Lucene search

[email protected]NVD:CVE-2019-10219

HistoryNov 08, 2019 - 3:15 p.m.

CVE-2019-10219

2019-11-0815:15:11

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

61.4%

JSON

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

Affected configurations

Nvd

Node

redhathibernate_validatorRange<6.0.18

redhathibernate_validatorMatch6.1.0alpha1

redhathibernate_validatorMatch6.1.0alpha2

redhathibernate_validatorMatch6.1.0alpha3

redhathibernate_validatorMatch6.1.0alpha4

redhathibernate_validatorMatch6.1.0alpha5

redhathibernate_validatorMatch6.1.0alpha6

Node

redhatfuseMatch1.0

redhatjboss_data_gridMatch-text-only

redhatjboss_enterprise_application_platformMatch-text-only

redhatopenshift_application_runtimesMatch-text-only

redhatsingle_sign-onMatch-text-only

Node

redhatjboss_enterprise_application_platformMatch7.2

redhatjboss_enterprise_application_platformMatch7.3

AND

redhatenterprise_linuxMatch6.0

Node

netappactive_iq_unified_managerMatch-linux

netappactive_iq_unified_managerMatch-vmware_vsphere

netappactive_iq_unified_managerMatch-windows

netappmanagement_services_for_element_software_and_netapp_hciMatch-

netappsnapcenter_plug-inMatch-vmware_vsphere

netappelementMatch-vcenter_server

Node

oracleaccess_managerMatch11.1.2.3.0

oracleaccess_managerMatch12.2.1.3.0

oracleaccess_managerMatch12.2.1.4.0

oracleagile_engineering_data_managementMatch6.2.1.0

oracleagile_plmMatch9.3.3

oracleagile_plmMatch9.3.6

oracleagile_product_lifecycle_analyticsMatch3.6.1

oracleagile_product_lifecycle_management_integration_packMatch3.6e-business_suite

oracleairlines_data_modelMatch12.1.1.0.0

oracleairlines_data_modelMatch12.2.0.1.0

oracleapplication_expressMatch21.1.4

oracleapplication_performance_managementMatch13.4.1.0

oracleapplication_performance_managementMatch13.5.1.0

oracleapplication_testing_suiteMatch13.3.0.1

oracleargus_analyticsMatch8.2.1

oracleargus_analyticsMatch8.2.2

oracleargus_analyticsMatch8.2.3

oracleargus_analyticsMatch8.21

oracleargus_insightMatch8.2.1

oracleargus_insightMatch8.2.2

oracleargus_insightMatch8.2.3

oracleargus_safetyMatch8.2.1

oracleargus_safetyMatch8.2.2

oracleargus_safetyMatch8.2.3

oraclebanking_apisMatch18.1

oraclebanking_apisMatch18.2

oraclebanking_apisMatch18.3

oraclebanking_apisMatch19.1

oraclebanking_apisMatch19.2

oraclebanking_apisMatch20.1

oraclebanking_apisMatch21.1

oraclebanking_deposits_and_lines_of_credit_servicingMatch2.12.0

oraclebanking_digital_experienceMatch17.2

oraclebanking_digital_experienceMatch18.1

oraclebanking_digital_experienceMatch18.3

oraclebanking_digital_experienceMatch19.1

oraclebanking_digital_experienceMatch19.2

oraclebanking_digital_experienceMatch20.1

oraclebanking_digital_experienceMatch21.1

oraclebanking_enterprise_default_managementMatch2.6.2

oraclebanking_enterprise_default_managementMatch2.7.0

oraclebanking_enterprise_default_managementMatch2.7.1

oraclebanking_enterprise_default_managementMatch2.10.0

oraclebanking_enterprise_default_managementMatch2.12.0

oraclebanking_enterprise_default_managmentRange2.3.0–2.4.0

oraclebanking_loans_servicingMatch2.12.0

oraclebanking_party_managementMatch2.7.0

oraclebanking_platformRange2.3.0–2.4.1

oraclebanking_platformMatch2.6.2

oraclebanking_platformMatch2.7.0

oraclebanking_platformMatch2.7.1

oraclebi_publisherMatch5.5.0.0.0

oraclebi_publisherMatch11.1.1.9.0

oraclebi_publisherMatch12.2.1.3.0

oraclebi_publisherMatch12.2.1.4.0

oraclebig_data_spatial_and_graphMatch23.1

oraclebusiness_activity_monitoringMatch12.2.1.4.0

oraclebusiness_intelligenceMatch5.5.0.0.0enterprise

oraclebusiness_intelligenceMatch5.9.0.0.0enterprise

oraclebusiness_intelligenceMatch12.2.1.3.0enterprise

oraclebusiness_intelligenceMatch12.2.1.4.0enterprise

oraclebusiness_process_management_suiteMatch12.2.1.3.0

oraclebusiness_process_management_suiteMatch12.2.1.4.0

oracleclinicalMatch5.2.1

oracleclinicalMatch5.2.2

oraclecommerce_guided_searchMatch11.3.2

oraclecommerce_platformRange11.3.0–11.3.2

oraclecommunications_application_session_controllerMatch3.9.0

oraclecommunications_billing_and_revenue_managementMatch12.0.0.3

oraclecommunications_billing_and_revenue_managementMatch12.0.0.4

oraclecommunications_billing_and_revenue_management_elastic_charging_engineMatch11.3

oraclecommunications_billing_and_revenue_management_elastic_charging_engineMatch12.0

oraclecommunications_calendar_serverMatch8.0.0.5.0

oraclecommunications_calendar_serverMatch8.0.0.6.0

oraclecommunications_cloud_native_core_automated_test_suiteMatch1.8.0

oraclecommunications_cloud_native_core_binding_support_functionMatch1.9.0

oraclecommunications_cloud_native_core_binding_support_functionMatch1.10.0

oraclecommunications_cloud_native_core_consoleMatch1.7.0

oraclecommunications_cloud_native_core_network_function_cloud_native_environmentMatch1.9.0

oraclecommunications_cloud_native_core_network_repository_functionMatch1.14.0

oraclecommunications_cloud_native_core_policyMatch1.14.0

oraclecommunications_cloud_native_core_security_edge_protection_proxyMatch1.5.0

oraclecommunications_cloud_native_core_security_edge_protection_proxyMatch1.6.0

oraclecommunications_cloud_native_core_security_edge_protection_proxyMatch1.15.0

oraclecommunications_cloud_native_core_service_communication_proxyMatch1.14.0

oraclecommunications_cloud_native_core_unified_data_repositoryMatch1.14.0

oraclecommunications_contacts_serverMatch8.0.0.3.0

oraclecommunications_converged_application_server_-_service_controllerMatch6.2

oraclecommunications_convergenceMatch3.0.2.2.0

oraclecommunications_convergent_charging_controllerRange12.0.1.0.0–12.0.4.0.0

oraclecommunications_convergent_charging_controllerMatch6.0.1.0.0

oraclecommunications_data_modelMatch11.3.2.1.0

oraclecommunications_data_modelMatch11.3.2.2.0

oraclecommunications_data_modelMatch11.3.2.3.0

oraclecommunications_data_modelMatch12.1.0.1.0

oraclecommunications_data_modelMatch12.1.2.0.0

oraclecommunications_design_studioMatch7.3.4

oraclecommunications_design_studioMatch7.3.5

oraclecommunications_design_studioMatch7.4.0

oraclecommunications_design_studioMatch7.4.1

oraclecommunications_design_studioMatch7.4.2

oraclecommunications_diameter_signaling_routeRange8.0.0.0–8.5.1.0

oraclecommunications_eagle_application_processorRange16.1–16.4

oraclecommunications_instant_messaging_serverMatch10.0.1.5.0

oraclecommunications_interactive_session_recorderMatch6.3

oraclecommunications_interactive_session_recorderMatch6.4

oraclecommunications_messaging_serverMatch8.1

oraclecommunications_metasolv_solutionMatch6.3.1

oraclecommunications_network_charging_and_controlRange12.0.1.0.0–12.0.4.0.0

oraclecommunications_network_charging_and_controlMatch6.0.1.0.0

oraclecommunications_network_integrityMatch7.3.5

oraclecommunications_network_integrityMatch7.3.6

oraclecommunications_offline_mediation_controllerMatch12.0.0.3

oraclecommunications_operations_monitorMatch3.4

oraclecommunications_operations_monitorMatch4.2

oraclecommunications_operations_monitorMatch4.3

oraclecommunications_operations_monitorMatch4.4

oraclecommunications_operations_monitorMatch5.0

oraclecommunications_pricing_design_centerMatch12.0.0.3.0

oraclecommunications_pricing_design_centerMatch12.0.0.4.0

oraclecommunications_service_brokerMatch6.2

oraclecommunications_services_gatekeeperMatch7.0

oraclecommunications_session_border_controllerMatch8.2

oraclecommunications_session_border_controllerMatch8.3

oraclecommunications_session_border_controllerMatch8.4

oraclecommunications_session_border_controllerMatch9.0

oraclecommunications_unified_inventory_managementMatch7.3.0

oraclecommunications_unified_inventory_managementMatch7.3.4

oraclecommunications_unified_inventory_managementMatch7.3.5

oraclecommunications_unified_inventory_managementMatch7.4.0

oraclecommunications_unified_inventory_managementMatch7.4.1

oraclecommunications_unified_inventory_managementMatch7.4.2

oraclecommunications_unified_inventory_managementMatch7.5.0

oraclecommunications_webrtc_session_controllerMatch7.2.0

oraclecommunications_webrtc_session_controllerMatch7.2.1

oracledata_integratorMatch12.2.1.3.0

oracledata_integratorMatch12.2.1.4.0

oracledatabase_serverMatch12.1.0.1

oracledatabase_serverMatch12.1.0.2

oracledatabase_serverMatch19c

oracledatabase_serverMatch21c

oracledemantra_demand_managementRange12.2.6–12.2.11

oracledocumakerRange12.6.0–12.6.4

oraclee-business_suiteRange12.2.3–12.2.11

oracleenterprise_communications_brokerMatch3.3

oracleenterprise_data_qualityMatch12.2.1.3.0

oracleenterprise_data_qualityMatch12.2.1.4.0

oracleenterprise_manager_base_platformMatch13.4.0.0

oracleenterprise_manager_base_platformMatch13.5.0.0

oracleenterprise_manager_ops_centerMatch12.4.0.0

oracleenterprise_session_border_controllerMatch8.4

oracleenterprise_session_border_controllerMatch9.0

oracleessbaseRange<11.1.2.4.47

oracleessbaseRange21.0–21.3

oracleessbaseMatch11.1.2.4.47

oracleessbase_administration_servicesRange<11.1.2.4.47

oracleessbase_administration_servicesMatch11.1.2.4.47

oraclefinancial_services_analytical_applications_infrastructureRange8.0.7–8.1.1

oraclefinancial_services_analytical_applications_infrastructureMatch7.3.3

oraclefinancial_services_behavior_detection_platformMatch8.0.7

oraclefinancial_services_behavior_detection_platformMatch8.0.8

oraclefinancial_services_behavior_detection_platformMatch8.0.11

oraclefinancial_services_enterprise_case_managementMatch8.0.7

oraclefinancial_services_enterprise_case_managementMatch8.0.8

oraclefinancial_services_enterprise_case_managementMatch8.0.11

oraclefinancial_services_foreign_account_tax_compliance_act_managementMatch8.0.7

oraclefinancial_services_foreign_account_tax_compliance_act_managementMatch8.0.8

oraclefinancial_services_foreign_account_tax_compliance_act_managementMatch8.0.11

oraclefinancial_services_model_management_and_governanceRange8.0.8–8.1.1

oraclefinancial_services_trade-based_anti_money_launderingMatch8.0.7enterprise

oraclefinancial_services_trade-based_anti_money_launderingMatch8.0.8enterprise

oracleflexcube_investor_servicingMatch12.0.4

oracleflexcube_investor_servicingMatch12.1.0

oracleflexcube_investor_servicingMatch12.3.0

oracleflexcube_investor_servicingMatch12.4.0

oracleflexcube_investor_servicingMatch14.4.0

oracleflexcube_investor_servicingMatch14.5.0

oracleflexcube_private_bankingMatch12.0.0

oracleflexcube_private_bankingMatch12.1.0

oraclefusion_middlewareMatch12.2.1.3.0

oraclefusion_middlewareMatch12.2.1.4.0

oraclefusion_middleware_mapviewerMatch12.2.1.4.0

oraclegoldengateRange<12.3.0.1

oraclegoldengateRange19.0.0–19.1.0.0.220118

oraclegoldengateRange21.0.0–21.5.0.0.220118

oraclegoldengate_application_adaptersMatch19.1.0.0.0

oraclegraalvmMatch20.3.4enterprise

oraclegraalvmMatch21.3.0enterprise

oraclegraph_server_and_clientRange<21.4

oraclehealth_sciences_clinical_development_analyticsMatch4.0.1

oraclehealth_sciences_inform_crf_submitMatch6.2.1

oraclehealth_sciences_information_managerMatch3.0.2

oraclehealth_sciences_information_managerMatch3.0.3

oraclehealthcare_data_repositoryMatch7.0.2

oraclehealthcare_data_repositoryMatch8.1.0

oraclehealthcare_data_repositoryMatch8.1.1

oraclehealthcare_foundationRange7.3.0.0–7.3.0.2

oraclehealthcare_foundationRange8.0.0–8.0.2

oraclehealthcare_foundationMatch8.1.0

oraclehealthcare_foundationMatch8.1.1

oraclehealthcare_translational_researchMatch4.1.0

oraclehospitality_cruise_shipboard_property_management_systemMatch20.1.0

oraclehospitality_opera_5_property_servicesMatch5.6

oraclehospitality_reporting_and_analyticsMatch9.1.0

oraclehospitality_suite8Match8.10.2

oraclehospitality_suite8Match8.11.0

oraclehospitality_suite8Match8.12.0

oraclehospitality_suite8Match8.13.0

oraclehospitality_suite8Match8.14.0

oraclehttp_serverMatch12.2.1.3.0

oraclehttp_serverMatch12.2.1.4.0

oraclehyperion_financial_managementMatch11.1.2.4

oraclehyperion_financial_managementMatch11.2.6.0

oraclehyperion_ilearningMatch6.2

oraclehyperion_ilearningMatch6.3

oraclehyperion_infrastructure_technologyMatch11.2.7.0

oracleinstantis_enterprisetrackMatch17.1

oracleinstantis_enterprisetrackMatch17.2

oracleinstantis_enterprisetrackMatch17.3

oracleinsurance_data_gatewayMatch11.0.2

oracleinsurance_data_gatewayMatch11.1.0

oracleinsurance_data_gatewayMatch11.2.7

oracleinsurance_data_gatewayMatch11.3.0

oracleinsurance_data_gatewayMatch11.3.1

oracleinsurance_insbridge_rating_and_underwritingRange5.4.0–5.6.0

oracleinsurance_insbridge_rating_and_underwritingMatch5.2.0

oracleinsurance_policy_administrationMatch11.0.2

oracleinsurance_policy_administrationMatch11.1.0

oracleinsurance_policy_administrationMatch11.2.7

oracleinsurance_policy_administrationMatch11.3.0

oracleinsurance_policy_administrationMatch11.3.1

oracleinsurance_policy_administration_j2eeRange11.1.0–11.3.0

oracleinsurance_policy_administration_j2eeMatch10.2.0

oracleinsurance_policy_administration_j2eeMatch10.2.4

oracleinsurance_policy_administration_j2eeMatch11.0.2

oracleinsurance_rules_paletteRange11.1.0–11.3.0

oracleinsurance_rules_paletteMatch10.2.0

oracleinsurance_rules_paletteMatch10.2.4

oracleinsurance_rules_paletteMatch11.0.2

oracleinsurance_rules_paletteMatch11.3.1

oraclejava_seMatch7u321

oraclejava_seMatch8u311

oraclejava_seMatch17.1

oraclejd_edwards_enterpriseone_orchestratorRange<9.2.6.1

oraclejdkMatch11.0.13

oraclemanaged_file_transferMatch12.2.1.3.0

oraclemanaged_file_transferMatch12.2.1.4.0

oraclemysql_clusterRange<7.4.34

oraclemysql_clusterRange7.5.0–7.5.24

oraclemysql_clusterRange7.6.0–7.6.20

oraclemysql_clusterRange8.0.0–8.0.27

oraclemysql_connectorsRange<8.0.27

oraclemysql_connectorsMatch8.0.27

oraclemysql_serverRange<5.7.36

oraclemysql_serverRange8.0.0–8.0.27

oraclemysql_serverMatch5.7.36

oraclemysql_workbenchRange<8.0.27

oraclenosql_databaseRange<21.1.12

oracleoss_support_toolsRange<2.12.42

oraclepeoplesoft_enterprise_cs_sa_integration_packMatch9.0

oraclepeoplesoft_enterprise_cs_sa_integration_packMatch9.2

oraclepeoplesoft_enterprise_people_toolsMatch8.57

oraclepeoplesoft_enterprise_people_toolsMatch8.58

oraclepeoplesoft_enterprise_people_toolsMatch8.59

oraclepeoplesoft_enterprise_peopletoolsMatch8.57

oraclepeoplesoft_enterprise_peopletoolsMatch8.58

oraclepolicy_automationRange12.2.0–12.2.24

oraclepolicy_automationMatch10.4.7

oracleprimavera_analyticsMatch18.8.3.3

oracleprimavera_analyticsMatch19.12.11.1

oracleprimavera_analyticsMatch20.12.12.0

oracleprimavera_data_warehouseMatch18.8.3.3

oracleprimavera_data_warehouseMatch19.12.11.1

oracleprimavera_data_warehouseMatch20.12.12.0

oracleprimavera_gatewayRange17.12.0–17.12.11

oracleprimavera_gatewayRange18.8.0–18.8.13

oracleprimavera_gatewayRange19.12.0–19.12.12

oracleprimavera_gatewayRange20.12.0–20.12.7

oracleprimavera_gatewayMatch21.12.0

oracleprimavera_p6_enterprise_project_portfolio_managementRange17.12.0.0–17.12.0.0-17.12.20.0

oracleprimavera_p6_enterprise_project_portfolio_managementRange18.8.0.0–18.8.24.0

oracleprimavera_p6_enterprise_project_portfolio_managementRange19.12.0.0–19.12.18.0

oracleprimavera_p6_enterprise_project_portfolio_managementRange20.12.0.0–20.12.12.0

oracleprimavera_p6_enterprise_project_portfolio_managementMatch21.12.0.0

oracleprimavera_p6_professional_project_managementRange17.12.0.0–17.12.20.0

oracleprimavera_p6_professional_project_managementRange18.8.0.0–18.8.24.0

oracleprimavera_p6_professional_project_managementRange19.12.0.0–19.12.17.0

oracleprimavera_p6_professional_project_managementRange20.12.0.0–20.12.9.0

oracleprimavera_portfolio_managementRange18.0.0.0–18.0.3.0

oracleprimavera_portfolio_managementRange19.0.0.0–19.0.1.2

oracleprimavera_portfolio_managementMatch20.0.0.0

oracleprimavera_portfolio_managementMatch20.0.0.1

oracleprimavera_unifierRange17.7–17.12

oracleprimavera_unifierMatch18.8

oracleprimavera_unifierMatch19.12

oracleprimavera_unifierMatch20.12

oracleprimavera_unifierMatch21.12

oraclerapid_planningRange12.2.6–12.2.11

oraclereal-time_decision_serverMatch3.2.0.0

oraclereal_user_experience_insightMatch13.4.1.0

oraclereal_user_experience_insightMatch13.5.1.0

oraclerest_data_servicesMatch21.2.4-

oracleretail_allocationMatch14.1.3.2

oracleretail_allocationMatch15.0.3.1

oracleretail_allocationMatch16.0.3

oracleretail_allocationMatch19.0.1

oracleretail_analyticsRange16.0.0–16.0.2

oracleretail_assortment_planningMatch16.0.3

oracleretail_back_officeMatch14.1

oracleretail_central_officeMatch14.1

oracleretail_customer_insightsRange16.0.0–16.0.2

oracleretail_customer_management_and_segmentation_foundationRange16.0–19.0

oracleretail_eftlinkMatch16.0.3

oracleretail_eftlinkMatch17.0.2

oracleretail_eftlinkMatch18.0.1

oracleretail_eftlinkMatch19.0.1

oracleretail_eftlinkMatch20.0.1

oracleretail_extract_transform_and_loadMatch13.2.8

oracleretail_financial_integrationMatch14.1.3.2

oracleretail_financial_integrationMatch15.0.3.1

oracleretail_financial_integrationMatch16.0.3

oracleretail_financial_integrationMatch19.0.1

oracleretail_fiscal_managementMatch14.2

oracleretail_integration_busRange16.0.1–16.0.3

oracleretail_integration_busMatch13.0

oracleretail_integration_busMatch14.1.3.0

oracleretail_integration_busMatch14.1.3.2

oracleretail_integration_busMatch15.0.3.1

oracleretail_integration_busMatch19.0.0

oracleretail_integration_busMatch19.0.1

oracleretail_invoice_matchingMatch15.0.3

oracleretail_invoice_matchingMatch16.0.3

oracleretail_merchandising_systemMatch19.0.1

oracleretail_order_brokerMatch16.0

oracleretail_order_brokerMatch18.0

oracleretail_order_brokerMatch19.1

oracleretail_order_management_systemMatch19.5

oracleretail_point-of-saleMatch14.1

oracleretail_predictive_application_serverMatch14.1.3

oracleretail_predictive_application_serverMatch14.1.3.46

oracleretail_predictive_application_serverMatch15.0.3

oracleretail_predictive_application_serverMatch15.0.3.115

oracleretail_predictive_application_serverMatch16.0.3

oracleretail_predictive_application_serverMatch16.0.3.240

oracleretail_price_managementMatch13.2

oracleretail_price_managementMatch14.0.4

oracleretail_price_managementMatch14.1

oracleretail_price_managementMatch14.1.3

oracleretail_price_managementMatch15.0

oracleretail_price_managementMatch15.0.3

oracleretail_price_managementMatch16.0

oracleretail_price_managementMatch16.0.3

oracleretail_returns_managementMatch14.1

oracleretail_service_backboneRange16.0.1–16.0.3

oracleretail_service_backboneMatch14.1.3.0

oracleretail_service_backboneMatch14.1.3.2

oracleretail_service_backboneMatch15.0.3.1

oracleretail_service_backboneMatch19.0.0

oracleretail_service_backboneMatch19.0.1

oracleretail_size_profile_optimizationMatch16.0.3

oracleretail_xstore_point_of_serviceMatch17.0.4

oracleretail_xstore_point_of_serviceMatch18.0.3

oracleretail_xstore_point_of_serviceMatch19.0.2

oracleretail_xstore_point_of_serviceMatch20.0.1

oraclesd-wan_awareMatch8.2

oraclesd-wan_edgeMatch9.0

oraclesd-wan_edgeMatch9.1

oraclesecure_backupMatch18.1.0.1.0

oraclesiebel_applicationsRange<21.12

oraclespatial_studioMatch21.2.1

oraclethesaurus_management_systemMatch5.2.3

oraclethesaurus_management_systemMatch5.3.0

oraclethesaurus_management_systemMatch5.3.1

oracletimesten_in-memory_databaseRange<11.2.2.8.27

oracletimesten_in-memory_databaseRange21.0.0–21.1.1.1.0

oracleutilities_frameworkRange4.3.0.1.0–4.3.0.6.0

oracleutilities_frameworkMatch4.2.0.2.0

oracleutilities_frameworkMatch4.2.0.3.0

oracleutilities_frameworkMatch4.4.0.0.0

oracleutilities_frameworkMatch4.4.0.2.0

oracleutilities_frameworkMatch4.4.0.3.0

oracleutilities_testing_acceleratorMatch6.0.0.1.1

oracleutilities_testing_acceleratorMatch6.0.0.2.2

oracleutilities_testing_acceleratorMatch6.0.0.3.1

oraclevm_virtualboxRange<6.1.32

oraclewebcenter_portalMatch12.2.1.3.0

oraclewebcenter_portalMatch12.2.1.4.0

oracleweblogic_serverMatch12.1.3.0.0

oracleweblogic_serverMatch12.2.1.3.0

oracleweblogic_serverMatch12.2.1.4.0

oracleweblogic_serverMatch14.1.1.0.0

oraclezfs_storage_appliance_kitMatch8.8

oraclezfs_storage_application_integration_engineering_softwareMatch1.3.3

oraclecommunications_messaging_serverMatch8.1

oraclesolarisMatch10

oraclesolarisMatch11

Node

oraclefujitsu_m10-1_firmwareMatch-

AND

oraclefujitsu_m10-1Match-

Node

oraclefujitsu_m10-4_firmwareMatch-

AND

oraclefujitsu_m10-4Match-

Node

oraclefujitsu_m10-4s_firmwareMatch-

AND

oraclefujitsu_m10-4sMatch-

Node

oraclefujitsu_m12-1_firmwareMatch-

AND

oraclefujitsu_m12-1Match-

Node

oraclefujitsu_m12-2_firmwareMatch-

AND

oraclefujitsu_m12-2Match-

Node

oraclefujitsu_m12-2s_firmwareMatch-

AND

oraclefujitsu_m12-2sMatch-

References

access.redhat.com/errata/RHSA-2020:0159

access.redhat.com/errata/RHSA-2020:0160

access.redhat.com/errata/RHSA-2020:0161

access.redhat.com/errata/RHSA-2020:0164

access.redhat.com/errata/RHSA-2020:0445

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219

lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E

lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E

lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E

lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E

lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E

lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E

security.netapp.com/advisory/ntap-20220210-0024/

www.oracle.com/security-alerts/cpujan2022.html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

61.4%

JSON

Related for NVD:CVE-2019-10219

osv2 ibm5 ubuntucve1 cve1 veracode1 debiancve1 redhatcve1 github1 prion1 cvelist1 nessus6 redhat9 photon1 oracle1