Lucene search
K

205 matches found

NCSC
NCSC
added 2021/10/20 12:0 a.m.6 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following Communications Applications products: Communications Billing and Revenue Management Communications MetaSolv Solution Communications Offline Mediation Controller Communications Design Studio Communications Calendar Server Communications Messaging...

9.8CVSS7.1AI score0.75353EPSS
Exploits11
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.5 views

The vulnerability in the web interface of the BroadWorks Messaging Server allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability in the web interface of the BroadWorks Messaging Server is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...

5.5CVSS7.1AI score0.01115EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/05/07 12:0 a.m.5 views

Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability

Cisco BroadWorks Messaging Server is a database server from the American company Cisco Cisco. An XML external entity injection vulnerability exists in Cisco BroadWorks Messaging Server version 22.0. The vulnerability stems from the program not properly handling XML External Entity XXE entries whe...

7.1CVSS6.9AI score0.01115EPSS
Exploits0References1
OSV
OSV
added 2021/05/06 1:15 p.m.1 views

CVE-2021-1530

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service DoS condition on an affected system. This vulnerability is due to improper handlin...

7.1CVSS5.8AI score0.01115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/05/06 12:51 p.m.10 views

CVE-2021-1530 Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service DoS condition on an affected system. This vulnerability is due to improper handlin...

5.4CVSS6.7AI score0.01115EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/06 12:51 p.m.15 views

CVE-2021-1530 Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service DoS condition on an affected system. This vulnerability is due to improper handlin...

5.4CVSS7AI score0.01115EPSS
Exploits0References1
CVE
CVE
added 2021/05/06 12:51 p.m.40 views

CVE-2021-1530

CVE-2021-1530 – Cisco BroadWorks Messaging Server XML External Entity (XXE) Injection . Affects Cisco BroadWorks Messaging Server Software; vulnerability arises from improper handling of XXE in XML parsing. An authenticated, remote attacker could retrieve local files or cause a partial DoS. Publi...

7.1CVSS6AI score0.01115EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2021/05/05 4:0 p.m.59 views

Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service DoS condition on an affected system. This vulnerability is due to improper handlin...

5.4CVSS1.1AI score0.01115EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.4 views

Cisco BroadWorks Messaging Server 代码问题漏洞

Cisco BroadWorks Messaging Server is a database server from the American company Cisco Cisco. An XML external entity injection vulnerability exists in Cisco BroadWorks Messaging Server version 22.0. The vulnerability stems from the program not properly handling XML External Entity XXE entries whe...

7.1CVSS5.8AI score0.01115EPSS
Exploits0References4
NCSC
NCSC
added 2020/10/23 12:0 a.m.5 views

Vulnerabilities fixed in Oracle Communications-producton

Oracle has fixed vulnerabilities in Communications Messaging Server. The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...

5.5CVSS7.2AI score0.0255EPSS
Exploits0
NVD
NVD
added 2018/07/18 1:29 p.m.18 views

CVE-2018-2936

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications subcomponent: Web Client. The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS5.4AI score0.01416EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.2 views

CVE-2018-2936

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications subcomponent: Web Client. The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS7.3AI score
Exploits0References3
Prion
Prion
added 2018/07/18 1:29 p.m.21 views

Buffer overflow

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications subcomponent: Web Client. The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.8CVSS5.7AI score0.01416EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/07/18 1:0 p.m.7 views

CVE-2018-2936

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications subcomponent: Web Client. The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.2AI score0.01416EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/18 1:0 p.m.14 views

CVE-2018-2936

Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications subcomponent: Web Client. The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.8AI score0.01416EPSS
Exploits0References3
CVE
CVE
added 2018/07/18 1:0 p.m.41 views

CVE-2018-2936

CVE-2018-2936 affects Oracle Communications Messaging Server (subcomponent: Web Client) in Oracle Communications Applications, with version 3.x affected. The root cause is a vulnerability in the Web Client subcomponent that allows unauthenticated attackers over HTTP to compromising data confident...

6.1CVSS5.6AI score0.01416EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.22 views

Solaris 10 (x86) : 137205-31

Messaging Server 64bit 7.0.5.31.0x86: core patch. Date this patch was last updated by Sun : Jun/03/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...

3.5CVSS6.7AI score0.01369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.19 views

Solaris 10 (sparc) : 137204-31

Messaging Server 64bit 7.0.5.31.0: core patch. Date this patch was last updated by Sun : Jun/02/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

3.5CVSS6.7AI score0.01369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.20 views

Solaris 10 (x86) : 137205-36

Messaging Server 64bit 7.0.5.36.0x86: core patch. Date this patch was last updated by Sun : Oct/31/15 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; ...

3.5CVSS6.7AI score0.01369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.22 views

Solaris 10 (sparc) : 137204-38

Messaging Server 64bit 7.0.5.38.0: core patch. Date this patch was last updated by Sun : Dec/10/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

3.5CVSS6.7AI score0.01369EPSS
Exploits0References2
Rows per page
Query Builder