Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.57 views

Oracle WebCenter Portal (July 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Portal Core Apache SOAP. The supported version that i...

9.8CVSS6.2AI score0.02251EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2022/11/14 7:0 p.m.6 views

com.blazemeter:jmeter-plugins-directory-listing (>=0.2 <=0.3), com.blazemeter:jmeter-plugins-random-csv-data-set (>=0.6 <=0.8) +134 more potentially affected by CVE-2022-45378 via soap:soap (>=2.3 <=2.3.1)

soap:soap MAVEN version =2.3, =0.2, =0.6, =0.3, =1.0.0, =0.0.0, =0.0.0, =1.3.1-2.6, =1.4, =1.0.0-2.13, =1.1.0, =1.0.0, =1.1.3 and more Source cves: CVE-2022-45378 Source advisory: OSV:GHSA-789V-H9HW-38PG...

9.8CVSS6.9AI score0.02251EPSS
Exploits0
CVE
CVE
added 2022/11/14 12:0 a.m.158 views

CVE-2022-45378

Oracle WebCenter Portal versions affected include 12.2.1.4.0, where the Portal Core component (Apache SOAP) is vulnerable due to a default unauthenticated RPCRouterServlet. This could allow an attacker to invoke methods on classpath entries and, depending on available classes, may lead to arbitra...

9.8CVSS9.7AI score0.02251EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/14 12:0 a.m.27 views

CVE-2022-45378 Apache SOAP allows unauthenticated users to potentially invoke arbitrary code

In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the classpath that meet certain criteria. Depending on what classes are available on the classpath this might even lead to arbitrary...

7.7AI score0.02251EPSS
Exploits0References2
Rows per page
Query Builder