Communications Billing And Revenue Management Elastic Charging Engine Security Vulnerabilities and Issues — Communications Billing And Revenue Management Elastic Charging Engine CVE List

Lucene search

OracleCommunications Billing And Revenue Management Elastic Charging Engine

3 matches found

CVE•added 2019/08/20 9:15 p.m.•891 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00262EPSS

CVE•added 2019/11/08 3:15 p.m.•260 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01412EPSS

CVE•added 2019/07/23 1:15 p.m.•193 views

CVE-2019-10173

It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regr...

9.8CVSS9.5AI score0.92946EPSS