4.2>) | \n\nhttps://github.com/IBM/ibm-cos-sdk-java/tree/2.4.2 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-01T00:05:02", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage SDK Java (Feb 2019, updated)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-03-01T00:05:02", "id": "0C49DC7FF9688CB3C8974272755591BF1B851989940E674D2850C0DB0FAA67A4", "href": "https://www.ibm.com/support/pages/node/871810", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:48:57", "description": "## Summary\n\nFasterXML Jackson library is shipped as a component of IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Transformer for Message Bus Integration. Information about security vulnerabilities affecting FasterXML Jackson library has been published. \n \nThe Netcool/OMNIbus Common Integration Libraries are dependencies of the following Netcool/OMNIbus Integrations: \n\\- Gateway for Message Bus \n\\- Probe for Message Bus \n\\- Generic Probe for Multi-Technology Operations Systems Interface (MTOSI) \n\\- Probe for HPE Operations Manager i \n\\- Probe for Cisco APIC \n\\- Probe for Juniper Contrail \n\\- Probe for Huawei U2000 (JMS)\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n**DESCRIPTION: ** An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155091> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n**DESCRIPTION: ** An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155092> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n**DESCRIPTION: ** An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155093> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n**DESCRIPTION: ** FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154804> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected component**\n\n| **Version** \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library | common-transportmodule-15_0 up to and including common-transportmodule-19_0 \nIBM Tivoli Netcool/OMNIbus Integration - Transformer for Message Bus Integration | common-transformer-8_0 \n \n## Remediation/Fixes\n\n**Updated component**\n\n| **Version** \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library | [common-transportmodule-20_0](<https://www-01.ibm.com/support/docview.wss?uid=swg21698166>) \nIBM Tivoli Netcool/OMNIbus Integration - Transformer for Message Bus Integration | [common-transformer-9_0](<http://www-01.ibm.com/support/docview.wss?uid=swg21665222>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-05T09:30:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities have been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-1000873)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-03-05T09:30:01", "id": "F6DD20E2A5E7EF327412295E91D769C6027CD2ECC3986ACAD58115C966FE6009", "href": "https://www.ibm.com/support/pages/node/874334", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:46:27", "description": "## Summary\n\nMultiple vulnerabilities in jackson-databind affect IBM Global High Availability Mailbox (CVE-2018-1000873, CVE-2018-14719, CVE-2018-14718, CVE-2018-14720, CVE-2018-14721)\n\n## Vulnerability Details\n\nCVEID: [CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \nDESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154804> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\nCVE-ID: [CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \nDescription: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155138> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\nCVE-ID: [CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \nDescription: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155139> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\nCVE-ID: [CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \nDescription: FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155137> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\nCVE-ID: [CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \nDescription: FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/155136> for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Global High Availability Mailbox 1.0.0.4, 1.0.0.5, 6.0.0\n\n## Remediation/Fixes\n\nThe remediation to this issue is to upgrade to IBM Global High Availability Mailbox [6.0.1](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FSterling+B2B+Integrator&fixids=6.0.1.0-OtherSoftware-B2Bi-All&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-05-24T15:35:01", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Jackson-Databind Affect IBM Global High Availability Mailbox", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721"], "modified": "2019-05-24T15:35:01", "id": "A6CA3CD9F33BD687A0216486ED1C39CB8E3C63D1608D060DA9A4AE193481E9D3", "href": "https://www.ibm.com/support/pages/node/884520", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:45:59", "description": "## Summary\n\nMultiple vulnerabilities exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony 7.2.1, 7.2.0.2, and 7.1.2, and IBM Platform Symphony 7.1.1 and 7.1 Fix Pack 1. Interim fixes that provide instructions on upgrading Jackson databind, core, and annotations to version 2.9.8 (which resolves these vulnerabilities) are available on IBM Fix Central. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n**DESCRIPTION:** FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155136> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155137> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155139> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155138> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Spectrum Symphony 7.2.1, 7.2.0.2, and 7.1.2\n\nIBM Platform Symphony 7.1.1 and 7.1 Fix Pack 1\n\n## Remediation/Fixes\n\nDownload the interim fixes that correspond to your product version from IBM Fix Central, then follow the steps in the accompanying readme to apply the interim fix on Linux x86_64 hosts in your cluster:\n\nIBM Spectrum Symphony 7.2.1 (x86_64) | [sym-7.2.1-build521112](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.1-build521112&includeSupersedes=0>) \n---|--- \nIBM Spectrum Symphony 7.2.0.2 (x86_64) | [sym-7.2.0.2-build521104](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.0.2-build521104&includeSupersedes=0>) \nIBM Spectrum Symphony 7.1.2 (x86_64) | [sym-7.1.2-build521103](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1.2-build521103&includeSupersedes=0>) \nIBM Platform Symphony 7.1.1 (x86_64) | \n\n[sym-7.1.1-build521102](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Platform+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1.1-build521102&includeSupersedes=0>) \n \nIBM Platform Symphony 7.1 Fix Pack 1 (x86_64) | [sym-7.1-build521096](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Platform+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.1-build521096&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-06-19T17:05:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721"], "modified": "2019-06-19T17:05:01", "id": "5103EF573939B8BBFF52DFBA2301C37020104694D7728D02C7FDA9C30D9AFC75", "href": "https://www.ibm.com/support/pages/node/888039", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:54:10", "description": "## Summary\n\nThere are some vulnerabilities in the Jackson-Databind library that affects IBM Engineering Lifecycle Optimization - Publishing\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-5968](<https://vulners.com/cve/CVE-2018-5968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By using two different gadgets that bypass a blocklist, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12023](<https://vulners.com/cve/CVE-2018-12023>) \n** DESCRIPTION: **An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12022](<https://vulners.com/cve/CVE-2018-12022>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when the Default Typing is enabled. By sending a specially-crafted request in LDAP service, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-17485](<https://vulners.com/cve/CVE-2017-17485>) \n** DESCRIPTION: **Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the default-typing feature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137340](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137340>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15095](<https://vulners.com/cve/CVE-2017-15095>) \n** DESCRIPTION: **Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue() method of the ObjectMapper. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nPUB| 7.0 \nRPE| 6.0.6.1 \nRPE| 6.0.6 \n \n \n\n\n## Remediation/Fixes\n\nFor IBM Engineering Lifecycle Optimization - Publishing 6.0.2 - 7.0, a fix is available by upgrading to\n\n7.0 iFix003 or latest \n[IBM Engineering Lifecycle Optimization - Publishing iFix003](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Optimization+-+Publishing&release=7.0.0.0&platform=All&function=all> \"IBM Engineering Lifecycle Optimization - Publishing iFix003\" ) \n\n\n6.0.6.1 iFix011 or latest \n[Rational Publishing Engine 6.0.6.1 iFix011](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/IBM+Rational+Publishing+Engine&release=6.0.6.1&platform=Windows&function=all> \"Rational Publishing Engine 6.0.6.1 iFix011\" ) \n \n6.0.6 iFix017 or latest \n[Rational Publishing Engine 6.0.6 iFix017](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/IBM+Rational+Publishing+Engine&release=6.0.6&platform=Windows&function=all> \"Rational Publishing Engine 6.0.6 iFix016\" ) \n \n \nFor any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \nIf the iFix is not found in the iFix Portal please contact IBM support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-07-07T17:41:59", "type": "ibm", "title": "Security Bulletin: Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-7489"], "modified": "2020-07-07T17:41:59", "id": "A2BAC82E395F9C0C2BED37EEE45890A06C1C799AB1B521E972E4D70A5F31ECA7", "href": "https://www.ibm.com/support/pages/node/6244628", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:43:06", "description": "## Summary\n\nIBM Security Guardium has addressed the following vulnerabilities. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n**DESCRIPTION:** FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155136> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155137> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155139> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/155138> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected IBM Security Guardium **\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Security Guardium | 10.0 - 10.6 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium | 10.0-10.6 | https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p630_Bundle_Sep-25-2019&includeSupersedes=0&source=fc \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-10-01T19:20:25", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by a jackson-databind vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721"], "modified": "2019-10-01T19:20:25", "id": "3E1821B985C08682BCDEB3F7FE286DDE1E327BB3B965AB5445D931413229B237", "href": "https://www.ibm.com/support/pages/node/888271", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-15T14:12:32", "description": "## Summary\n\nMultiple security vulnerabilities affect components used by the following products that may affect those products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), IBM Rhapsody Model Manager and Rational Software Architect Design Manager (RSA DM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-4457](<https://vulners.com/cve/CVE-2019-4457>) \n** DESCRIPTION: **IBM Jazz Foundation could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blocklist that is ineffective if the c3p0 libraries are available in the classpath. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-5968](<https://vulners.com/cve/CVE-2018-5968>) \n** DESCRIPTION: **FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blocklist. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12023](<https://vulners.com/cve/CVE-2018-12023>) \n** DESCRIPTION: **An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n** DESCRIPTION: **Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-17485](<https://vulners.com/cve/CVE-2017-17485>) \n** DESCRIPTION: **FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blocklist that is ineffective if the Spring libraries are available in the classpath. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137340](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137340>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15095](<https://vulners.com/cve/CVE-2017-15095>) \n** DESCRIPTION: **A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blocklisting more classes that could be used maliciously. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCLM| 6.0.6.1 \nCLM| 6.0.6 \nCLM| 6.0.2 \n \n\n\n## Remediation/Fixes\n\nFor the 6.0 - 6.0.6.1 releases: \n\n * Upgrade to version 6.0.6.1 iFix006 or later \n * [Rational Collaborative Lifecycle Management 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6.1&platform=All&function=all>)\n * [Rational Quality Manager 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.6.1&platform=All&function=all>)\n * [Rational Team Concert 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.6.1&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * IBM Rhapsody Model Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.6.1 and install server from [CLM 6.0.6.1 iFix006](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6.1&platform=All&function=all>)\n * Or Upgrade to version 6.0.6 iFix014 or later \n * [Rational Collaborative Lifecycle Management 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6&platform=All&function=all>)\n * [Rational Quality Manager 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.6&platform=All&function=all>)\n * [Rational Team Concert 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.6&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * IBM Rhapsody Model Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.6 and install server from [CLM 6.0.6 iFix014](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Or upgrade to version 6.0.2 iFix023 or later \n * [Rational Collaborative Lifecycle Management 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * [Rational Team Concert 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.2&platform=All&function=all>)\n * [Rational Quality Manager 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.2&platform=All&function=all>)\n * [Rational DOORS Next Generation 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.2&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.2 and install server from [CLM 6.0.2 iFix023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n \nFor any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \nIf the iFix is not found in the Fix Portal please contact IBM Support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-28T18:35:50", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525", "CVE-2018-1000873", "CVE-2018-12023", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-7489", "CVE-2019-4457"], "modified": "2021-04-28T18:35:50", "id": "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "href": "https://www.ibm.com/support/pages/node/2867997", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:46:33", "description": "## Summary\n\nRational DOORS Web Access has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-8034](<https://vulners.com/cve/CVE-2018-8034>) \n**DESCRIPTION: ** Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a missing host name verification when using TLS with the WebSocket client. An attacker could exploit this vulnerability to bypass security constraints to access restricted resources. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147211> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION: ** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nRational DOORS Web Access: 9.5.0 - 9.5.0.8 \nRational DOORS Web Access: 9.5.1 - 9.5.1.10 \nRational DOORS Web Access: 9.5.2 - 9.5.2.9 \nRational DOORS Web Access: 9.6.0 - 9.6.0.8 \nRational DOORS Web Access: 9.6.1 - 9.6.1.11\n\n## Remediation/Fixes\n\nUpgrade to the version of Apache Tomcat shown in the table below. You can upgrade Apache Tomcat after installing Rational DOORS Web Access.\n\nThe following table presents Rational DOORS Web Access versions and the released versions of Apache Tomcat.\n\n**Rational DOORS Web Access** | **Apache Tomcat** \n---|--- \n9.5.0 - 9.5.0.8 | [7.0.91](<http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin>) \n9.5.1 - 9.5.1.10 | [7.0.91](<http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin>) \n9.5.2 - 9.5.2.9 | [7.0.91](<http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin>) \n9.6.0 - 9.6.0.8 | [7.0.91](<http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin>) \n9.6.1 - 9.6.1.11 | [7.0.91](<http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.91/bin>) \n \n_For versions of Rational DOORS Web Access that are earlier than version 9.5.0.x, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n**Procedure:**\n\n 1. Download the required version of Apache Tomcat or later core zip file from the Apache or [Tomcat 7](<http://archive.apache.org/dist/tomcat/tomcat-7/>) Archive download site. For example: \napache-tomcat-7.0.91-windows-x64.zip \napache-tomcat-7.0.91-windows-x86.zip \napache-tomcat-7.0.91.tar.gz \n\n 2. Go to the Rational DOORS Web Access installation directory. \nFor example: \nC:\\Program Files\\IBM\\Rational\\DOORS Web Access\\9.version \n\n 3. Rename the **server** directory to **server.orig**. \n\n 4. Extract the downloaded Apache Tomcat core compressed file to **./server** in the Rational DOORS Web Access installation directory. \n\n 5. Delete the contents of the **./server/webapps** folder \n\n 6. Copy the following jar files from your **./server.orig/lib** directory to **./server/lib** \ncommons-logging-1.1.x.jar \ndwa-catalina.jar \nlog4j-1.2.x.jar \nlog4j.properties \n\n 7. Remove the following jar files from the **./server/lib** directory \ntomcat7-websocket.jar \nwebsocket-api.jar \n\n 8. Copy your **./server.orig/festival** directory to **./server/festival**. \n\n 9. Copy the **./server.orig/conf/server.xml** file to **./server/conf/server.xml**. \n\n 10. Copy **./server.orig/webapps/*.war** to **./server/webapps**. \n\n 11. **Optional**: Copy any customized files from the **./server.orig** directory to **./server**. \n\n 12. **UNIX systems only:** Run the **./configure-festival.sh** command, as described in the help topic [Installing the web access server and the web access broker on Linux or Solaris systems](<https://www-01.ibm.com/support/knowledgecenter/SSYQBZ_9.6.0/com.ibm.rational.dwa.install.doc/topics/t_instdwasandbunix.html>).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-23T17:25:01", "type": "ibm", "title": "Security Bulletin: Rational DOORS Web Access is affected by Apache Tomcat vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8034"], "modified": "2018-10-23T17:25:01", "id": "7EDB94BFBB09B175B9D9EB0AAAAB691B264C9156774980A04507F74668F108C9", "href": "https://www.ibm.com/support/pages/node/735863", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-22T01:47:02", "description": "## Summary\n\nIBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v7. \n\n\n## Vulnerability Details\n\nCVEID: [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \nDESCRIPTION: Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\nCVEID: [CVE-2018-8034](<https://vulners.com/cve/CVE-2018-8034>) \nDESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a missing host name verification when using TLS with the WebSocket client. An attacker could exploit this vulnerability to bypass security constraints to access restricted resources. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147211> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nWebSphere Cast Iron v 7.0.0.0, v 7.0.0.1 and v 7.0.0.2.\n\nWebSphere Cast Iron v 7.5.0.0, v 7.5.0.1 and v 7.5.1.0.\n\nApp Connect Professional v7.5.2.0.\n\n## Remediation/Fixes\n\n_Product_ | _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance | 7.5.0.0, 7.5.0.1, 7.5.1.0 | LI80509 | [iFix 7.5.1.0-CUMUIFIX-023](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.5.1.0&platform=All&function=fixId&fixids=7.5.1.0-WS-WCI-20181229-1802_H7_64-CUMUIFIX-023.scrypt2,7.5.1.0-WS-WCI-20181229-1802_H7_64-CUMUIFIX-023.vcrypt2,7.5.1.0-WS-WCI-20181229-1802_H7_64-CUMUIFIX-023.docker&includeSupersedes=0>) \nCast Iron Appliance | 7.0.0.0, 7.0.0.1, 7.0.0.2 | LI80509 | [iFix 7.0.0.2-CUMUIFIX-044](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20181229-1801_H8_64-CUMUIFIX-044.scrypt2,7.0.0.2-WS-WCI-20181229-1801_H8_64-CUMUIFIX-044.vcrypt2&includeSupersedes=0>) \nApp Connect Professional | 7.5.2.0 | LI80509 | [iFix 7.5.2.0-CUMUIFIX-013](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm%2FWebSphere%2FApp+Connect+Professional&release=7.5.2.0&platform=All&function=fixId&fixids=7.5.2.0-WS-ACP-20181229-1800_H15_64-CUMUIFIX-013.vcrypt2,7.5.2.0-WS-ACP-20181214-1504_H15_64-CUMUIFIX-013.docker&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-04T13:05:02", "type": "ibm", "title": "Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2018-11784, CVE-2018-8034)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8034"], "modified": "2019-02-04T13:05:02", "id": "3012BB3E52EE4606C8FA9F7A269A5447E9F7AA98164D91790578CF490FC3EC84", "href": "https://www.ibm.com/support/pages/node/793575", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:53:21", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n** DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-16943](<https://vulners.com/cve/CVE-2019-16943>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the p6spy class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariDataSource. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-16942](<https://vulners.com/cve/CVE-2019-16942>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the commons-dbcp class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-11307](<https://vulners.com/cve/CVE-2018-11307>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an issue when untrusted content is deserialized with default typing enabled. By sending specially-crafted content over FTP, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.1 \nIBM Sterling B2B Integrator| 5.2.0.0 - 5.2.6.5_1 \n \n\n\n## Remediation/Fixes\n\n** Product & Version**| ** Remediation & Fix** \n---|--- \n5.2.0.0 - 6.2.6.5_1| Apply IBM Sterling B2B Integrator version 5.2.6.5_2 and 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n6.0.0.0 - 6.0.3.1| Apply IBM Sterling B2B Integrator version 6.0.3.2 on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-07-24T17:07:55", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531"], "modified": "2020-07-24T17:07:55", "id": "E51DDF73E3F5CD96B12560329D18889F698C09D96494E43FCCF428FEC32A1F2E", "href": "https://www.ibm.com/support/pages/node/6209691", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-25T14:25:13", "description": "## Summary\n\nThere are vulnerabilities in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-11307](<https://vulners.com/cve/CVE-2018-11307>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an issue when untrusted content is deserialized with default typing enabled. By sending specially-crafted content over FTP, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariDataSource. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12023](<https://vulners.com/cve/CVE-2018-12023>) \n** DESCRIPTION: **An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14439](<https://vulners.com/cve/CVE-2019-14439>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue when Default Typing is enabled. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-12022](<https://vulners.com/cve/CVE-2018-12022>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when the Default Typing is enabled. By sending a specially-crafted request in LDAP service, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-5968](<https://vulners.com/cve/CVE-2018-5968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By using two different gadgets that bypass a blocklist, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-12384](<https://vulners.com/cve/CVE-2019-12384>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the logback-core class from polymorphic deserialization. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162849](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162849>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-12086](<https://vulners.com/cve/CVE-2019-12086>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a Polymorphic Typing issue that occurs due to missing com.mysql.cj.jdbc.admin.MiniAdmin validation. By sending a specially-crafted JSON message, a remote attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nLog Analysis| 1.3.1 \nLog Analysis| 1.3.2 \nLog Analysis| 1.3.3 \nLog Analysis| 1.3.4 \nLog Analysis| 1.3.5 \nLog Analysis| 1.3.6 \n \n \n \n\n\n \n\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s) :| Fix details \n---|--- \nIBM Operations Analytics - Log Analysis version 1.3.x| Upgrade to Log Analysis version 1.3.7 \n\nDownload the 1.3.7-TIV-IOALA-FP [here](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&release=1.3.7&platform=All&function=all> \"here\" ). \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-16T15:32:23", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-16335"], "modified": "2021-04-16T15:32:23", "id": "CA9DCF531A11B03DA139506DC9F6319E49C554DF0F64E8DEC99E49C30FB2656F", "href": "https://www.ibm.com/support/pages/node/6444089", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:55:16", "description": "## Summary\n\nIBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerabilities. Jackson-databind-2.8.11.2 library has known vulnerabilities in IBM Identity Governance and Intelligence.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-12086](<https://vulners.com/cve/CVE-2019-12086>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a Polymorphic Typing issue that occurs due to missing com.mysql.cj.jdbc.admin.MiniAdmin validation. By sending a specially-crafted JSON message, a remote attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-12384](<https://vulners.com/cve/CVE-2019-12384>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the logback-core class from polymorphic deserialization. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162849](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162849>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14439](<https://vulners.com/cve/CVE-2019-14439>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue when Default Typing is enabled. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariDataSource. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-16942](<https://vulners.com/cve/CVE-2019-16942>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the commons-dbcp class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16943](<https://vulners.com/cve/CVE-2019-16943>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the p6spy class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n** DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Identity Governance and Intelligence| 5.2.6 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)\n\n| \n\nVersion(s)\n\n| \n\nFirst Fix \n \n---|---|--- \n \nIBM Security Identity Governance and Intelligence\n\n| \n\n5.2.6\n\n| \n\n[5.2.6.0-ISS-SIGI-FP0001](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.6.0&platform=All&function=all> \"5.2.6.0-ISS-SIGI-FP0001\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-05-29T15:44:58", "type": "ibm", "title": "Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531"], "modified": "2020-05-29T15:44:58", "id": "C034F4A93C7986F86B5276634B82B774DA1796B9A2CC2371DA4859670D82233E", "href": "https://www.ibm.com/support/pages/node/6217807", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:45:57", "description": "## Summary\n\nA third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. \n\n## Vulnerability Details\n\n**CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n**DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nmobile sdk | 1405 \n \n## Remediation/Fixes\n\nUpdated version can be download from the IBM Trusteer Customer Portal\n\n<https://trusteersupport.force.com/Support>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-03-02T15:42:06", "type": "ibm", "title": "Security Bulletin: Android Mobile SDK compile builder includes vulnerable components", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-19361", "CVE-2018-7489", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-17531"], "modified": "2021-03-02T15:42:06", "id": "A0EF1B53F76A87117F5A8C9A4208296020E4E538E12E58B3F85BF4F0ADDB481A", "href": "https://www.ibm.com/support/pages/node/6410462", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-05T22:57:09", "description": "## Summary\n\nSecurity Bulletin: IBM Maximo Asset Management is vulnerable to Multiple Jackson-Databind CVEs - February 2020\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n**DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2017-7525](<https://vulners.com/cve/CVE-2017-7525>) \n**DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw within the Jackson JSON library in the readValue method of the ObjectMapper. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/134639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/134639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2017-17485](<https://vulners.com/cve/CVE-2017-17485>) \n**DESCRIPTION: **Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the default-typing feature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137340](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137340>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n**DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n**DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n**DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n**DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2018-5968](<https://vulners.com/cve/CVE-2018-5968>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By using two different gadgets that bypass a blocklist, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2017-15095](<https://vulners.com/cve/CVE-2017-15095>) \n**DESCRIPTION: **Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue() method of the ObjectMapper. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-12023](<https://vulners.com/cve/CVE-2018-12023>) \n**DESCRIPTION: **An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID: ** [CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n**DESCRIPTION:** A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/167205> for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions of the IBM Maximo Asset Management core product. Older versions of Maximo Asset Management may be impacted. The recommended action is to update to the latest version.\n\n**Maximo Asset Management core product versions affected:**\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Maximo Asset Management | 7.6.0 \nIBM Maximo Asset Management | 7.6.1 \n \n**Industry Solutions products affected if using an affected core version:** \nMaximo for Aviation \nMaximo for Life Sciences \nMaximo for Nuclear Power \nMaximo for Oil and Gas \nMaximo for Transportation \nMaximo for Utilities \n \n**IBM Control Desk products affected if using an affected core version:** \nSmartCloud Control Desk \nIBM Control Desk \nTivoli Integration Composer \n \n* To determine the core product version, log in and view System Information. The core product version is the \"Tivoli's process automation engine\" version. Please consult the [Product Coexistence Matrix](<https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/IBM%20Maximo%20Asset%20Management/page/Product%20compatibility>) for a list of supported product combinations.\n\n## Remediation/Fixes\n\nThe recommended solution is to download the appropriate Interim Fix or Fix Pack from Fix Central (What is Fix Central?) and apply for each affected product as soon as possible. Please see below for information on the fixes available for each product, version, and release. Follow the installation instructions in the \u2018readme\u2019 documentation provided with each fix pack or interim fix.\n\n**For Maximo Asset Management 7.6:**\n\nVRM | Fix Pack, Feature Pack, or Interim Fix | Download \n---|---|--- \n7.6.1.2 | Maximo Asset Management 7.6.1.2 Feature Pack: \n[7.6.1.2-TIV-MAMMT-FP002](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.1&platform=All&function=fixId&fixids=7.6.1.2-TIV-MAMMT-FP002&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp> \"7.6.1.2-TIV-MAMMT-FP002\" ) or latest Interim Fix available | [FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FIBM+Maximo+Asset+Management&fixids=7.6.1.2-TIV-MAMMT-FP002&source=SARhttps://w3.ibm.com&function=fixId&parent=ibm/Tivoli> \"FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-01T12:38:26", "type": "ibm", "title": "Security Bulletin: IBM Maximo Asset Management is vulnerable to Multiple Jackson-Databind CVEs - February 2020", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525", "CVE-2018-12023", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-7489", "CVE-2019-12814", "CVE-2019-14540", "CVE-2019-16335", "CVE-2019-17267"], "modified": "2022-03-01T12:38:26", "id": "11AC7F14B60A5C486180C6662F02676A29D51924B42EC510A55CFB87D09F8654", "href": "https://www.ibm.com/support/pages/node/6340251", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-05T22:27:53", "description": "## Summary\n\nIBM B2B Advanced Communications has addressed vulnerabilities in jackson-databind shipped with product.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **Multiple Huawei products could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data without proper validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM B2B Advanced Communications| 1.0.0.x \nIBM Multi-Enterprise Integration Gateway| 1.0.0.1 \n \n\n\n## Remediation/Fixes\n\nIBM strongly suggests the following remediation / fix: \n\n**Product \n**\n\n| \n\n**Version**\n\n| \n\n**Remediation** \n \n---|---|--- \n \nIBM B2B Advanced Communications\n\n| \n\n1.0.0.x\n\n| Apply fix pack [1.0.0.8](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \nIBM Multi-Enterprise Integration Gateway| \n\n1.0.0.1\n\n| Apply fix pack [1.0.0.8 ](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-02-20T05:43:47", "type": "ibm", "title": "Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to FasterXML jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14721", "CVE-2018-7489", "CVE-2020-8840"], "modified": "2023-02-20T05:43:47", "id": "C7DD07DAD80496C03ABFD0EE55F04C1759F2915C9B0A8C1F66F87E8D2110B95B", "href": "https://www.ibm.com/support/pages/node/6956836", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-03T18:08:28", "description": "## Summary\n\nIBM B2B Advanced Communications has addressed vulnerabilities in FasterXML jackson-databind shipped with product.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-1000873](<https://vulners.com/cve/CVE-2018-1000873>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanoseconds time value field. By persuading a victim to deserialize specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM B2B Advanced Communications| 1.0.0.x \nIBM Multi-Enterprise Integration Gateway| 1.0.0.1 \n \n\n\n## Remediation/Fixes\n\n**Product \n** | \n\n**Version**\n\n| \n\n**Remediation** \n \n---|---|--- \n \nIBM B2B Advanced Communications\n\n| \n\n1.0.0.x\n\n| Apply fix pack [1.0.0.8](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \nIBM Multi-Enterprise Integration Gateway| \n\n1.0.0.1\n\n| Apply fix pack [1.0.0.8 ](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-02-20T07:23:40", "type": "ibm", "title": "Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2018-1000873)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873"], "modified": "2023-02-20T07:23:40", "id": "8DE2E6E735F4C865DFF522FC1476032743D235229E5B6DE14A486A6D7ABC31A4", "href": "https://www.ibm.com/support/pages/node/6956852", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-22T01:44:01", "description": "## Summary\n\nIBM Integration Bus is affected by an Apache Tomcat vulnerability which was reported and has been addressed. Vulnerability details are listed below. \n \n\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N) \n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0.0 - V10.0.0.14 \nIBM Integration Bus V9.0.0.0 - V9.0.0.11\n\nWebSphere Message Broker V8.0.0.0 - V8.0.0.9\n\n## Remediation/Fixes\n\n## \n\nProduct | VRMF | APAR | Remediation/Fixes \n---|---|---|--- \nIBM Integration Bus | V10.0.0.0 - V10.0.0.14 | IT26898 | \n\nThe APAR is available in fix pack 10.0.0.15\n\n[IBM Integration Bus V10.0 - Fix Pack 10.0.0.15](<https://www-01.ibm.com/support/docview.wss?uid=ibm10744771>) \n \nIBM Integration Bus | V9.0.0.0 - V9.0.0.11 | IT26898 | \n\nInterim fix for APAR IT26898 is available from IBM Fix Central:\n\n[IBM Fix Central:](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=9.0.0.11&platform=All&function=aparId&apars=IT26898>) \n \nWebSphere Message Broker | V8.0.0.0 - V8.0.0.9 | IT26898 | \n\nInterim fix for APAR IT26898 is available from IBM Fix Central:\n\n[IBM Fix Central:](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=8.0.0.9&platform=All&function=aparId&apars=IT26898>) \n \n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: IBM Integration Bus affected by Apache Tomcat (core only) vulnerability CVE-2018-11784", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2020-03-23T20:41:52", "id": "33950E9254985E3B3391A354C5B2C4D798A874E81BD54623B546411AD4D3DD94", "href": "https://www.ibm.com/support/pages/node/794487", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:45:58", "description": "## Summary\n\nJazz Team Server is shipped as a component of Jazz Reporting Service (JRS). Information about a security vulnerability affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nJRS 5.0, 5.0.1, 5.0.2 | Jazz Foundation 5.0, 5.0.1, 5.0.2 \nJRS 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 | Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 \n \n* Both JRS and Jazz Foundation are part of Rational Collaborative Lifecycle Management.\n\n## Remediation/Fixes\n\nConsult [Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology](<https://www-01.ibm.com/support/docview.wss?uid=ibm10735223>) for vulnerability details and information about fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2018-11-09T14:30:02", "type": "ibm", "title": "Security Bulletin: Security vulnerability has been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2018-11784)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2018-11-09T14:30:02", "id": "B1340D24CC010D0154CDFA55F2F704541845D2EAB55B6F14185B1E2157AA991A", "href": "https://www.ibm.com/support/pages/node/739443", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T01:43:58", "description": "## Summary\n\nIBM Integration Bus ships Apache Tomcat which is susceptible to vulnerabilities which were reported and have been addressed\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-8034](<https://vulners.com/cve/CVE-2018-8034>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a missing host name verification when using TLS with the WebSocket client. An attacker could exploit this vulnerability to bypass security constraints to access restricted resources. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147211> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0.0 - V10.0.0.14 \nIBM Integration Bus V9.0.0.0 - V9.0.0.11\n\nWebSphere Message Broker V8.0.0.0 - V8.0.0.9\n\n## Remediation/Fixes\n\nProduct | VRMF | APAR | Remediation/Fixes \n---|---|---|--- \nIBM Integration Bus | V10.0.0.0 - V10.0.0.14 | IT25709 | \n\nThe APAR is available in fix pack 10.0.0.15\n\n[IBM Integration Bus V10.0 - Fix Pack 10.0.0.15](<https://www-01.ibm.com/support/docview.wss?uid=ibm10744771>) \n \nIBM Integration Bus | V9.0.0.0 - V9.0.0.11 | IT25709 | Contact IBM support to request for Fix APAR \nWebSphere Message Broker | V8.0.0.0 - V8.0.0.9 | IT25709 | Contact IBM support to request for Fix APAR \n_Websphere Message Broker V8 & _IBM Integration Bus 9 _is no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product. _ \n_If you are a customer with extended support and require a fix, contact IBM support._\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: IBM Integration Bus affected by Apache Tomcat vulnerability CVE-2018-8034", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8034"], "modified": "2020-03-23T20:41:52", "id": "F68741984639CBFDDC49BE7EE9CA3EF2293637876A5B2F5F64E94096BF3B9AEA", "href": "https://www.ibm.com/support/pages/node/794963", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-15T14:12:41", "description": "## Summary\n\nThe Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect Design Manager (RSA DM).\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nRational Collaborative Lifecycle Management 5.0 - 6.0.6 \n \nRational Quality Manager 5.0 - 5.0.2 \nRational Quality Manager 6.0 - 6.0.6 \n \nRational Team Concert 5.0 - 5.0.2 \nRational Team Concert 6.0 - 6.0.6 \n \nRational DOORS Next Generation 5.0 - 5.0.2 \nRational DOORS Next Generation 6.0 - 6.0.6 \n \nRational Engineering Lifecycle Manager 5.0 - 5.0.2 \nRational Engineering Lifecycle Manager 6.0 - 6.0.6 \n \nRational Rhapsody Design Manager 5.0 - 5.0.2 \nRational Rhapsody Design Manager 6.0 - 6.0.6 \n \nRational Software Architect Design Manager 5.0 - 5.0.2 \nRational Software Architect Design Manager 6.0 - 6.0.1\n\n## Remediation/Fixes\n\n**Step 1**. \nApply the latest ifix to your installed product version: \n \nFor the 6.0 - 6.0.6 releases:\n\n * Upgrade to version 6.0.6 iFix003 or later \n * [_Rational Collaborative Lifecycle Management 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * [_Rational DOORS Next Generation 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6&platform=All&function=all>)\n * [_Rational Quality Manager 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.6&platform=All&function=all>)\n * [_Rational Team Concert 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.6&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.5 and install server from [_CLM 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.5 and install server from [_CLM 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.5 and install server from [_CLM 6.0.6 iFix003_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.6&platform=All&function=all>)\n\n * Or upgrade to version 6.0.2 iFix18 or later versions: \n * [_Rational DOORS Next Generation 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.2&platform=All&function=all>)\n * [_Rational Quality Manager 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=6.0.2&platform=All&function=all>)\n * [_Rational Team Concert 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=6.0.2&platform=All&function=all>)\n * [_Rational Collaborative Lifecycle Management 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 6.0.2 and install server from [_CLM 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 6.0.2 and install server from [_CLM 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 6.0.2 and install server from [_CLM 6.0.2 iFix18_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=6.0.2&platform=All&function=all>)\n\n \nFor the 5.x releases, upgrade to version 5.0.2 iFix27 or later versions\n\n * [_Rational Collaborative Lifecycle Management 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=5.0.2&platform=All&function=all>)\n * [_Rational Team Concert 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Team+Concert&release=5.0.2&platform=All&function=all>)\n * [_Rational Quality Manager 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Quality+Manager&release=5.0.2&platform=All&function=all>)\n * [_Rational DOORS Next Generation 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=5.0.2&platform=All&function=all>)\n * Rational Software Architect Design Manager:_ _Upgrade to version 5.0.2 and install server from [_CLM 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=5.0.2&platform=All&function=all>)\n * Rational Rhapsody Design Manager:_ _Upgrade to version 5.0.2 and install server from [_CLM 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=5.0.2&platform=All&function=all>)\n * Rational Engineering Lifecycle Manager:_ _Upgrade to version 5.0.2 and install server from [_CLM 5.0.2 iFix27_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Collaborative+Lifecycle+Management+Solution&release=5.0.2&platform=All&function=all>)\n\n \n**Step 2: ** \nUpgrade your Apache Tomcat to **version 7.0.91 or later**. Perform [_How to update the Apache Tomcat server for IBM Rational products based on versions 3.0.1.6, 4.0.7 or later of IBM's Jazz technology_](<http://www.ibm.com/support/docview.wss?uid=swg21687641>) to apply the remediation. \n \nFor any prior versions of the products listed above, IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \nIf the iFix is not found in the Fix Portal please contact IBM Support.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2021-04-28T18:35:50", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2021-04-28T18:35:50", "id": "88F3587B22B66042418FF189277EA7BC1A004E4B0D911699062E18728ADEAC9A", "href": "https://www.ibm.com/support/pages/node/735223", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-03T18:08:39", "description": "## Summary\n\nA vulnerability exists in Apache Tomcat to which the IBM FlashSystem\u2122 840 and FlashSystem 900 are susceptible (CVE-2018-11784). An exploit of this vulnerability could allow a remote attacker to redirect a user to arbitrary websites.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nFlashSystem 840 machine type and models (MTMs) affected include 9840-AE1 and 9843-AE1. \nFlashSystem 900 MTMs affected include 9843-UF3, 9840-AE2, 9843-AE2, 9840-AE3, and 9843-AE3. \n \nSupported code versions which are affected\n\n * VRMFs prior to 1.4.8.2\n * VRMFs prior to 1.5.2.5\n * VRMFs prior to 1.6.1.0\n\n## Remediation/Fixes\n\n_MTMs_\n\n| _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \n**FlashSystem****840 MTM: ** \n9840-AE1 &9843-AE1 \n \n**FlashSystem 900 MTMs:**9843-UF3, 9840-AE2, 9843-AE2, 9840-AE3, & 9843-AE3 | \n\n_Code fixes are now available, the minimum VRMF containing the fix depends on the code stream:__ _ \n__Fixed Code VRMF __ \n_1.6 stream: 1.6.1.0_\n\n_1.5 stream: 1.5.2.5_\n\n_1.4 stream: 1.4.8.2_\n\n| _N/A_ | [**_FlashSystem 840 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+840&release=All&platform=All&function=all>)and [**_FlashSystem 900 fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%2Bhigh%2Bavailability%2Bsystems&product=ibm/StorageSoftware/IBM+FlashSystem+900&release=All&platform=All&function=all>)** **are available @ IBM\u2019s Fix Central \n \n## Workarounds and Mitigations\n\nUpgrade to a remediated code level.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2023-02-18T01:45:50", "type": "ibm", "title": "Security Bulletin: A vulnerability in Apache Tomcat affects the IBM FlashSystem 840 and 900", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2023-02-18T01:45:50", "id": "0EF4B59393438EACFD8FC2C07DD8F070A3FBCF00E78AF631B2B3CB8138D69697", "href": "https://www.ibm.com/support/pages/node/957183", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-03T18:05:39", "description": "## Summary\n\nA vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. Apache Tomcat is used in the management GUI of the product. The Command Line Interface is unaffected.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-11784](<https://vulners.com/cve/CVE-2018-11784>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the default servlet. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150860> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \nIBM FlashSystem V9000 \nIBM FlashSystem 9100 Family \nIBM Spectrum Virtualize Software \nIBM Spectrum Virtualize for Public Cloud\n\nAll products are affected when running supported versions 7.5 to 8.2.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family to the following code levels or higher: \n \n7.8.1.8 \n8.1.3.4 \n8.2.0.2 \n8.2.1.0 \n \n[_Latest IBM SAN Volume Controller Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Storage%20virtualization&product=ibm/StorageSoftware/SAN+Volume+Controller+%282145%29&release=All&platform=All&function=all>) \n[_Latest IBM Storwize V7000 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Mid-range%20disk%20systems&product=ibm/Storage_Disk/IBM+Storwize+V7000+%282076%29&release=All&platform=All&function=all>) \n[_Latest IBM Storwize V5000 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Mid-range%20disk%20systems&product=ibm/Storage_Disk/IBM+Storwize+V5000&release=All&platform=All&function=all>) \n[_Latest IBM Storwize V3700 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Entry-level%20disk%20systems&product=ibm/Storage_Disk/IBM+Storwize+V3700&release=All&platform=All&function=all>) \n[_Latest IBM Storwize V3500 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Entry-level%20disk%20systems&product=ibm/Storage_Disk/IBM+Storwize+V3500&release=All&platform=All&function=all>) \n[_Latest IBM FlashSystem V9000 Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%20high%20availability%20systems&product=ibm/StorageSoftware/IBM+FlashSystem+V9000&release=All&platform=All&function=all>) \n[_Latest IBM FlashSystem 9100 Family Code_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash%20high%20availability%20systems&product=ibm/StorageSoftware/IBM+FlashSystem+9100+family&release=All&platform=All&function=all>) \n[_Latest IBM Spectrum Virtualize Software_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Virtualize+software&release=8.1&platform=All&function=all>) \n[_Latest IBM Spectrum Virtualize for Public Cloud_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Virtualize+for+Public+Cloud&release=8.1&platform=All&function=all>)\n\nFor unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of code.\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( CVE-2018-11784)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2023-03-29T01:48:02", "id": "A5525E806C3BC29BE214997F5DF6164E4E0C046A575DE1E16DE595D33789AEE3", "href": "https://www.ibm.com/support/pages/node/872550", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2023-12-06T00:41:39", "description": "Red Hat JBoss Enterprise Application Platform CD16 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD16 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-06-15T16:12:30", "type": "redhat", "title": "(RHSA-2020:2564) Important: EAP Continuous Delivery Technical Preview Release 16 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2020-06-15T16:13:19", "id": "RHSA-2020:2564", "href": "https://access.redhat.com/errata/RHSA-2020:2564", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-04-17T20:45:27", "type": "redhat", "title": "(RHSA-2019:0782) Important: rh-maven35-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-04-17T20:54:17", "id": "RHSA-2019:0782", "href": "https://access.redhat.com/errata/RHSA-2019:0782", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T00:41:43", "description": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* infinispan: Session fixation protection broken for Spring Session integration (CVE-2019-10158)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-12-02T16:21:52", "type": "redhat", "title": "(RHSA-2019:4037) Important: Red Hat Data Grid 7.3.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-10158"], "modified": "2019-12-02T16:22:24", "id": "RHSA-2019:4037", "href": "https://access.redhat.com/errata/RHSA-2019:4037", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.4.0 serves as an update to Red Hat Decision Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-07-22T14:51:53", "type": "redhat", "title": "(RHSA-2019:1822) Important: Red Hat Decision Manager 7.4.0 Security Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7285", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-10173"], "modified": "2019-07-22T14:52:26", "id": "RHSA-2019:1822", "href": "https://access.redhat.com/errata/RHSA-2019:1822", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.4.0 serves as an update to Red Hat Process Automation Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-07-22T14:52:01", "type": "redhat", "title": "(RHSA-2019:1823) Important: Red Hat Process Automation Manager 7.4.0 Security Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7285", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-10173"], "modified": "2019-07-22T14:52:34", "id": "RHSA-2019:1823", "href": "https://access.redhat.com/errata/RHSA-2019:1823", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* tomcat: host name verification missing in WebSocket client (CVE-2018-8034)\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 3.6}, "published": "2019-01-22T13:28:13", "type": "redhat", "title": "(RHSA-2019:0131) Moderate: Red Hat JBoss Web Server 3.1 Service Pack 6 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8034"], "modified": "2019-01-22T13:29:51", "id": "RHSA-2019:0131", "href": "https://access.redhat.com/errata/RHSA-2019:0131", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes.\n\nThis release of Red Hat JBoss BPM Suite 6.4.12 serves as a replacement for Red Hat JBoss BPM Suite 6.4.11, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core (CVE-2018-19362)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-07-16T16:19:53", "type": "redhat", "title": "(RHSA-2019:1797) Important: Red Hat JBoss BPM Suite 6.4.12 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-07-16T16:20:10", "id": "RHSA-2019:1797", "href": "https://access.redhat.com/errata/RHSA-2019:1797", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 6 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* tomcat: host name verification missing in WebSocket client (CVE-2018-8034)\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 3.6}, "published": "2019-01-22T13:28:08", "type": "redhat", "title": "(RHSA-2019:0130) Moderate: Red Hat JBoss Web Server 3.1 Service Pack 6 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8034"], "modified": "2019-01-22T13:28:31", "id": "RHSA-2019:0130", "href": "https://access.redhat.com/errata/RHSA-2019:0130", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-29T02:41:20", "description": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-10-10T12:48:05", "type": "redhat", "title": "(RHSA-2019:3002) Important: Red Hat FIS 2.0 on Fuse 6.3.0 R13 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-10-10T12:48:30", "id": "RHSA-2019:3002", "href": "https://access.redhat.com/errata/RHSA-2019:3002", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules.\n\nThis release of Red Hat JBoss BRMS 6.4.11 serves as a replacement for Red Hat JBoss BRMS 6.4.10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common core (CVE-2018-19362)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-07-15T18:55:36", "type": "redhat", "title": "(RHSA-2019:1782) Important: Red Hat JBoss BRMS 6.4.12 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-07-15T19:16:07", "id": "RHSA-2019:1782", "href": "https://access.redhat.com/errata/RHSA-2019:1782", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:07", "description": "Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. See the download link given in the references section below.\n\nSecurity fix(es):\n\n* jolokia: system-wide CSRF that could lead to Remote Code Execution (CVE-2018-10899)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n \n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-09-17T09:21:53", "type": "redhat", "title": "(RHSA-2019:2804) Important: Red Hat JBoss Fuse/A-MQ 6.3 R13 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10899", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12814"], "modified": "2020-09-17T15:01:23", "id": "RHSA-2019:2804", "href": "https://access.redhat.com/errata/RHSA-2019:2804", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-30T02:41:25", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains an update for jackson-databind in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 3.11.153.\n\nSecurity Fix(es):\n\n* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\n* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-10-18T19:48:39", "type": "redhat", "title": "(RHSA-2019:3149) Important: OpenShift Container Platform logging-elasticsearch5-container security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525", "CVE-2018-10237", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-7489", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-10-18T19:49:27", "id": "RHSA-2019:3149", "href": "https://access.redhat.com/errata/RHSA-2019:3149", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-29T06:41:11", "description": "The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2019-06-18T16:36:21", "type": "redhat", "title": "(RHSA-2019:1529) Important: pki-deps:10.6 security update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2019-06-18T17:00:56", "id": "RHSA-2019:1529", "href": "https://access.redhat.com/errata/RHSA-2019:1529", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-30T02:41:25", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains an update for both jackson-databind and guava in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 4.1.18.\n\nSecurity Fix(es):\n\n* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\n* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-09-27T00:11:50", "type": "redhat", "title": "(RHSA-2019:2858) Important: OpenShift Container Platform 4.1.18 logging-elasticsearch5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525", "CVE-2018-10237", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5968", "CVE-2018-7489", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379"], "modified": "2019-09-27T00:12:14", "id": "RHSA-2019:2858", "href": "https://access.redhat.com/errata/RHSA-2019:2858", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-03T20:41:19", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-35728)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-36184)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource (CVE-2020-36185)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource (CVE-2020-36186)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource (CVE-2020-36187)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource (CVE-2020-36188)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource (CVE-2020-36189)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing (CVE-2021-20190)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-04-27T08:48:32", "type": "redhat", "title": "(RHSA-2021:1230) Important: OpenShift Container Platform 4.6.26 security and extras update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-14379", "CVE-2020-24750", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2021-20190", "CVE-2021-3449"], "modified": "2021-04-27T08:49:35", "id": "RHSA-2021:1230", "href": "https://access.redhat.com/errata/RHSA-2021:1230", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-11-29T02:41:20", "description": "Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database.\n\nThis release of Red Hat JBoss Data Virtualization 6.4.8 serves as a replacement for Red Hat JBoss Data Virtualization 6.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands (CVE-2016-5397)\n\n* tika-core: tika: Command injection in tika-server can allow remote attackers to execute arbitrary commands via crafted headers (CVE-2018-1335)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* libthrift: thrift: Improper Access Control grants access to files outside the webservers docroot path (CVE-2018-11798)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* zookeeper: Information disclosure in Apache ZooKeeper (CVE-2019-0201)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-10-17T14:53:06", "type": "redhat", "title": "(RHSA-2019:3140) Important: Red Hat JBoss Data Virtualization 6.4.8 security update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5397", "CVE-2018-11307", "CVE-2018-11798", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-1335", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-8088", "CVE-2019-0201"], "modified": "2019-10-17T14:53:25", "id": "RHSA-2019:3140", "href": "https://access.redhat.com/errata/RHSA-2019:3140", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T00:41:43", "description": "This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* infinispan: deserialization of data in XML and JSON transcoders (CVE-2018-1131)\n\n* hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-8009)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* retrofit: Directory traversal in RequestBuilder allows manipulation of resources (CVE-2018-1000850)\n\n* zookeeper: Information disclosure in Apache ZooKeeper (CVE-2019-0201)\n\n* mesos: docker image code execution (CVE-2019-0204)\n\n* netty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* grpc: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* netty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* grpc: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* netty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* grpc: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* netty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285) (CVE-2019-10173)\n\n* syndesis: default CORS configuration is allow all (CVE-2019-14860)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* activemq: ActiveMQ Client Missing TLS Hostname Verification (CVE-2018-11775)\n\n* tika: Incomplete fix allows for XML entity expansion resulting in denial of service (CVE-2018-11796)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-11-14T21:15:16", "type": "redhat", "title": "(RHSA-2019:3892) Important: Red Hat Fuse 7.5.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7285", "CVE-2017-15095", "CVE-2017-17485", "CVE-2017-7525", "CVE-2018-1000850", "CVE-2018-11307", "CVE-2018-1131", "CVE-2018-11775", "CVE-2018-11796", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-8009", "CVE-2018-8034", "CVE-2019-0201", "CVE-2019-0204", "CVE-2019-10173", "CVE-2019-14860", "CVE-2019-16869", "CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9518"], "modified": "2020-04-20T07:11:56", "id": "RHSA-2019:3892", "href": "https://access.redhat.com/errata/RHSA-2019:3892", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T18:41:38", "description": "Project for parent pom for all Jackson components. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-parent-2.9.1.2-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:E63546051071", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R3ZYMIZRY3K7GTTOS2FSM7YTRN6UHQJY/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Add-on module for to support JSON Schema version 3 generation. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-module-jsonSchema-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:957DA605174F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6VAZ6YEXS3FI6U3KGTI65IL3GVOPCZ5X/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Data format extension for Jackson (http://jackson.codehaus.org) to offer alternative support for serializing POJOs as XML and deserializing XML as POJOs. Support implemented on top of Stax API (javax.xml.stream), by implementing core Jackson Streaming API types like JsonGenerator, JsonParser and JsonFactory. Some data-binding types overridden as well (ObjectMapper sub-classed as XmlMapper). ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-dataformat-xml-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:12DAE6051076", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FDBHQ6N2UWY27LDPCZAP5FEVGP365224/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "This is a Jackson module that aims to provide full support for data types of Joda date-time library. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-datatype-joda-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:489136051065", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YWT7UN6SQS76G6QS7YYVOW324E6RWKPY/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The Linux Tools project is a two-faceted project. Firstly, it develops tools and frameworks for writing tools for Linux developers. Secondly, it provides a place for Linux distributions to collaboratively overcome issues surround ing distribution packaging of Eclipse technology. The project will produce both best practices and tools related to packaging. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: eclipse-linuxtools-7.1.0-3.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:4DF45605106F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6XJP2G5NM3CCQQTDHZW4GUYWV65ZHITJ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Parent pom for Jackson text-format dataformats. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-dataformats-text-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:EC39E6051044", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NJFNBE47HDDYBDYXLDTZYEHI3HXQHJXQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Core part of Jackson that defines Streaming API as well as basic shared abstractions. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-core-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:9E3346051071", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/34DOFNXW73YICYBLMISPHJXUGVENPMJF/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "A \"bill of materials\" POM for Jackson dependencies. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-bom-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:82BA46051069", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QAWC3XALZSTIGPPQJLPGTFEXCDONUJY6/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "A pure Java implementation of the Git version control system. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: eclipse-jgit-5.2.0-4.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:32EC36051065", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2LHUWAFZWDCHL4ADGIRONBBD7FMB2BRO/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:51", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: bouncycastle-1.61-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:51", "id": "FEDORA:C4FE16051044", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2DKNNAUDWX77ICMYAAXG4CLXSZ5ZCJHQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "This is a multi-module project that contains Jackson-based JAX-RS providers for following data formats: JSON, Smile (binary JSON), XML, CBOR (another kind of binary JSON), YAML. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-jaxrs-providers-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:7C4736051069", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O3VC2GPN5WGONJYQCDFGYHWKNFV3SXHG/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Parent pom for Jackson binary dataformats. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-dataformats-binary-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:D1E836050C52", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DMHN3SHBI6L2QLU2K3KNST6RHQN2VVCH/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Java 8 Datatypes: support for other new Java 8 data types outside of date/time: most notably Optional, OptionalLong, OptionalDouble. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-datatype-jdk8-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:2BBC46051742", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WFJXSJBILOFUGMV7MILIWP7YIMG5OFW4/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Jackson \"base\" modules: modules that build directly on databind, and are not data-type, data format, or JAX-RS provider modules. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-modules-base-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:B11A16051070", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "This is a multi-module umbrella project for various Jackson Data-type modules to support 3rd party Collection libraries. Currently included are: * Guava data-type * HPPC data-type * PCollections data-type ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:53", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-datatypes-collections-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:53", "id": "FEDORA:62812605106F", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "Core annotations used for value types, used by Jackson data-binding package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-annotations-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:67F5A6051068", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JE4I7UTMB33F6CPCUJYZ2XQUK47BCEDD/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-02-19T14:03:52", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-databind-2.9.8-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-147189", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-02-19T14:03:52", "id": "FEDORA:B8E2D6051075", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KIJ7D2V7DS5AIHWF5OTSY6IADDMUE4ND/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-09-22T03:20:24", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: jackson-databind-2.9.9.3-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-147189", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439"], "modified": "2019-09-22T03:20:24", "id": "FEDORA:4FB5560427DA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6X7OP2KRUBDSSVHN5RCQIYIY4LO5IQIT/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-03T02:02:31", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-1336", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2019-04-03T02:02:31", "id": "FEDORA:6BF9F60769FE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 4.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 1.4}, "published": "2019-02-13T02:48:13", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: tomcat-9.0.13-1.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2019-02-13T02:48:13", "id": "FEDORA:6D39A60CC4DC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2SK62D5AMN3PP5PQ4NGI2MYDIWGZ5QVP/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-dataformat-xml FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875658", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875658", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875658\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:14:45 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-dataformat-xml FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDBHQ6N2UWY27LDPCZAP5FEVGP365224\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-dataformat-xml'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Data format extension for Jackson\nto offer alternative support for serializing POJOs as XML and\ndeserializing XML as POJOs. Support implemented on top of Stax API\n(javax.xml.stream), by implementing core Jackson Streaming API types\nlike JsonGenerator, JsonParser and JsonFactory. Some data-binding types\noverridden as well (ObjectMapper sub-classed as XmlMapper).\");\n\n script_tag(name:\"affected\", value:\"'jackson-dataformat-xml' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-dataformat-xml\", rpm:\"jackson-dataformat-xml~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-dataformats-binary FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876032", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876032\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:32:28 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-dataformats-binary FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMHN3SHBI6L2QLU2K3KNST6RHQN2VVCH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-dataformats-binary'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Parent pom for Jackson binary dataformats.\");\n\n script_tag(name:\"affected\", value:\"'jackson-dataformats-binary' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-dataformats-binary\", rpm:\"jackson-dataformats-binary~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-parent FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876248", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876248", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876248\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:40:33 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-parent FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3ZYMIZRY3K7GTTOS2FSM7YTRN6UHQJY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-parent'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Project for parent pom for all Jackson components.\");\n\n script_tag(name:\"affected\", value:\"'jackson-parent' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-parent\", rpm:\"jackson-parent~2.9.1.2~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-core FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876270", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876270\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:41:27 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-core FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34DOFNXW73YICYBLMISPHJXUGVENPMJF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-core'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Core part of Jackson that defines Streaming API as well\nas basic shared abstractions.\");\n\n script_tag(name:\"affected\", value:\"'jackson-core' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-core\", rpm:\"jackson-core~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-module-jsonSchema FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876215", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876215", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876215\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:39:03 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-module-jsonSchema FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6VAZ6YEXS3FI6U3KGTI65IL3GVOPCZ5X\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-module-jsonSchema'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Add-on module for to support JSON Schema version 3 generation.\");\n\n script_tag(name:\"affected\", value:\"'jackson-module-jsonSchema' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-module-jsonSchema\", rpm:\"jackson-module-jsonSchema~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-datatypes-collections FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876291", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876291", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876291\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:42:42 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-datatypes-collections FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ATSBGOHZPKMCYVBV3QIOFFKGZ2DUDNUG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-datatypes-collections'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This is a multi-module umbrella project for various Jackson\nData-type modules to support 3rd party Collection libraries.\n\nCurrently included are:\n\n * Guava data-type\n\n * HPPC data-type\n\n * PCollections data-type\");\n\n script_tag(name:\"affected\", value:\"'jackson-datatypes-collections' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-datatypes-collections\", rpm:\"jackson-datatypes-collections~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for bouncycastle FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875836", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875836", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875836\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:23:12 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for bouncycastle FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DKNNAUDWX77ICMYAAXG4CLXSZ5ZCJHQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bouncycastle'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Bouncy Castle Crypto package is a Java implementation of cryptographic\nalgorithms. This jar contains JCE provider and lightweight API for the\nBouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.\");\n\n script_tag(name:\"affected\", value:\"'bouncycastle' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bouncycastle\", rpm:\"bouncycastle~1.61~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-datatype-joda FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876257", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876257", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876257\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:40:56 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-datatype-joda FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWT7UN6SQS76G6QS7YYVOW324E6RWKPY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-datatype-joda'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This is a Jackson module that aims to provide\nfull support for data types of Joda date-time\nlibrary.\");\n\n script_tag(name:\"affected\", value:\"'jackson-datatype-joda' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-datatype-joda\", rpm:\"jackson-datatype-joda~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-annotations FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876185", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876185", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876185\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:38:26 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-annotations FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE4I7UTMB33F6CPCUJYZ2XQUK47BCEDD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-annotations'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Core annotations used for value types,\nused by Jackson data-binding package.\");\n\n script_tag(name:\"affected\", value:\"'jackson-annotations' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-annotations\", rpm:\"jackson-annotations~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-bom FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875998", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875998\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:30:54 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-bom FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAWC3XALZSTIGPPQJLPGTFEXCDONUJY6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-bom'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A 'bill of materials' POM for Jackson dependencies.\");\n\n script_tag(name:\"affected\", value:\"'jackson-bom' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-bom\", rpm:\"jackson-bom~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for eclipse-jgit FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875739", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875739", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875739\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:18:38 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for eclipse-jgit FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2LHUWAFZWDCHL4ADGIRONBBD7FMB2BRO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'eclipse-jgit'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A pure Java implementation of the Git version control system.\");\n\n script_tag(name:\"affected\", value:\"'eclipse-jgit' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"eclipse-jgit\", rpm:\"eclipse-jgit~5.2.0~4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-dataformats-text FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876220", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876220", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876220\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:39:24 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-dataformats-text FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJFNBE47HDDYBDYXLDTZYEHI3HXQHJXQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-dataformats-text'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Parent pom for Jackson text-format dataformats.\");\n\n script_tag(name:\"affected\", value:\"'jackson-dataformats-text' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-dataformats-text\", rpm:\"jackson-dataformats-text~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-datatype-jdk8 FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876132", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876132\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:35:46 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-datatype-jdk8 FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFJXSJBILOFUGMV7MILIWP7YIMG5OFW4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-datatype-jdk8'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Java 8 Datatypes: support for other new Java 8 data types outside of\ndate/time: most notably Optional, OptionalLong, OptionalDouble.\");\n\n script_tag(name:\"affected\", value:\"'jackson-datatype-jdk8' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-datatype-jdk8\", rpm:\"jackson-datatype-jdk8~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for eclipse-linuxtools FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875944", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875944", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875944\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:28:18 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for eclipse-linuxtools FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJP2G5NM3CCQQTDHZW4GUYWV65ZHITJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'eclipse-linuxtools'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Linux Tools project is a two-faceted project. Firstly, it develops tools\nand frameworks for writing tools for Linux developers. Secondly, it provides\na place for Linux distributions to collaboratively overcome issues surrounding\ndistribution packaging of Eclipse technology. The project will produce both\nbest practices and tools related to packaging.\");\n\n script_tag(name:\"affected\", value:\"'eclipse-linuxtools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"eclipse-linuxtools\", rpm:\"eclipse-linuxtools~7.1.0~3.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-jaxrs-providers FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875809", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875809\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:21:47 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-jaxrs-providers FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3VC2GPN5WGONJYQCDFGYHWKNFV3SXHG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-jaxrs-providers'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This is a multi-module project that contains Jackson-based JAX-RS providers for\nfollowing data formats: JSON, Smile (binary JSON), XML, CBOR (another kind of\nbinary JSON), YAML.\");\n\n script_tag(name:\"affected\", value:\"'jackson-jaxrs-providers' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-jaxrs-providers\", rpm:\"jackson-jaxrs-providers~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-modules-base FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875964", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875964\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:56 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-modules-base FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-modules-base'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Jackson 'base' modules: modules that build directly on databind,\nand are not data-type, data format, or JAX-RS provider modules.\");\n\n script_tag(name:\"affected\", value:\"'jackson-modules-base' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-modules-base\", rpm:\"jackson-modules-base~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-databind FEDORA-2019-df57551f6d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-147189", "CVE-2018-14719", "CVE-2016-7051", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-1000873", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875653", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875653", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875653\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2016-7051\", \"CVE-2018-147189\", \"CVE-2018-1000873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:14:32 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for jackson-databind FEDORA-2019-df57551f6d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KIJ7D2V7DS5AIHWF5OTSY6IADDMUE4ND\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the FEDORA-2019-df57551f6d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The general-purpose data-binding functionality and tree-model for Jackson Data\nProcessor. It builds on core streaming parser/generator package, and uses\nJackson Annotations for configuration.\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-databind\", rpm:\"jackson-databind~2.9.8~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:25:01", "description": "Several deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.", "cvss3": {}, "published": "2019-03-04T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-1703-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891703", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891703\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\",\n \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-1703-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-04 00:00:00 +0100 (Mon, 04 Mar 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"jackson-databind on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"summary\", value:\"Several deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4452-1 (jackson-databind - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2019-12086", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-26T00:00:00", "id": "OPENVAS:1361412562310704452", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704452", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704452\");\n script_version(\"2019-05-26T02:00:15+0000\");\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2019-12086\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-26 02:00:15 +0000 (Sun, 26 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:00:15 +0000 (Sun, 26 May 2019)\");\n script_name(\"Debian Security Advisory DSA 4452-1 (jackson-databind - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4452.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4452-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DSA-4452-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues were found in jackson-databind, a Java library\nto parse JSON and other data formats which could result in information\ndisclosure or the execution of arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.8.6-1+deb9u5.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.8.6-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.8.6-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-09-24T14:32:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-09-23T00:00:00", "type": "openvas", "title": "Fedora Update for jackson-databind FEDORA-2019-fb23eccc03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2019-12086", "CVE-2018-19361", "CVE-2018-147189", "CVE-2018-14720", "CVE-2018-14718", "CVE-2019-12814", "CVE-2019-12384", "CVE-2018-12022", "CVE-2018-14721", "CVE-2019-14439", "CVE-2018-19360", "CVE-2019-14379", "CVE-2018-12023"], "modified": "2019-09-23T00:00:00", "id": "OPENVAS:1361412562310876830", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876830", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876830\");\n script_version(\"2019-09-23T11:41:07+0000\");\n script_cve_id(\"CVE-2019-12086\", \"CVE-2019-12384\", \"CVE-2019-12814\", \"CVE-2019-14379\", \"CVE-2018-14718\", \"CVE-2018-147189\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2019-14439\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-23 11:41:07 +0000 (Mon, 23 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-23 02:27:52 +0000 (Mon, 23 Sep 2019)\");\n script_name(\"Fedora Update for jackson-databind FEDORA-2019-fb23eccc03\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-fb23eccc03\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6X7OP2KRUBDSSVHN5RCQIYIY4LO5IQIT\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the FEDORA-2019-fb23eccc03 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The general-purpose data-binding functionality and tree-model for Jackson Data\nProcessor. It builds on core streaming parser/generator package, and uses\nJackson Annotations for configuration.\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"jackson-databind\", rpm:\"jackson-databind~2.9.9.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2018-b18f9dd65b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8014", "CVE-2018-8034", "CVE-2018-1336", "CVE-2018-11784", "CVE-2018-8037"], "modified": "2019-04-03T00:00:00", "id": "OPENVAS:1361412562310875539", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875539", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875539\");\n script_version(\"2019-04-03T06:52:13+0000\");\n script_cve_id(\"CVE-2018-11784\", \"CVE-2018-8037\", \"CVE-2018-8034\", \"CVE-2018-8014\", \"CVE-2018-1336\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-03 06:52:13 +0000 (Wed, 03 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:52:13 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"Fedora Update for tomcat FEDORA-2018-b18f9dd65b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b18f9dd65b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the FEDORA-2018-b18f9dd65b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tomcat is the servlet container that is used in the official Reference\nImplementation for the Java Servlet and JavaServer Pages technologies.\nThe Java Servlet and JavaServer Pages specifications are developed by\nSun under the Java Community Process.\n\nTomcat is developed in an open and participatory environment and\nreleased under the Apache Software License version 2.0. Tomcat is intended\nto be a collaboration of the best-of-breed developers from around the world.\");\n\n script_tag(name:\"affected\", value:\"'tomcat' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.5.35~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-25T12:05:25", "description": "This host is installed with Apache Tomcat\n and is prone to a security bypass vulnerability.", "cvss3": {}, "published": "2018-08-03T00:00:00", "type": "openvas", "title": "Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8034"], "modified": "2019-07-24T00:00:00", "id": "OPENVAS:1361412562310813743", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813743", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813743\");\n script_version(\"2019-07-24T08:39:52+0000\");\n script_cve_id(\"CVE-2018-8034\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 08:39:52 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-03 16:58:57 +0530 (Fri, 03 Aug 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache Tomcat\n and is prone to a security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to a missing host name\n verification when using TLS with the WebSocket client.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to bypass certain security restrictions and perform unauthorized actions.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat versions 9.0.0.M1 to 9.0.9,\n 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52 and 7.0.35 to 7.0.88 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apache Tomcat version 9.0.10 or\n 8.5.32 or 8.0.53 or 7.0.90 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283@minotaur.apache.org%3E\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.10\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.90\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif(isnull(tomPort = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:tomPort, exit_no_version:TRUE))\n exit(0);\n\nappVer = infos['version'];\npath = infos['location'];\n\nif(appVer =~ \"^8\\.5\")\n{\n if(version_in_range(version:appVer, test_version: \"8.5.0\", test_version2: \"8.5.31\")){\n fix = \"8.5.32\";\n }\n}\nelse if(appVer =~ \"^7\\.0\")\n{\n if(version_in_range(version:appVer, test_version: \"7.0.35\", test_version2: \"7.0.88\")){\n fix = \"7.0.90\";\n }\n}\nelse if(appVer =~ \"^8\\.0\")\n{\n if((revcomp(a:appVer, b: \"8.0.0.RC1\") >= 0) && (revcomp(a:appVer, b: \"8.0.53\") < 0)){\n fix = \"8.0.53\";\n }\n}\nelse if(appVer =~ \"^9\\.0\")\n{\n if((revcomp(a:appVer, b: \"9.0.0.M1\") >= 0) && (revcomp(a:appVer, b: \"9.0.10\") < 0)){\n fix = \"9.0.10\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:appVer, fixed_version:fix, install_path:path);\n security_message(port:tomPort, data: report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:28", "description": "When the default servlet in Apache Tomcat returned a redirect to a directory\n(e.g. redirecting to ", "cvss3": {}, "published": "2018-10-05T00:00:00", "type": "openvas", "title": "Apache Tomcat Open Redirect Vulnerability (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310141568", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141568", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Open Redirect Vulnerability (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141568\");\n script_version(\"2019-05-10T11:41:35+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 11:41:35 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-05 10:53:03 +0700 (Fri, 05 Oct 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2018-11784\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache Tomcat Open Redirect Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"When the default servlet in Apache Tomcat returned a redirect to a directory\n(e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat 9.0.0.M1-9.0.11, 8.5.0-8.5.33, 7.0.23-7.0.90 and probably\n8.0.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.0.91, 8.5.34, 9.0.12 or later.\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-9.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0.23\", test_version2: \"7.0.90\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.0.91\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0.0\", test_version2: \"8.5.33\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.5.34\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif ((revcomp(a: version, b: \"9.0.0.M1\") >= 0) && (revcomp(a: version, b: \"9.0.12\") < 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.0.12\", install_path:path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-29T20:08:03", "description": "The host name verification in Tomcat when using TLS with the WebSocket\nclient was missing. It is now enabled by default.", "cvss3": {}, "published": "2018-07-30T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tomcat7 (DLA-1453-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8034"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891453", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891453\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-8034\");\n script_name(\"Debian LTS: Security Advisory for tomcat7 (DLA-1453-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-30 00:00:00 +0200 (Mon, 30 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"tomcat7 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n7.0.56-3+really7.0.90-1.\n\nWe recommend that you upgrade your tomcat7 packages.\");\n\n script_tag(name:\"summary\", value:\"The host name verification in Tomcat when using TLS with the WebSocket\nclient was missing. It is now enabled by default.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libservlet3.0-java\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libservlet3.0-java-doc\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7-admin\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7-common\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7-docs\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7-examples\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat7-user\", ver:\"7.0.56-3+really7.0.90-1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T17:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:4042-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852172", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852172", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852172\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-11784\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-10 07:38:53 +0100 (Mon, 10 Dec 2018)\");\n script_name(\"openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:4042-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4042-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00014.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the openSUSE-SU-2018:4042-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tomcat to 9.0.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-11784: When the default servlet in Apache Tomcat returned a\n redirect to a directory (e.g. redirecting to '/foo/' when the user\n requested '/foo') a specially crafted URL could be used to cause the\n redirect to be generated to any URI of the attackers choice.\n (bsc#1110850)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1504=1\");\n\n script_tag(name:\"affected\", value:\"tomcat on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-el-3_0-api\", rpm:\"tomcat-el-3_0-api~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-embed\", rpm:\"tomcat-embed~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsp-2_3-api\", rpm:\"tomcat-jsp-2_3-api~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-servlet-4_0-api\", rpm:\"tomcat-servlet-4_0-api~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~9.0.12~lp150.2.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-14T17:41:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-21T00:00:00", "type": "openvas", "title": "CentOS Update for tomcat CESA-2019:0485 centos7 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310883022", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883022", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883022\");\n script_version(\"2020-03-13T07:50:12+0000\");\n script_cve_id(\"CVE-2018-11784\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:50:12 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-21 09:50:48 +0100 (Thu, 21 Mar 2019)\");\n script_name(\"CentOS Update for tomcat CESA-2019:0485 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:0485\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-March/023220.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the CESA-2019:0485 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nSecurity Fix(es):\n\n * tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\");\n\n script_tag(name:\"affected\", value:\"tomcat on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-el-2.2-api\", rpm:\"tomcat-el-2.2-api~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-jsp-2.2-api\", rpm:\"tomcat-jsp-2.2-api~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-servlet-3.0-api\", rpm:\"tomcat-servlet-3.0-api~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if((res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~7.0.76~9.el7_6\", rls:\"CentOS7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if(__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:28", "description": "When the default servlet in Apache Tomcat returned a redirect to a directory\n(e.g. redirecting to ", "cvss3": {}, "published": "2018-10-05T00:00:00", "type": "openvas", "title": "Apache Tomcat Open Redirect Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2019-05-10T00:00:00", "id": "OPENVAS:1361412562310141569", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141569", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache Tomcat Open Redirect Vulnerability (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:tomcat\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141569\");\n script_version(\"2019-05-10T11:41:35+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-10 11:41:35 +0000 (Fri, 10 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-05 11:08:04 +0700 (Fri, 05 Oct 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2018-11784\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache Tomcat Open Redirect Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_tomcat_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"apache/tomcat/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"When the default servlet in Apache Tomcat returned a redirect to a directory\n(e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"Apache Tomcat 9.0.0.M1-9.0.11, 8.5.0-8.5.33, 7.0.23-7.0.90 and probably\n8.0.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.0.91, 8.5.34, 9.0.12 or later.\");\n\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-9.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-8.html\");\n script_xref(name:\"URL\", value:\"http://tomcat.apache.org/security-7.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\npath = infos['location'];\n\nif (version_in_range(version: version, test_version: \"7.0.23\", test_version2: \"7.0.90\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.0.91\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0.0\", test_version2: \"8.5.33\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.5.34\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif ((revcomp(a: version, b: \"9.0.0.M1\") >= 0) && (revcomp(a: version, b: \"9.0.12\") < 0)) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.0.12\", install_path:path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-29T20:11:00", "description": "Sergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.", "cvss3": {}, "published": "2018-10-16T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tomcat8 (DLA-1545-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891545", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891545\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-11784\");\n script_name(\"Debian LTS: Security Advisory for tomcat8 (DLA-1545-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-16 00:00:00 +0200 (Tue, 16 Oct 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/10/msg00006.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"tomcat8 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n8.0.14-1+deb8u14.\n\nWe recommend that you upgrade your tomcat8 packages.\");\n\n script_tag(name:\"summary\", value:\"Sergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libservlet3.1-java\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libservlet3.1-java-doc\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libtomcat8-java\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8-admin\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8-common\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8-docs\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8-examples\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tomcat8-user\", ver:\"8.0.14-1+deb8u14\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T17:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:3453-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851962", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851962", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851962\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-11784\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:23:14 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:3453-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3453-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00070.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the openSUSE-SU-2018:3453-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tomcat fixes the following issues:\n\n - CVE-2018-11784: When the default servlet in Apache Tomcat returned a\n redirect to a directory (e.g. redirecting to '/foo/' when the user\n requested '/foo') a specially crafted URL could be used to cause the\n redirect to be generated to any URI of the attackers choice.\n (bsc#1110850)\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1276=1\");\n\n script_tag(name:\"affected\", value:\"tomcat on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-admin-webapps\", rpm:\"tomcat-admin-webapps~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-docs-webapp\", rpm:\"tomcat-docs-webapp~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-el-3_0-api\", rpm:\"tomcat-el-3_0-api~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-embed\", rpm:\"tomcat-embed~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-javadoc\", rpm:\"tomcat-javadoc~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsp-2_3-api\", rpm:\"tomcat-jsp-2_3-api~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-jsvc\", rpm:\"tomcat-jsvc~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-lib\", rpm:\"tomcat-lib~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-servlet-3_1-api\", rpm:\"tomcat-servlet-3_1-api~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tomcat-webapps\", rpm:\"tomcat-webapps~8.0.53~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "osv": [{"lastseen": "2022-08-05T05:18:26", "description": "\nSeveral deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n2.4.2-2+deb8u5.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-03-04T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2022-08-05T05:18:24", "id": "OSV:DLA-1703-1", "href": "https://osv.dev/vulnerability/DLA-1703-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:23:21", "description": "\nMultiple security issues were found in jackson-databind, a Java library\nto parse JSON and other data formats which could result in information\ndisclosure or the execution of arbitrary code.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.8.6-1+deb9u5.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/jackson-databind](https://security-tracker.debian.org/tracker/jackson-databind)\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-05-24T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19362", "CVE-2019-12086", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2022-07-21T05:50:11", "id": "OSV:DSA-4452-1", "href": "https://osv.dev/vulnerability/DSA-4452-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:32:54", "description": "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-21T17:46:54", "type": "osv", "title": "Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873"], "modified": "2023-04-11T01:32:24", "id": "OSV:GHSA-H4X4-5QP2-WP46", "href": "https://osv.dev/vulnerability/GHSA-h4x4-5qp2-wp46", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-11T01:40:56", "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-04T19:07:01", "type": "osv", "title": "Deserialization of Untrusted Data in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19361"], "modified": "2023-04-11T01:40:52", "id": "OSV:GHSA-MX9V-GMH4-MGQW", "href": "https://osv.dev/vulnerability/GHSA-mx9v-gmh4-mgqw", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-12T22:46:17", "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-04T19:09:46", "type": "osv", "title": "XML External Entity Reference (XXE) in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14720"], "modified": "2023-06-12T22:46:13", "id": "OSV:GHSA-X2W5-5M2G-7H5M", "href": "https://osv.dev/vulnerability/GHSA-x2w5-5m2g-7h5m", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-12T22:46:32", "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-04T19:06:57", "type": "osv", "title": "Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19360"], "modified": "2023-06-12T22:46:29", "id": "OSV:GHSA-F9HV-MG5H-XCW9", "href": "https://osv.dev/vulnerability/GHSA-f9hv-mg5h-xcw9", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:19:16", "description": "\nThe host name verification in Tomcat when using TLS with the WebSocket\nclient was missing. It is now enabled by default.\n\n\nFor Debian 8 Jessie, this problem has been fixed in version\n7.0.56-3+really7.0.90-1.\n\n\nWe recommend that you upgrade your tomcat7 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-07-30T00:00:00", "type": "osv", "title": "tomcat7 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8034"], "modified": "2022-07-21T05:52:13", "id": "OSV:DLA-1453-1", "href": "https://osv.dev/vulnerability/DLA-1453-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-11T01:42:54", "description": "The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-17T16:32:43", "type": "osv", "title": "The host name verification missing in Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8034"], "modified": "2023-04-11T01:42:49", "id": "OSV:GHSA-46J3-R4PJ-4835", "href": "https://osv.dev/vulnerability/GHSA-46j3-r4pj-4835", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-11T01:46:30", "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-04T19:07:03", "type": "osv", "title": "High severity vulnerability that affects com.fasterxml.jackson.core:jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19362"], "modified": "2023-04-11T01:46:24", "id": "OSV:GHSA-C8HM-7HPQ-7JHG", "href": "https://osv.dev/vulnerability/GHSA-c8hm-7hpq-7jhg", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:35:28", "description": "When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2018-10-17T16:31:02", "type": "osv", "title": "Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2023-04-11T01:35:23", "id": "OSV:GHSA-5Q99-F34M-67GC", "href": "https://osv.dev/vulnerability/GHSA-5q99-f34m-67gc", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-11-02T18:30:52", "description": "Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bouncycastle", "p-cpe:/a:fedoraproject:fedora:eclipse-jgit", "p-cpe:/a:fedoraproject:fedora:eclipse-linuxtools", "p-cpe:/a:fedoraproject:fedora:jackson-annotations", "p-cpe:/a:fedoraproject:fedora:jackson-bom", "p-cpe:/a:fedoraproject:fedora:jackson-core", "p-cpe:/a:fedoraproject:fedora:jackson-databind", "p-cpe:/a:fedoraproject:fedora:jackson-dataformat-xml", "p-cpe:/a:fedoraproject:fedora:jackson-dataformats-binary", "p-cpe:/a:fedoraproject:fedora:jackson-dataformats-text", "p-cpe:/a:fedoraproject:fedora:jackson-datatype-jdk8", "p-cpe:/a:fedoraproject:fedora:jackson-datatype-joda", "p-cpe:/a:fedoraproject:fedora:jackson-datatypes-collections", "p-cpe:/a:fedoraproject:fedora:jackson-jaxrs-providers", "p-cpe:/a:fedoraproject:fedora:jackson-module-jsonschema", "p-cpe:/a:fedoraproject:fedora:jackson-modules-base", "p-cpe:/a:fedoraproject:fedora:jackson-parent", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-DF57551F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/122290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-df57551f6d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122290);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2016-7051\", \"CVE-2018-1000873\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n\n script_name(english:\"Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361\nCVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720\nCVE-2018-14721 and CVE-2016-7051.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-df57551f6d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:eclipse-jgit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:eclipse-linuxtools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-bom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformat-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformats-binary\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformats-text\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatype-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatype-joda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatypes-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-jaxrs-providers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-module-jsonSchema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-modules-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"bouncycastle-1.61-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"eclipse-jgit-5.2.0-4.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"eclipse-linuxtools-7.1.0-3.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-annotations-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-bom-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-core-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-databind-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformat-xml-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformats-binary-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformats-text-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatype-jdk8-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatype-joda-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatypes-collections-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-jaxrs-providers-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-module-jsonSchema-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-modules-base-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-parent-2.9.1.2-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle / eclipse-jgit / eclipse-linuxtools / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-02T18:37:31", "description": "Several deserialization flaws were discovered in jackson-databind, a fast and powerful JSON library for Java, which could allow an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-05T00:00:00", "type": "nessus", "title": "Debian DLA-1703-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1703.NASL", "href": "https://www.tenable.com/plugins/nessus/122603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1703-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122603);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n\n script_name(english:\"Debian DLA-1703-1 : jackson-databind security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several deserialization flaws were discovered in jackson-databind, a\nfast and powerful JSON library for Java, which could allow an\nunauthenticated user to perform code execution. The issue was resolved\nby extending the blacklist and blocking more classes from polymorphic\ndeserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-19T14:46:52", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763).\n\n - A deserialization vulnerability in jackson-databind, a fast and powerful JSON library for Java, allows an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1000031", "CVE-2017-9798", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-8034"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124170);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2017-9798\",\n \"CVE-2018-8034\",\n \"CVE-2018-11763\",\n \"CVE-2018-11784\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\"\n );\n script_bugtraq_id(\n 93604,\n 100872,\n 104895,\n 105414,\n 105524\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nUnifier installation running on the remote web server is 16.x prior to\n16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, \ntherefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service (DoS) vulnerability exists in\n Apache HTTP Server 2.4.17 to 2.4.34, due to a design\n error. An unauthenticated, remote attacker can\n exploit this issue by sending continuous, large\n SETTINGS frames to cause a client to occupy a\n connection, server thread and CPU time without any\n connection timeout coming to effect. This affects\n only HTTP/2 connections. A possible mitigation is to\n not enable the h2 protocol. (CVE-2018-11763).\n\n - A deserialization vulnerability in jackson-databind, a\n fast and powerful JSON library for Java, allows an\n unauthenticated user to perform code execution. The\n issue was resolved by extending the blacklist and\n blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Unifier version 16.2.15.7 / 17.12.10 / 18.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera Unifier\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera Unifier\", port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"16.1.0.0\", \"fixed_version\" : \"16.2.15.7\" },\n { \"min_version\" : \"17.7.0.0\", \"fixed_version\" : \"17.12.10\" },\n { \"min_version\" : \"18.8.0.0\", \"fixed_version\" : \"18.8.6\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-29T14:26:33", "description": "According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.16, 16.x prior to 16.2.9, 17.x prior to 17.12.4, or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities:\n\n - An unspecified vulnerability in the Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch allows an a malicious user to add a range header with a high number of ranges, or with wide ranges that overlap, or both, to cause a denial of service. (CVE-2018-15756)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. (CVE-2018-19360)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. (CVE-2018-19361)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-19T00:00:00", "type": "nessus", "title": "Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15756", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/a:oracle:primavera_gateway"], "id": "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/126828", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126828);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2018-15756\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\"\n );\n script_bugtraq_id(105703, 107985);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nGateway installation running on the remote web server is 15.x prior to \n15.2.16, 16.x prior to 16.2.9, 17.x prior to 17.12.4, or 18.x prior to\n18.8.6. It is, therefore, affected by multiple vulnerabilities:\n\n - An unspecified vulnerability in the Spring Framework,\n version 5.1, versions 5.0.x prior to 5.0.10, versions\n 4.3.x prior to 4.3.20, and older unsupported versions\n on the 4.2.x branch allows an a malicious user to add\n a range header with a high number of ranges, or with\n wide ranges that overlap, or both, to cause a denial\n of service. (CVE-2018-15756)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow\n attackers to have unspecified impact by leveraging\n failure to block the axis2-transport-jms class from\n polymorphic deserialization. (CVE-2018-19360)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow\n attackers to have unspecified impact by leveraging\n failure to block the openjpa class from polymorphic\n deserialization. (CVE-2018-19361)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow\n attackers to have unspecified impact by leveraging\n failure to block the jboss-common-core class from\n polymorphic deserialization. (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixPVA\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?25a1b782\");\n # https://support.oracle.com/rs?type=doc&id=2555549.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b5f18b61\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Gateway version 15.2.16 / 16.2.9 / 17.12.4\n/ 18.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_gateway\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_gateway.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Gateway\");\n script_require_ports(\"Services/www\", 8006);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nget_install_count(app_name:'Oracle Primavera Gateway', exit_if_zero:TRUE);\n\nport = get_http_port(default:8006);\n\napp_info = vcf::get_app_info(app:'Oracle Primavera Gateway', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '15.0.0', 'fixed_version' : '15.2.16' },\n { 'min_version' : '16.0.0', 'fixed_version' : '16.2.9' },\n { 'min_version' : '17.0.0', 'fixed_version' : '17.12.4' },\n { 'min_version' : '18.0.0', 'fixed_version' : '18.8.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:23:00", "description": "Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Debian DSA-4452-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4452.NASL", "href": "https://www.tenable.com/plugins/nessus/125416", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4452. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125416);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2019-12086\");\n script_xref(name:\"DSA\", value:\"4452\");\n\n script_name(english:\"Debian DSA-4452-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were found in jackson-databind, a Java\nlibrary to parse JSON and other data formats which could result in\ninformation disclosure or the execution of arbitrary code.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/jackson-databind\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61134ddf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4452\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.8.6-1+deb9u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-18T14:24:53", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.6 or 17.x prior to 17.12.9.2 or 18.x prior to 18.8.4.1. It is, therefore, affected by multiple vulnerabilities:\n\n - An arbitrary file upload vulnerability exists in Blueimp jQuery-File-Upload. An unauthenticated, remote attacker can exploit this to upload arbitrary files on the remote host subject to the privileges of the user.\n\n - A remote command execution vulnerability exists in jackson-databind due to a failure to block various classes from polymorphic deserialization. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2018-14718, CVE-2018-14719 CVE-2018-14720, CVE-2018-14721)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-01-18T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-9206"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/121251", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121251);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2018-9206\",\n \"CVE-2018-14718\",\n \"CVE-2018-14719\",\n \"CVE-2018-14720\",\n \"CVE-2018-14721\"\n );\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nUnifier installation running on the remote web server is 16.x prior to\n16.2.15.6 or 17.x prior to 17.12.9.2 or 18.x prior to 18.8.4.1. It is, \ntherefore, affected by multiple vulnerabilities:\n\n - An arbitrary file upload vulnerability exists in Blueimp\n jQuery-File-Upload. An unauthenticated, remote attacker \n can exploit this to upload arbitrary files on the remote \n host subject to the privileges of the user.\n\n - A remote command execution vulnerability exists in\n jackson-databind due to a failure to block various\n classes from polymorphic deserialization. An \n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2018-14718, CVE-2018-14719\n CVE-2018-14720, CVE-2018-14721)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Unifier version 16.2.15.6 / 17.12.9.2 / 18.8.4.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9206\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-14721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"jQuery File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'blueimps jQuery (Arbitrary) File Upload');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera Unifier\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera Unifier\", port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"16.1.0.0\", \"fixed_version\" : \"16.2.15.6\" },\n { \"min_version\" : \"17.1.0.0\", \"fixed_version\" : \"17.12.9.2\" },\n { \"min_version\" : \"18.8.0.0\", \"fixed_version\" : \"18.8.4.1\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:27:04", "description": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es) :\n\n* tomcat: host name verification missing in WebSocket client (CVE-2018-8034)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-01-23T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : Red Hat JBoss Web Server 3.1 Service Pack 6 (RHSA-2019:0131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784", "CVE-2018-8034"], "modified": "2021-07-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat-native", "p-cpe:/a:redhat:enterprise_linux:tomcat-native-debuginfo", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsvc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-selinux", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat8", "p-cpe:/a:redhat:enterprise_linux:tomcat8-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat8-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat8-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat8-jsp-2.3-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-jsvc", "p-cpe:/a:redhat:enterprise_linux:tomcat8-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat8-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat8-selinux", "p-cpe:/a:redhat:enterprise_linux:tomcat8-servlet-3.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat8-webapps", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-0131.NASL", "href": "https://www.tenable.com/plugins/nessus/121325", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0131. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121325);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/23\");\n\n script_cve_id(\"CVE-2018-11784\", \"CVE-2018-8034\");\n script_xref(name:\"RHSA\", value:\"2019:0131\");\n\n script_name(english:\"RHEL 6 / 7 : Red Hat JBoss Web Server 3.1 Service Pack 6 (RHSA-2019:0131)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6\nand Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this release as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 5 serves as\na replacement for Red Hat JBoss Web Server 3.1, and includes bug\nfixes, which are documented in the Release Notes document linked to in\nthe References.\n\nSecurity Fix(es) :\n\n* tomcat: host name verification missing in WebSocket client\n(CVE-2018-8034)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-8034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-11784\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-jsp-2.3-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-servlet-3.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat8-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0131\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL7\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat-native-1.2.17-18.redhat_18.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat-native-1.2.17-18.redhat_18.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tomcat-native-debuginfo-1.2.17-18.redhat_18.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat-native-debuginfo-1.2.17-18.redhat_18.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-2.2-api-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsvc-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-selinux-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.70-31.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-admin-webapps-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-docs-webapp-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-el-2.2-api-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-javadoc-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-jsp-2.3-api-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-jsvc-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-lib-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-log4j-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-selinux-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-servlet-3.1-api-8.0.36-35.ep7.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat8-webapps-8.0.36-35.ep7.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"tomcat-native-1.2.17-18.redhat_18.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"tomcat-native-debuginfo-1.2.17-18.redhat_18.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-admin-webapps-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-docs-webapp-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-el-2.2-api-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-javadoc-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-jsp-2.2-api-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-jsvc-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-lib-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-log4j-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-selinux-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-servlet-3.0-api-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-webapps-7.0.70-31.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-admin-webapps-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-docs-webapp-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-el-2.2-api-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-javadoc-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-jsp-2.3-api-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-jsvc-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-lib-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-log4j-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-selinux-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-servlet-3.1-api-8.0.36-35.ep7.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat8-webapps-8.0.36-35.ep7.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat-native / tomcat-native-debuginfo / tomcat7 / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-01T15:42:57", "description": "Payara Releases reports :\n\nThe following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases :\n\n- CVE-2018-14721 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks\n\n- CVE-2018-14720 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct external XML entity (XXE) attacks\n\n- CVE-2018-14719 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code\n\n- CVE-2018-14718 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code\n\n- CVE-2018-14371 Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter", "cvss3": {}, "published": "2020-10-09T00:00:00", "type": "nessus", "title": "FreeBSD : payara -- multiple vulnerabilities (71c71ce0-0805-11eb-a3a4-0019dbb15b3f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14371", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721"], "modified": "2020-10-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:payara", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_71C71CE0080511EBA3A40019DBB15B3F.NASL", "href": "https://www.tenable.com/plugins/nessus/141314", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141314);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/13\");\n\n script_cve_id(\"CVE-2018-14371\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\");\n\n script_name(english:\"FreeBSD : payara -- multiple vulnerabilities (71c71ce0-0805-11eb-a3a4-0019dbb15b3f)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Payara Releases reports :\n\nThe following is a list of tracked Common Vulnerabilities and\nExposures that have been reported and analyzed, which can or have\nimpacted Payara Server across releases :\n\n- CVE-2018-14721 FasterXML jackson-databind 2.x before 2.9.7 might\nallow remote attackers to conduct server-side request forgery (SSRF)\nattacks\n\n- CVE-2018-14720 FasterXML jackson-databind 2.x before 2.9.7 might\nallow remote attackers to conduct external XML entity (XXE) attacks\n\n- CVE-2018-14719 FasterXML jackson-databind 2.x before 2.9.7 might\nallow remote attackers to execute arbitrary code\n\n- CVE-2018-14718 FasterXML jackson-databind 2.x before 2.9.7 might\nallow remote attackers to execute arbitrary code\n\n- CVE-2018-14371 Eclipse Mojarra before 2.3.7 is affected by Directory\nTraversal via the loc parameter\"\n );\n # https://docs.payara.fish/community/docs/5.191/security/security-fix-list.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b352cd35\"\n );\n # https://vuxml.freebsd.org/freebsd/71c71ce0-0805-11eb-a3a4-0019dbb15b3f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08cb8a6b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:payara\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"payara<5.191\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-19T14:46:52", "description": "According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) installation running on the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to 15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x prior to 18.8.8.0. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service vulnerability in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack. An attacker could leverage this vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - A deserialization vulnerability in jackson-databind, a fast and powerful JSON library for Java, allows an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1000031", "CVE-2017-9798", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5407", "CVE-2018-8034", "CVE-2019-2701"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management"], "id": "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124169", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124169);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2017-9798\",\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-8034\",\n \"CVE-2018-11763\",\n \"CVE-2018-11784\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\",\n \"CVE-2019-2701\"\n );\n script_bugtraq_id(\n 93604,\n 100872,\n 104895,\n 105414,\n 105524,\n 105750,\n 105758,\n 105897\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nP6 Enterprise Project Portfolio Management (EPPM) installation running\non the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to\n15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x\nprior to 18.8.8.0. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service vulnerability in the bundled\n third-party component OpenSSL library's DSA signature\n algorithm that renders it vulnerable to a timing side\n channel attack. An attacker could leverage this\n vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - A deserialization vulnerability in jackson-databind, a\n fast and powerful JSON library for Java, allows an\n unauthenticated user to perform code execution. The\n issue was resolved by extending the blacklist and\n blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera P6 Enterprise Project Portfolio Management\n(EPPM) version 8.4.15.10 / 15.2.18.4 / 16.2.17.2 / 17.12.12.0 / 18.8.8.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_p6_eppm.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8004);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8004);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", port:port);\n\nconstraints = [\n { \"min_version\" : \"8.4.0.0\", \"fixed_version\" : \"8.4.15.10\" },\n { \"min_version\" : \"15.1.0.0\", \"fixed_version\" : \"15.2.18.4\" },\n { \"min_version\" : \"16.2.0.0\", \"fixed_version\" : \"16.2.17.2\" },\n { \"min_version\" : \"17.7.0.0\", \"fixed_version\" : \"17.12.12.0\" },\n { \"min_version\" : \"18.0.0.0\", \"fixed_version\" : \"18.8.8.0\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:24:20", "description": "An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.\n\nSecurity Fix(es) :\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-06-19T00:00:00", "type": "nessus", "title": "RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2022-02-01T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections", "p-cpe:/a:redhat:enterprise_linux:apache-commons-lang", "p-cpe:/a:redhat:enterprise_linux:bea-stax-api", "p-cpe:/a:redhat:enterprise_linux:glassfish-fastinfoset", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-api", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-core", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-runtime", "p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-txw2", "p-cpe:/a:redhat:enterprise_linux:jackson-annotations", "p-cpe:/a:redhat:enterprise_linux:pki-servlet-container", "p-cpe:/a:redhat:enterprise_linux:python-nss-debugsource", "p-cpe:/a:redhat:enterprise_linux:python-nss-doc", "p-cpe:/a:redhat:enterprise_linux:jackson-core", "p-cpe:/a:redhat:enterprise_linux:python3-nss", "p-cpe:/a:redhat:enterprise_linux:jackson-databind", "p-cpe:/a:redhat:enterprise_linux:relaxngdatatype", "p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-json-provider", "p-cpe:/a:redhat:enterprise_linux:resteasy", "p-cpe:/a:redhat:enterprise_linux:slf4j", "p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-providers", "p-cpe:/a:redhat:enterprise_linux:slf4j-jdk14", "p-cpe:/a:redhat:enterprise_linux:jackson-module-jaxb-annotations", "p-cpe:/a:redhat:enterprise_linux:stax-ex", "p-cpe:/a:redhat:enterprise_linux:velocity", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient", "p-cpe:/a:redhat:enterprise_linux:xalan-j2", "p-cpe:/a:redhat:enterprise_linux:xerces-j2", "p-cpe:/a:redhat:enterprise_linux:xml-commons-apis", "p-cpe:/a:redhat:enterprise_linux:xml-commons-resolver", "p-cpe:/a:redhat:enterprise_linux:javassist", "p-cpe:/a:redhat:enterprise_linux:xmlstreambuffer", "p-cpe:/a:redhat:enterprise_linux:xsom", "p-cpe:/a:redhat:enterprise_linux:javassist-javadoc", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0", "p-cpe:/a:redhat:enterprise_linux:pki-servlet-4.0-api"], "id": "REDHAT-RHSA-2019-1529.NASL", "href": "https://www.tenable.com/plugins/nessus/126030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1529. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126030);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/01\");\n\n script_cve_id(\n \"CVE-2018-8014\",\n \"CVE-2018-8034\",\n \"CVE-2018-8037\",\n \"CVE-2018-11784\"\n );\n script_xref(name:\"RHSA\", value:\"2019:1529\");\n\n script_name(english:\"RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the pki-deps:10.6 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Public Key Infrastructure (PKI) Deps module contains fundamental\npackages required as dependencies for the pki-core module by Red Hat\nCertificate System.\n\nSecurity Fix(es) :\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user\nsessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable\n'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client\n(CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1529\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-8014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-8034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-8037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-11784\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8014\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bea-stax-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-fastinfoset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glassfish-jaxb-txw2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-providers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:javassist-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pki-servlet-4.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pki-servlet-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-nss-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:relaxngDatatype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slf4j-jdk14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:stax-ex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-commons-apis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-commons-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xmlstreambuffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xsom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/pki-deps');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module pki-deps:10.6');\nif ('10.6' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module pki-deps:' + module_ver);\n\nappstreams = {\n 'pki-deps:10.6': [\n {'reference':'apache-commons-collections-3.2.2-10.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'apache-commons-lang-2.6-21.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'bea-stax-api-1.2.0-16.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'glassfish-fastinfoset-1.2.13-9.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'glassfish-jaxb-api-2.2.12-8.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'glassfish-jaxb-core-2.2.11-11.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'glassfish-jaxb-runtime-2.2.11-11.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'glassfish-jaxb-txw2-2.2.11-11.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-annotations-2.9.8-1.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-core-2.9.8-1.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-databind-2.9.8-1.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-jaxrs-json-provider-2.9.8-1.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-jaxrs-providers-2.9.8-1.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jackson-module-jaxb-annotations-2.7.6-4.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'jakarta-commons-httpclient-3.1-28.module+el8.0.0+3248+9d514f3b', 'release':'8', 'epoch':'1'},\n {'reference':'javassist-3.18.1-8.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'javassist-javadoc-3.18.1-8.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'pki-servlet-4.0-api-9.0.7-14.module+el8.0.0+3248+9d514f3b', 'release':'8', 'epoch':'1'},\n {'reference':'pki-servlet-container-9.0.7-14.module+el8.0.0+3248+9d514f3b', 'release':'8', 'epoch':'1'},\n {'reference':'python-nss-debugsource-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-nss-debugsource-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-nss-debugsource-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python-nss-doc-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python-nss-doc-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'s390x', 'release':'8'},\n {'reference':'python-nss-doc-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python3-nss-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python3-nss-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'s390x', 'release':'8'},\n {'reference':'python3-nss-1.0.1-10.module+el8.0.0+3248+9d514f3b', 'cpu':'x86_64', 'release':'8'},\n {'reference':'relaxngDatatype-2011.1-7.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'resteasy-3.0.26-3.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'slf4j-1.7.25-4.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'slf4j-jdk14-1.7.25-4.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'stax-ex-1.7.7-8.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'velocity-1.7-24.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xalan-j2-2.7.1-38.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xerces-j2-2.11.0-34.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xml-commons-apis-1.4.01-25.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xml-commons-resolver-1.2-26.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xmlstreambuffer-1.5.4-8.module+el8.0.0+3248+9d514f3b', 'release':'8'},\n {'reference':'xsom-0-19.20110809svn.module+el8.0.0+3248+9d514f3b', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module pki-deps:10.6');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache-commons-collections / apache-commons-lang / bea-stax-api / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:12", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1529 advisory.\n\n - tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n - tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n - tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\n - tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : pki-deps:10.6 (CESA-2019:1529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:apache-commons-collections", "p-cpe:/a:centos:centos:apache-commons-lang", "p-cpe:/a:centos:centos:bea-stax-api", "p-cpe:/a:centos:centos:glassfish-fastinfoset", "p-cpe:/a:centos:centos:glassfish-jaxb-api", "p-cpe:/a:centos:centos:glassfish-jaxb-core", "p-cpe:/a:centos:centos:glassfish-jaxb-runtime", "p-cpe:/a:centos:centos:glassfish-jaxb-txw2", "p-cpe:/a:centos:centos:xmlstreambuffer", "p-cpe:/a:centos:centos:jackson-annotations", "p-cpe:/a:centos:centos:xsom", "p-cpe:/a:centos:centos:jackson-core", "p-cpe:/a:centos:centos:jackson-databind", "p-cpe:/a:centos:centos:jackson-jaxrs-json-provider", "p-cpe:/a:centos:centos:jackson-jaxrs-providers", "p-cpe:/a:centos:centos:jackson-module-jaxb-annotations", "p-cpe:/a:centos:centos:jakarta-commons-httpclient", "p-cpe:/a:centos:centos:javassist", "p-cpe:/a:centos:centos:javassist-javadoc", "p-cpe:/a:centos:centos:pki-servlet-4.0-api", "p-cpe:/a:centos:centos:pki-servlet-container", "p-cpe:/a:centos:centos:python-nss-doc", "p-cpe:/a:centos:centos:python3-nss", "p-cpe:/a:centos:centos:relaxngdatatype", "p-cpe:/a:centos:centos:resteasy", "p-cpe:/a:centos:centos:slf4j", "p-cpe:/a:centos:centos:slf4j-jdk14", "p-cpe:/a:centos:centos:stax-ex", "p-cpe:/a:centos:centos:velocity", "p-cpe:/a:centos:centos:xalan-j2", "p-cpe:/a:centos:centos:xerces-j2", "p-cpe:/a:centos:centos:xml-commons-apis", "p-cpe:/a:centos:centos:xml-commons-resolver"], "id": "CENTOS8_RHSA-2019-1529.NASL", "href": "https://www.tenable.com/plugins/nessus/145683", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:1529. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145683);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2018-8014\",\n \"CVE-2018-8034\",\n \"CVE-2018-8037\",\n \"CVE-2018-11784\"\n );\n script_bugtraq_id(\n 104203,\n 104894,\n 104895,\n 105524\n );\n script_xref(name:\"RHSA\", value:\"2019:1529\");\n\n script_name(english:\"CentOS 8 : pki-deps:10.6 (CESA-2019:1529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:1529 advisory.\n\n - tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n - tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n - tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\n - tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up\n (CVE-2018-8037)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1529\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8014\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bea-stax-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glassfish-fastinfoset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glassfish-jaxb-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glassfish-jaxb-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glassfish-jaxb-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glassfish-jaxb-txw2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-jaxrs-providers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:javassist-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pki-servlet-4.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pki-servlet-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-nss-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:relaxngDatatype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slf4j-jdk14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:stax-ex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xml-commons-apis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xml-commons-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xmlstreambuffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xsom\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/pki-deps');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module pki-deps:10.6');\nif ('10.6' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module pki-deps:' + module_ver);\n\nvar appstreams = {\n 'pki-deps:10.6': [\n {'reference':'apache-commons-collections-3.2.2-10.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-collections-3.2.2-10.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-lang-2.6-21.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apache-commons-lang-2.6-21.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bea-stax-api-1.2.0-16.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bea-stax-api-1.2.0-16.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-fastinfoset-1.2.13-9.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-fastinfoset-1.2.13-9.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-api-2.2.12-8.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-api-2.2.12-8.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-core-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-core-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-runtime-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-runtime-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-txw2-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glassfish-jaxb-txw2-2.2.11-11.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-annotations-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-annotations-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-core-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-core-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-databind-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-databind-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-jaxrs-json-provider-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-jaxrs-json-provider-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-jaxrs-providers-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-jaxrs-providers-2.9.8-1.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-module-jaxb-annotations-2.7.6-4.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jackson-module-jaxb-annotations-2.7.6-4.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'jakarta-commons-httpclient-3.1-28.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'jakarta-commons-httpclient-3.1-28.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'javassist-3.18.1-8.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'javassist-3.18.1-8.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'javassist-javadoc-3.18.1-8.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'javassist-javadoc-3.18.1-8.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pki-servlet-4.0-api-9.0.7-14.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'pki-servlet-4.0-api-9.0.7-14.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'pki-servlet-container-9.0.7-14.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'pki-servlet-container-9.0.7-14.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python-nss-doc-1.0.1-10.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nss-doc-1.0.1-10.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-nss-1.0.1-10.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-nss-1.0.1-10.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'relaxngDatatype-2011.1-7.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'relaxngDatatype-2011.1-7.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'resteasy-3.0.26-3.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'resteasy-3.0.26-3.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-1.7.25-4.module_el8.0.0+39+6a9b6e22', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-1.7.25-4.module_el8.0.0+39+6a9b6e22', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-jdk14-1.7.25-4.module_el8.0.0+39+6a9b6e22', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slf4j-jdk14-1.7.25-4.module_el8.0.0+39+6a9b6e22', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'stax-ex-1.7.7-8.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'stax-ex-1.7.7-8.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'velocity-1.7-24.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'velocity-1.7-24.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xalan-j2-2.7.1-38.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xalan-j2-2.7.1-38.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xerces-j2-2.11.0-34.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xerces-j2-2.11.0-34.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xml-commons-apis-1.4.01-25.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xml-commons-apis-1.4.01-25.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xml-commons-resolver-1.2-26.module_el8.0.0+30+832da3a1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xml-commons-resolver-1.2-26.module_el8.0.0+30+832da3a1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xmlstreambuffer-1.5.4-8.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xmlstreambuffer-1.5.4-8.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xsom-0-19.20110809svn.module_el8.0.0+42+51564204', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xsom-0-19.20110809svn.module_el8.0.0+42+51564204', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module pki-deps:10.6');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache-commons-collections / apache-commons-lang / bea-stax-api / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:15", "description": "From Red Hat Security Advisory 2019:1529 :\n\nAn update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.\n\nSecurity Fix(es) :\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2021-07-15T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:xmlstreambuffer", "p-cpe:/a:oracle:linux:xsom", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:apache-commons-collections", "p-cpe:/a:oracle:linux:apache-commons-lang", "p-cpe:/a:oracle:linux:bea-stax-api", "p-cpe:/a:oracle:linux:glassfish-fastinfoset", "p-cpe:/a:oracle:linux:glassfish-jaxb-api", "p-cpe:/a:oracle:linux:glassfish-jaxb-core", "p-cpe:/a:oracle:linux:glassfish-jaxb-runtime", "p-cpe:/a:oracle:linux:glassfish-jaxb-txw2", "p-cpe:/a:oracle:linux:jackson-annotations", "p-cpe:/a:oracle:linux:jackson-core", "p-cpe:/a:oracle:linux:jackson-databind", "p-cpe:/a:oracle:linux:jackson-jaxrs-json-provider", "p-cpe:/a:oracle:linux:jackson-jaxrs-providers", "p-cpe:/a:oracle:linux:jackson-module-jaxb-annotations", "p-cpe:/a:oracle:linux:jakarta-commons-httpclient", "p-cpe:/a:oracle:linux:javassist", "p-cpe:/a:oracle:linux:javassist-javadoc", "p-cpe:/a:oracle:linux:pki-servlet-4.0-api", "p-cpe:/a:oracle:linux:pki-servlet-container", "p-cpe:/a:oracle:linux:python-nss-doc", "p-cpe:/a:oracle:linux:python3-nss", "p-cpe:/a:oracle:linux:relaxngdatatype", "p-cpe:/a:oracle:linux:resteasy", "p-cpe:/a:oracle:linux:slf4j", "p-cpe:/a:oracle:linux:slf4j-jdk14", "p-cpe:/a:oracle:linux:stax-ex", "p-cpe:/a:oracle:linux:velocity", "p-cpe:/a:oracle:linux:xalan-j2", "p-cpe:/a:oracle:linux:xerces-j2", "p-cpe:/a:oracle:linux:xml-commons-apis", "p-cpe:/a:oracle:linux:xml-commons-resolver"], "id": "ORACLELINUX_ELSA-2019-1529.NASL", "href": "https://www.tenable.com/plugins/nessus/127594", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1529 and \n# Oracle Linux Security Advisory ELSA-2019-1529 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127594);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/15\");\n\n script_cve_id(\"CVE-2018-11784\", \"CVE-2018-8014\", \"CVE-2018-8034\", \"CVE-2018-8037\");\n script_xref(name:\"RHSA\", value:\"2019:1529\");\n\n script_name(english:\"Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2019:1529 :\n\nAn update for the pki-deps:10.6 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe Public Key Infrastructure (PKI) Deps module contains fundamental\npackages required as dependencies for the pki-core module by Red Hat\nCertificate System.\n\nSecurity Fix(es) :\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user\nsessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable\n'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client\n(CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/008981.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected pki-deps:10.6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bea-stax-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-fastinfoset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-jaxb-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-jaxb-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-jaxb-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glassfish-jaxb-txw2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-jaxrs-json-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-jaxrs-providers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jackson-module-jaxb-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:javassist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:javassist-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pki-servlet-4.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pki-servlet-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-nss-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:relaxngDatatype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:resteasy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slf4j-jdk14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:stax-ex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:velocity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xalan-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-j2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xml-commons-apis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xml-commons-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xmlstreambuffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xsom\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"apache-commons-collections-3.2.2-10.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"apache-commons-lang-2.6-21.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"bea-stax-api-1.2.0-16.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"glassfish-fastinfoset-1.2.13-9.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"glassfish-jaxb-api-2.2.12-8.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"glassfish-jaxb-core-2.2.11-11.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"glassfish-jaxb-runtime-2.2.11-11.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"glassfish-jaxb-txw2-2.2.11-11.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-annotations-2.9.8-1.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-core-2.9.8-1.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-databind-2.9.8-1.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-jaxrs-json-provider-2.9.8-1.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-jaxrs-providers-2.9.8-1.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jackson-module-jaxb-annotations-2.7.6-4.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-3.1-28.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"javassist-3.18.1-8.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"javassist-javadoc-3.18.1-8.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"pki-servlet-4.0-api-9.0.7-14.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"pki-servlet-container-9.0.7-14.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"python-nss-doc-1.0.1-10.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"python3-nss-1.0.1-10.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"relaxngDatatype-2011.1-7.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"resteasy-3.0.26-3.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"slf4j-1.7.25-4.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"slf4j-jdk14-1.7.25-4.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"stax-ex-1.7.7-8.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"velocity-1.7-24.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xalan-j2-2.7.1-38.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xerces-j2-2.11.0-34.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xml-commons-apis-1.4.01-25.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xml-commons-resolver-1.2-26.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xmlstreambuffer-1.5.4-8.module+el8.0.0+5231+3e842911\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"xsom-0-19.20110809svn.module+el8.0.0+5231+3e842911\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-lang / bea-stax-api / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:02", "description": "Sergey Bobrov discovered that when the default servlet returned a redirect to a directory (e.g. redirecting to /foo/ when the user requested /foo) a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 7.0.56-3+really7.0.91-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-15T00:00:00", "type": "nessus", "title": "Debian DLA-1544-1 : tomcat7 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libservlet3.0-java", "p-cpe:/a:debian:debian_linux:libservlet3.0-java-doc", "p-cpe:/a:debian:debian_linux:libtomcat7-java", "p-cpe:/a:debian:debian_linux:tomcat7", "p-cpe:/a:debian:debian_linux:tomcat7-admin", "p-cpe:/a:debian:debian_linux:tomcat7-common", "p-cpe:/a:debian:debian_linux:tomcat7-docs", "p-cpe:/a:debian:debian_linux:tomcat7-examples", "p-cpe:/a:debian:debian_linux:tomcat7-user", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1544.NASL", "href": "https://www.tenable.com/plugins/nessus/118096", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1544-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118096);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11784\");\n\n script_name(english:\"Debian DLA-1544-1 : tomcat7 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n7.0.56-3+really7.0.91-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/10/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libservlet3.0-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libservlet3.0-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtomcat7-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat7-user\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.0-java-doc\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat7-java\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-admin\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-common\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-docs\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-examples\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat7-user\", reference:\"7.0.56-3+really7.0.91-1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:15:28", "description": "It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-11T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerability (USN-3787-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2023-10-20T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libtomcat7-java", "p-cpe:/a:canonical:ubuntu_linux:libtomcat8-java", "p-cpe:/a:canonical:ubuntu_linux:tomcat7", "p-cpe:/a:canonical:ubuntu_linux:tomcat7-admin", "p-cpe:/a:canonical:ubuntu_linux:tomcat7-common", "p-cpe:/a:canonical:ubuntu_linux:tomcat7-examples", "p-cpe:/a:canonical:ubuntu_linux:tomcat7-user", "p-cpe:/a:canonical:ubuntu_linux:tomcat8", "p-cpe:/a:canonical:ubuntu_linux:tomcat8-admin", "p-cpe:/a:canonical:ubuntu_linux:tomcat8-common", "p-cpe:/a:canonical:ubuntu_linux:tomcat8-examples", "p-cpe:/a:canonical:ubuntu_linux:tomcat8-user", "cpe:/o:canonical:ubuntu_linux:14.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libservlet3.0-java", "p-cpe:/a:canonical:ubuntu_linux:libservlet3.1-java"], "id": "UBUNTU_USN-3787-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118068", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3787-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118068);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\"CVE-2018-11784\");\n script_xref(name:\"USN\", value:\"3787-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerability (USN-3787-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It was discovered that Tomcat incorrectly handled returning redirects\nto a directory. A remote attacker could possibly use this issue with a\nspecially crafted URL to redirect to arbitrary URIs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-3787-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-11784\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtomcat7-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtomcat8-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat7-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat7-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat7-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat7-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat8-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat8-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat8-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tomcat8-user\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libservlet3.0-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libservlet3.1-java\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('14.04' >< os_release || '16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '14.04', 'pkgname': 'libservlet3.0-java', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'libtomcat7-java', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'tomcat7', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'tomcat7-admin', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'tomcat7-common', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'tomcat7-examples', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '14.04', 'pkgname': 'tomcat7-user', 'pkgver': '7.0.52-1ubuntu0.16'},\n {'osver': '16.04', 'pkgname': 'libservlet3.1-java', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'libtomcat8-java', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'tomcat8', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'tomcat8-admin', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'tomcat8-common', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'tomcat8-examples', 'pkgver': '8.0.32-1ubuntu1.8'},\n {'osver': '16.04', 'pkgname': 'tomcat8-user', 'pkgver': '8.0.32-1ubuntu1.8'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libservlet3.0-java / libservlet3.1-java / libtomcat7-java / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:03", "description": "Sergey Bobrov discovered that when the default servlet returned a redirect to a directory (e.g. redirecting to /foo/ when the user requested /foo) a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 8.0.14-1+deb8u14.\n\nWe recommend that you upgrade your tomcat8 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-16T00:00:00", "type": "nessus", "title": "Debian DLA-1545-1 : tomcat8 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libservlet3.1-java", "p-cpe:/a:debian:debian_linux:libservlet3.1-java-doc", "p-cpe:/a:debian:debian_linux:libtomcat8-java", "p-cpe:/a:debian:debian_linux:tomcat8", "p-cpe:/a:debian:debian_linux:tomcat8-admin", "p-cpe:/a:debian:debian_linux:tomcat8-common", "p-cpe:/a:debian:debian_linux:tomcat8-docs", "p-cpe:/a:debian:debian_linux:tomcat8-examples", "p-cpe:/a:debian:debian_linux:tomcat8-user", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1545.NASL", "href": "https://www.tenable.com/plugins/nessus/118119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1545-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118119);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11784\");\n\n script_name(english:\"Debian DLA-1545-1 : tomcat8 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n8.0.14-1+deb8u14.\n\nWe recommend that you upgrade your tomcat8 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/10/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tomcat8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libservlet3.1-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libservlet3.1-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtomcat8-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tomcat8-user\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libservlet3.1-java-doc\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libtomcat8-java\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-admin\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-common\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-docs\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-examples\", reference:\"8.0.14-1+deb8u14\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"tomcat8-user\", reference:\"8.0.14-1+deb8u14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:52", "description": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-03-14T00:00:00", "type": "nessus", "title": "RHEL 7 : tomcat (RHSA-2019:0485)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2021-07-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat", "p-cpe:/a:redhat:enterprise_linux:tomcat-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat-jsvc", "p-cpe:/a:redhat:enterprise_linux:tomcat-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat-webapps", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2019-0485.NASL", "href": "https://www.tenable.com/plugins/nessus/122841", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0485. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122841);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/23\");\n\n script_cve_id(\"CVE-2018-11784\");\n script_xref(name:\"RHSA\", value:\"2019:0485\");\n\n script_name(english:\"RHEL 7 : tomcat (RHSA-2019:0485)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nSecurity Fix(es) :\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-11784\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-jsvc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0485\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-admin-webapps-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-docs-webapp-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-el-2.2-api-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-javadoc-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-jsp-2.2-api-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-jsvc-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-lib-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-servlet-3.0-api-7.0.76-9.el7_6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat-webapps-7.0.76-9.el7_6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat / tomcat-admin-webapps / tomcat-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:22:09", "description": "The version of Apache Tomcat installed on the remote host is version 7.0.41 prior to 7.0.90. It is, therefore, affected by following vulnerability:\n\n - A security misconfiguration vulnerability exists in Apache Tomcat prior to version 7.0.90. Hostname validation was not enabled by default when using TLS with the WebSocket client (CVE-2018-8034)", "cvss3": {}, "published": "2019-05-13T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.41 < 7.0.90 Security Bypass", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8034"], "modified": "2019-05-13T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "700680.PASL", "href": "https://www.tenable.com/plugins/nnm/700680", "sourceData": "Binary data 700680.pasl", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:12", "description": "The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.91. It is, therefore, affected by a open redirect vulnerability.", "cvss3": {}, "published": "2018-10-10T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.0 < 7.0.91 Open Redirect Weakness", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11784"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_7_0_91.NASL", "href": "https://www.tenable.com/plugins/nessus/118035", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118035);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-11784\");\n\n script_name(english:\"Apache Tomcat 7.0.0 < 7.0.91 Open Redirect Weakness\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a open redirect\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Tomcat installed on the remote host is 7.0.x\nprior to 7.0.91. It is, therefore, affected by a open redirect\nvulnerability.\");\n # http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.91\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d16b32d7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 7.0.91 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-11784\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/10\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(min:\"7.0.23\", fixed:\"7.0.91\", severity:SECURITY_WARNING, granularity_regex:\"^7(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2023-12-05T17:13:30", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u5\nCVE ID : CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-14718\n CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360\n CVE-2018-19361 CVE-2018-19362\n\nSeveral deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-03-04T12:13:19", "type": "debian", "title": "[SECURITY] [DLA 1703-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-03-04T12:13:19", "id": "DEBIAN:DLA-1703-1:D506D", "href": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:35:51", "description": "Package : jackson-databind\nVersion : 2.4.2-2+deb8u5\nCVE ID : CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-14718\n CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360\n CVE-2018-19361 CVE-2018-19362\n\nSeveral deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-03-04T12:13:19", "type": "debian", "title": "[SECURITY] [DLA 1703-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2019-03-04T12:13:19", "id": "DEBIAN:DLA-1703-1:8DD2D", "href": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-04T10:40:05", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4452-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 24, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : jackson-databind\nCVE ID : CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-14718 \n CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360 \n CVE-2018-19361 CVE-2018-19362 CVE-2019-12086\n\nMultiple security issues were found in jackson-databind, a Java library\nto parse JSON and other data formats which could result in information\ndisclosure or the execution of arbitrary code.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.8.6-1+deb9u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jackson-databind\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-05-24T21:04:55", "type": "debian", "title": "[SECURITY] [DSA 4452-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086"], "modified": "2019-05-24T21:04:55", "id": "DEBIAN:DSA-4452-1:F65D2", "href": "https://lists.debian.org/debian-security-announce/2019/msg00097.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:49:30", "description": "Package : tomcat8\nVersion : 8.0.14-1+deb8u14\nCVE ID : CVE-2018-11784\n\nSergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n8.0.14-1+deb8u14.\n\nWe recommend that you upgrade your tomcat8 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 4.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-10-15T16:56:28", "type": "debian", "title": "[SECURITY] [DLA 1545-1] tomcat8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2018-10-15T16:56:28", "id": "DEBIAN:DLA-1545-1:FA511", "href": "https://lists.debian.org/debian-lts-announce/2018/10/msg00006.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-22T12:49:32", "description": "Package : tomcat7\nVersion : 7.0.56-3+really7.0.91-1\nCVE ID : CVE-2018-11784\n\nSergey Bobrov discovered that when the default servlet returned a\nredirect to a directory (e.g. redirecting to /foo/ when the user\nrequested /foo) a specially crafted URL could be used to cause the\nredirect to be generated to any URI of the attackers choice.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n7.0.56-3+really7.0.91-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 4.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-10-14T20:43:08", "type": "debian", "title": "[SECURITY] [DLA 1544-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784"], "modified": "2018-10-14T20:43:08", "id": "DEBIAN:DLA-1544-1:E09B2", "href": "https://lists.debian.org/debian-lts-announce/2018/10/msg00005.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-22T13:40:24", "description": "Package : tomcat7\nVersion : 7.0.56-3+really7.0.90-1\nCVE ID : CVE-2018-8034\n\nThe host name verification in Tomcat when using TLS with the WebSocket\nclient was missing. It is now enabled by default.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n7.0.56-3+really7.0.90-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-07-30T01:43:50", "type": "debian", "title": "[SECURITY] [DLA 1453-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8034"], "modified": "2018-07-30T01:43:50", "id": "DEBIAN:DLA-1453-1:CD4E8", "href": "https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-05T19:00:02", "description": "Package : tomcat7\nVersion : 7.0.56-3+really7.0.90-1\nCVE ID : CVE-2018-8034\n\nThe host name verification in Tomcat when using TLS with the WebSocket\nclient was missing. It is now enabled by default.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n7.0.56-3+really7.0.90-1.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-30T01:43:50", "type": "debian", "title": "[SECURITY] [DLA 1453-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8034"], "modified": "2018-07-30T01:43:50", "id": "DEBIAN:DLA-1453-1:5FFE9", "href": "https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2023-12-03T16:50:38", "description": "\n\nPayara Releases reports:\n\nThe following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases:\n\nCVE-2018-14721 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks\nCVE-2018-14720 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct external XML entity (XXE) attacks\nCVE-2018-14719 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code\nCVE-2018-14718 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code\nCVE-2018-14371 Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter\n\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-02-01T00:00:00", "type": "freebsd", "title": "payara -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14371", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721"], "modified": "2019-02-01T00:00:00", "id": "71C71CE0-0805-11EB-A3A4-0019DBB15B3F", "href": "https://vuxml.freebsd.org/freebsd/71c71ce0-0805-11eb-a3a4-0019dbb15b3f.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:25:09", "description": "apache-commons-collections\n[3.2.2-10]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild\n[3.2.2-9]\n- Remove workaround for symlink->directory rpm bug\njackson-bom\n[2.9.8-1]\n- Update to latest upstream release\n[2.9.4-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[2.9.4-1]\n- Update to latest upstream release\n[2.9.3-1]\n- Initial packaging\npki-servlet-container\n[1:9.0.7-14]\n- Update to JWS 5.0.2 distribution\n- Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: host name verification missing in WebSocket client\n- Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins\n- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up\n- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet\nvelocity\n[0:1.7-24]\n- Repack the tarball without binaries\n[0:1.7-23]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild\nxerces-j2\n[2.11.0-34]\n- Fix license tag to include W3C\n[2.11.0-33]\n- Add requirement on javapackages-tools since scripts use\n java-functions.\n[2.11.0-32]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild\nxml-commons-resolver\n[0:1.2-26]\n- Add requirement on javapackages-tools since scripts use\n java-functions.\n[0:1.2-25]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-30T00:00:00", "type": "oraclelinux", "title": "pki-deps:10.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2019-07-30T00:00:00", "id": "ELSA-2019-1529", "href": "http://linux.oracle.com/errata/ELSA-2019-1529.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:52", "description": "[0:7.0.76-9]\n- Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet\n- Resolves: rhbz#1552375 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended expo\nsure of resources\n- Resolves: rhbz#1552374 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised us\ners\n- Resolves: rhbz#1590182 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins\n- Resolves: rhbz#1608609 CVE-2018-8034 tomcat: host name verification missing in WebSocket client\n- Resolves: rhbz#1588703 Backport of Negative maxCookieCount value causes exception for Tomcat\n- Resolves: rhbz#1472950 shutdown_wait option is not working for Tomcat\n- Resolves: rhbz#1455483 Add support for characters < and > to the possible whitelist values", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "tomcat security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-8014", "CVE-2018-8034"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2205", "href": "http://linux.oracle.com/errata/ELSA-2019-2205.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2023-12-03T17:33:22", "description": "An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service (CVE-2018-1336). The defaults settings for the CORS filter are insecure and enable supportsCredentials for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue (CVE-2018-8014). The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default (CVE-2018-8034). When the default servlet returned a redirect to a directory (e.g. redirecting to /foo/ when the user requested /foo) a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice (CVE-2018-11784). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-10T00:20:39", "type": "mageia", "title": "Updated tomcat packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-1336", "CVE-2018-8014", "CVE-2018-8034"], "modified": "2018-12-10T00:20:39", "id": "MGASA-2018-0479", "href": "https://advisories.mageia.org/MGASA-2018-0479.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "almalinux": [{"lastseen": "2023-12-03T17:28:39", "description": "The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System.\n\nSecurity Fix(es):\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-18T16:36:21", "type": "almalinux", "title": "Important: pki-deps:10.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2019-06-18T16:36:09", "id": "ALSA-2019:1529", "href": "https://errata.almalinux.org/8/ALSA-2019-1529.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "rocky": [{"lastseen": "2023-12-03T17:28:36", "description": "An update is available for glassfish-jaxb-api, glassfish-fastinfoset, xalan-j2, xmlstreambuffer, apache-commons-lang, jackson-module-jaxb-annotations, apache-commons-collections, javassist, python-nss, bea-stax, velocity, xml-commons-apis, resteasy, xsom, slf4j, stax-ex, xerces-j2, jakarta-commons-httpclient, glassfish-jaxb, xml-commons-resolver, relaxngDatatype.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System.\n\nSecurity Fix(es):\n\n* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)\n\n* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)\n\n* tomcat: Open redirect in default servlet (CVE-2018-11784)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-18T16:36:21", "type": "rocky", "title": "pki-deps:10.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "modified": "2019-06-18T16:36:21", "id": "RLSA-2019:1529", "href": "https://errata.rockylinux.org/RLSA-2019:1529", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T02:26:39", "description": "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.", "cvss3": {"cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}}, "published": "2018-12-20T17:29:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000873"], "modified": "2021-01-19T15:41:00", "id": "PRION:CVE-2018-1000873", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-1000873", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T02:34:29", "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2019-01-02T18:29:00", "type": "prion", "title": "Deserialization of untrusted data", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14720"], "modified": "2020-08-31T14:15:00", "id": "PRION:CVE-2018-14720", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-14720", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:34:28", "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2019-01-02T18:29:00", "type": "prion", "title": "Deserialization of untrusted data", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14719"], "modified": "2023-09-13T14:22:00", "id": "PRION:CVE-2018-14719", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-14719", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:34:28", "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 6.0}, "published": "2019-01-02T18:29:00", "type": "prion", "title": "Deserialization of untrusted data", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14721"], "modified": "2020-08-31T14:15:00", "id": "PRION:CVE-2018-14721", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-14721", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:13:30", "description": "Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via multiple protocols to compromise Core RDBMS (jackson-databind). Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Core RDBMS (jackson-databind). CVSS 3.0 Base Score 5.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-10-16T18:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": fa