Glassfish Server Open Source Edition 3.1 2.2 Vulnerability

{"id": "GLASSFISH_CPU_OCT_2018.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)", "description": "According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, therefore, affected by multiple vulnerabilities:\n\n - A vulnerability could allow an Attacker with unauthenticated network access to compromise Oracle GlassFish Server. A successful attack would allow the access to critical data including creation, deletion or modification on the remote server. This attack requires human interaction. (CVE-2018-2911)\n - An unauthenticated attacker with Network access can compromise Oracle GlassFish Server. An attacker who successfully exploited the vulnerability could cause a hang or a complete DOS of Oracle GlassFish Server. (CVE-2018-3152)\n - An unauthenticated attacker with network access could compromise Oracle GlassFish Server. An attacker who successfully exploited the vulnerability could have read access to Oracle GlassFish Server information. (CVE-2018-3210)", "published": "2018-12-11T00:00:00", "modified": "2019-11-01T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 8.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"}, "href": "https://www.tenable.com/plugins/nessus/119559", "reporter": "This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3210", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3152", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2911", "http://www.nessus.org/u?705136d8", "http://www.nessus.org/u?28d119b1"], "cvelist": ["CVE-2018-2911", "CVE-2018-3152", "CVE-2018-3210"], "immutableFields": [], "lastseen": "2021-10-16T13:10:36", "viewCount": 104, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-3210", "CVE-2018-3152", "CVE-2018-2911"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310810747"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296"]}], "modified": "2021-10-16T13:10:36", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-10-16T13:10:36", "rev": 2}, "vulnersScore": 6.3}, "pluginID": "119559", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119559);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\"CVE-2018-2911\", \"CVE-2018-3152\", \"CVE-2018-3210\");\n script_bugtraq_id(105618);\n\n script_name(english:\"Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)\");\n script_summary(english:\"Checks the version of Oracle GlassFish\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle GlassFish Server\nrunning on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, \ntherefore, affected by multiple vulnerabilities:\n\n - A vulnerability could allow an Attacker with unauthenticated \n network access to compromise Oracle GlassFish Server. A successful \n attack would allow the access to critical data including\n creation, deletion or modification on the remote server. This \n attack requires human interaction. (CVE-2018-2911)\n - An unauthenticated attacker with Network access can compromise \n Oracle GlassFish Server. An attacker who successfully exploited \n the vulnerability could cause a hang or a complete DOS of Oracle \n GlassFish Server. (CVE-2018-3152)\n - An unauthenticated attacker with network access could compromise \n Oracle GlassFish Server. An attacker who successfully exploited \n the vulnerability could have read access to Oracle GlassFish \n Server information. (CVE-2018-3210)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?705136d8\");\n # https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?_afrLoop=542144881266123&parent=DOCUMENT&patchId=28648149\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?28d119b1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle GlassFish Server version 3.1.2.19 or later as\nreferenced in the October 2018 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2911\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:glassfish_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"glassfish_detect.nasl\");\n script_require_keys(\"www/glassfish\");\n\n exit(0);\n}\n\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('audit.inc');\ninclude('glassfish.inc');\n\n# Check for GlassFish\nget_kb_item_or_exit('www/glassfish');\n\nport = get_glassfish_port(default:8080);\n\n# Get the version number out of the KB.\nver = get_kb_item_or_exit('www/' + port + '/glassfish/version');\nbanner = get_kb_item_or_exit(\"www/\" + port + '/glassfish/source');\npristine = get_kb_item_or_exit('www/' + port + '/glassfish/version/pristine');\n\n\nif (ver =~ \"^3\\.1\\.2\")\n{\n min = '3.1.2';\n fix = '3.1.2.19';\n}\n\nif (!empty_or_null(ver) && ver_compare(minver:min, ver:ver, fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + pristine +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'Oracle GlassFish', port, pristine);\n", "naslFamily": "Web Servers", "cpe": ["cpe:/a:oracle:glassfish_server"], "solution": "Upgrade to Oracle GlassFish Server version 3.1.2.19 or later as referenced in the October 2018 Oracle Critical Patch Update advisory.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2018-2911", "vpr": {"risk factor": "Medium", "score": "5.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2018-10-16T00:00:00", "vulnerabilityPublicationDate": "2018-10-16T00:00:00", "exploitableWith": []}

{"cve": [{"id": "CVE-2018-3210", "bulletinFamily": "NVD", "title": "CVE-2018-3210", "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "published": "2018-10-17T01:31:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "reporter": "secalert_us@oracle.com", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "cvelist": ["CVE-2018-3210"], "type": "cve", "lastseen": "2021-04-23T00:24:25", "history": [{"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-3210"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-10-04T12:26:21", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2019-10-04T12:26:21", "rev": 2, "value": 5.2, "vector": "NONE"}}, "hash": "76958647a738760eed17a85ce1cca3c7c70232421a73789884fe59b15dab49e3", "hashmap": [{"hash": "30e7bf9f2da092badcc6d7cf574abf14", "key": "href"}, {"hash": "e16f4f16e8bac7dbeb77027eda346b94", "key": "cvelist"}, {"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d28e3333d9b46ea710979e04a91ac101", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "214fd9539707c226936766c6d009abf0", "key": "description"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "4f40e6c535565bb6610e0c6aae4b86e8", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "id": "CVE-2018-3210", "lastseen": "2019-10-04T12:26:21", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3210", "type": "cve", "viewCount": 4}, "differentElements": ["affectedSoftware"], "edition": 2, "lastseen": "2019-10-04T12:26:21"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-3210"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T06:52:37", "references": [{"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"], "type": "oracle"}], "rev": 2}, "score": {"modified": "2021-02-02T06:52:37", "rev": 2, "value": 5.2, "vector": "NONE"}}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "hash": "fd33c5ca7b8980990308240de6dadbf691fda15f16c7d517521a5319493977c1", "hashmap": [{"hash": "30e7bf9f2da092badcc6d7cf574abf14", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "e16f4f16e8bac7dbeb77027eda346b94", "key": "cvelist"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "d28e3333d9b46ea710979e04a91ac101", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "214fd9539707c226936766c6d009abf0", "key": "description"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5d561ff58a55180d19db0303f5274f6a", "key": "extraReferences"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "4f40e6c535565bb6610e0c6aae4b86e8", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "id": "CVE-2018-3210", "immutableFields": [], "lastseen": "2021-02-02T06:52:37", "modified": "2019-10-03T00:03:00", "objectVersion": "1.5", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3210", "type": "cve", "viewCount": 6}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T06:52:37"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-3210"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-10-03T13:20:20", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-10-03T13:20:20", "rev": 2, "value": 5.2, "vector": "NONE"}}, "extraReferences": [], "hash": "0cfbfef758839a4ea98e6d6232dd85a3bfcb34ea837e3a6620fcca0c17fded88", "hashmap": [{"hash": "30e7bf9f2da092badcc6d7cf574abf14", "key": "href"}, {"hash": "e16f4f16e8bac7dbeb77027eda346b94", "key": "cvelist"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "d28e3333d9b46ea710979e04a91ac101", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "214fd9539707c226936766c6d009abf0", "key": "description"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "4f40e6c535565bb6610e0c6aae4b86e8", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "id": "CVE-2018-3210", "lastseen": "2020-10-03T13:20:20", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3210", "type": "cve", "viewCount": 5}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-10-03T13:20:20"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2018-3210"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-09-21T14:29:04", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-09-21T14:29:04", "rev": 2, "value": 5.2, "vector": "NONE"}}, "hash": "d46f9c0a368d83ab00a15b86d648b1d7c8d5547e6072a236facbfcf4bf256ec3", "hashmap": [{"hash": "30e7bf9f2da092badcc6d7cf574abf14", "key": "href"}, {"hash": "e16f4f16e8bac7dbeb77027eda346b94", "key": "cvelist"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "d28e3333d9b46ea710979e04a91ac101", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "214fd9539707c226936766c6d009abf0", "key": "description"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "4f40e6c535565bb6610e0c6aae4b86e8", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "id": "CVE-2018-3210", "lastseen": "2020-09-21T14:29:04", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3210", "type": "cve", "viewCount": 4}, "differentElements": ["cpeConfiguration"], "edition": 3, "lastseen": "2020-09-21T14:29:04"}, {"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-3210"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cwe": ["CWE-284"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:20:05", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-05-29T18:20:05", "value": 5.2, "vector": "NONE"}}, "hash": "25598cf019af7758856a2b6c58d17793ea8e96ac125cae9925692bdcff36b8af", "hashmap": [{"hash": "30e7bf9f2da092badcc6d7cf574abf14", "key": "href"}, {"hash": "e16f4f16e8bac7dbeb77027eda346b94", "key": "cvelist"}, {"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d28e3333d9b46ea710979e04a91ac101", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "214fd9539707c226936766c6d009abf0", "key": "description"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "a3c2211550708236e98f8aab9026b6be", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "bf65bed5ef164b420c3766cd1a3b85a5", "key": "cwe"}, {"hash": "4f40e6c535565bb6610e0c6aae4b86e8", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3210", "id": "CVE-2018-3210", "lastseen": "2019-05-29T18:20:05", "modified": "2018-10-22T15:31:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3210", "type": "cve", "viewCount": 0}, "differentElements": ["modified", "cwe"], "edition": 1, "lastseen": "2019-05-29T18:20:05"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "180f61bc54bc3d1de18fec0ed14780f0"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "701901c50ecea57fd9534fa1838e928c"}, {"key": "cpe23", "hash": "e55dd4c14f8d718b383eb32bdd2e58d1"}, {"key": "cpeConfiguration", "hash": "b6935156ad78e51afdc8149652940b14"}, {"key": "cvelist", "hash": "e16f4f16e8bac7dbeb77027eda346b94"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "f30109dfdbfbf783c0b61792a6b2c20a"}, {"key": "cvss3", "hash": "d28e3333d9b46ea710979e04a91ac101"}, {"key": "cwe", "hash": "d370d473ba1bd1721d669ef98e2aeebb"}, {"key": "description", "hash": "214fd9539707c226936766c6d009abf0"}, {"key": "extraReferences", "hash": "5d561ff58a55180d19db0303f5274f6a"}, {"key": "href", "hash": "30e7bf9f2da092badcc6d7cf574abf14"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1f0cc7832f07ee78350b613e89af69f8"}, {"key": "published", "hash": "8b76f0cc063c695ab3b7aacb754e9442"}, {"key": "references", "hash": "d1ef457f194efe2fc2aba0c77aa94dec"}, {"key": "reporter", "hash": "ef960757fcde90ea5312e2f1f6726585"}, {"key": "title", "hash": "4f40e6c535565bb6610e0c6aae4b86e8"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "269676d6df0fd9aeee1f33e619f04f5d2a657c75e4ba233fc47d0623e0abcc39", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["GLASSFISH_CPU_OCT_2018.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"]}], "modified": "2021-04-23T00:24:25", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-04-23T00:24:25", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "immutableFields": []}, {"id": "CVE-2018-2911", "bulletinFamily": "NVD", "title": "CVE-2018-2911", "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "published": "2018-10-17T01:31:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "reporter": "secalert_us@oracle.com", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "cvelist": ["CVE-2018-2911"], "type": "cve", "lastseen": "2021-04-23T00:24:24", "history": [{"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-2911"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-10-04T12:26:21", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2019-10-04T12:26:21", "rev": 2, "value": 6.5, "vector": "NONE"}}, "hash": "43ecd3db176e4c4203d3571d6390cf6007531aeefa88c789932c882fe71935ec", "hashmap": [{"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "a4acc1633d763efffd8daef3b0e1c2f7", "key": "cvss3"}, {"hash": "9cb124a91685a4cb5153e4008d9f8cb1", "key": "description"}, {"hash": "dc2a6646a2f5efcb5edb4da6086230f6", "key": "href"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "254ac181b7f98b0b9db4aabc03cc33ed", "key": "cvelist"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "ed680418e7920255a42996cf5fef98da", "key": "cvss2"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "2ab2579c405c04812059106c89f2a82a", "key": "title"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "id": "CVE-2018-2911", "lastseen": "2019-10-04T12:26:21", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-2911", "type": "cve", "viewCount": 4}, "differentElements": ["affectedSoftware"], "edition": 2, "lastseen": "2019-10-04T12:26:21"}, {"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-2911"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cwe": ["CWE-284"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:20:05", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}]}, "score": {"modified": "2019-05-29T18:20:05", "value": 6.5, "vector": "NONE"}}, "hash": "8f4a5b90dd3a0e17d5385bbc6e6185ae85a352f22cf99475ddc8a87d76446688", "hashmap": [{"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "a4acc1633d763efffd8daef3b0e1c2f7", "key": "cvss3"}, {"hash": "9cb124a91685a4cb5153e4008d9f8cb1", "key": "description"}, {"hash": "dc2a6646a2f5efcb5edb4da6086230f6", "key": "href"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "254ac181b7f98b0b9db4aabc03cc33ed", "key": "cvelist"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "ed680418e7920255a42996cf5fef98da", "key": "cvss2"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "29da633f7790c3f8b2bd61919e909d5a", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "bf65bed5ef164b420c3766cd1a3b85a5", "key": "cwe"}, {"hash": "2ab2579c405c04812059106c89f2a82a", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "id": "CVE-2018-2911", "lastseen": "2019-05-29T18:20:05", "modified": "2018-10-22T16:02:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-2911", "type": "cve", "viewCount": 1}, "differentElements": ["modified", "cwe"], "edition": 1, "lastseen": "2019-05-29T18:20:05"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-2911"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-10-03T13:20:20", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-10-03T13:20:20", "rev": 2, "value": 6.5, "vector": "NONE"}}, "extraReferences": [], "hash": "5b677b277bc09c4cea7fea01f2c6c5ff898ddeb726a4f9a8f09f3acc211cc2ed", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "a4acc1633d763efffd8daef3b0e1c2f7", "key": "cvss3"}, {"hash": "9cb124a91685a4cb5153e4008d9f8cb1", "key": "description"}, {"hash": "dc2a6646a2f5efcb5edb4da6086230f6", "key": "href"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "254ac181b7f98b0b9db4aabc03cc33ed", "key": "cvelist"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "ed680418e7920255a42996cf5fef98da", "key": "cvss2"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "2ab2579c405c04812059106c89f2a82a", "key": "title"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "id": "CVE-2018-2911", "lastseen": "2020-10-03T13:20:20", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-2911", "type": "cve", "viewCount": 7}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-10-03T13:20:20"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-2911"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T06:52:36", "references": [{"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}, {"idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"], "type": "oracle"}], "rev": 2}, "score": {"modified": "2021-02-02T06:52:36", "rev": 2, "value": 6.5, "vector": "NONE"}}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "hash": "7aed201377c08abce38502655ed36a1992e9e2e63029f048fc291165a0faa13a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "a4acc1633d763efffd8daef3b0e1c2f7", "key": "cvss3"}, {"hash": "9cb124a91685a4cb5153e4008d9f8cb1", "key": "description"}, {"hash": "dc2a6646a2f5efcb5edb4da6086230f6", "key": "href"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "254ac181b7f98b0b9db4aabc03cc33ed", "key": "cvelist"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "ed680418e7920255a42996cf5fef98da", "key": "cvss2"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5d561ff58a55180d19db0303f5274f6a", "key": "extraReferences"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "2ab2579c405c04812059106c89f2a82a", "key": "title"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "id": "CVE-2018-2911", "immutableFields": [], "lastseen": "2021-02-02T06:52:36", "modified": "2019-10-03T00:03:00", "objectVersion": "1.5", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-2911", "type": "cve", "viewCount": 8}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T06:52:36"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2018-2911"], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GlassFish Server accessible data as well as unauthorized access to critical data or complete access to all Oracle GlassFish Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L).", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-09-21T14:29:04", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-09-21T14:29:04", "rev": 2, "value": 6.5, "vector": "NONE"}}, "hash": "32b94e4174ad681c1b5f9baa2721de5e8df93cac18cc80138b7aa01124382156", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "a4acc1633d763efffd8daef3b0e1c2f7", "key": "cvss3"}, {"hash": "9cb124a91685a4cb5153e4008d9f8cb1", "key": "description"}, {"hash": "dc2a6646a2f5efcb5edb4da6086230f6", "key": "href"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "254ac181b7f98b0b9db4aabc03cc33ed", "key": "cvelist"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "4cac367be6dd8242802053610be9dee6", "key": "cvss"}, {"hash": "ed680418e7920255a42996cf5fef98da", "key": "cvss2"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "2ab2579c405c04812059106c89f2a82a", "key": "title"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2911", "id": "CVE-2018-2911", "lastseen": "2020-09-21T14:29:04", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-2911", "type": "cve", "viewCount": 4}, "differentElements": ["cpeConfiguration"], "edition": 3, "lastseen": "2020-09-21T14:29:04"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "180f61bc54bc3d1de18fec0ed14780f0"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "701901c50ecea57fd9534fa1838e928c"}, {"key": "cpe23", "hash": "e55dd4c14f8d718b383eb32bdd2e58d1"}, {"key": "cpeConfiguration", "hash": "b6935156ad78e51afdc8149652940b14"}, {"key": "cvelist", "hash": "254ac181b7f98b0b9db4aabc03cc33ed"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "cvss2", "hash": "ed680418e7920255a42996cf5fef98da"}, {"key": "cvss3", "hash": "a4acc1633d763efffd8daef3b0e1c2f7"}, {"key": "cwe", "hash": "d370d473ba1bd1721d669ef98e2aeebb"}, {"key": "description", "hash": "9cb124a91685a4cb5153e4008d9f8cb1"}, {"key": "extraReferences", "hash": "5d561ff58a55180d19db0303f5274f6a"}, {"key": "href", "hash": "dc2a6646a2f5efcb5edb4da6086230f6"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1f0cc7832f07ee78350b613e89af69f8"}, {"key": "published", "hash": "8b76f0cc063c695ab3b7aacb754e9442"}, {"key": "references", "hash": "d1ef457f194efe2fc2aba0c77aa94dec"}, {"key": "reporter", "hash": "ef960757fcde90ea5312e2f1f6726585"}, {"key": "title", "hash": "2ab2579c405c04812059106c89f2a82a"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "fa48a2463c8c74db3ca3b44e7c7b3e18d0fb4af411e94b1b44b80931e6d29c71", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["GLASSFISH_CPU_OCT_2018.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310810747"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"]}], "modified": "2021-04-23T00:24:24", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2021-04-23T00:24:24", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.5}, "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "immutableFields": []}, {"id": "CVE-2018-3152", "bulletinFamily": "NVD", "title": "CVE-2018-3152", "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "published": "2018-10-17T01:31:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "reporter": "secalert_us@oracle.com", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "cvelist": ["CVE-2018-3152"], "type": "cve", "lastseen": "2021-04-23T00:24:25", "history": [{"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-3152"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["CWE-284"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:20:05", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}]}, "score": {"modified": "2019-05-29T18:20:05", "value": 5.1, "vector": "NONE"}}, "hash": "19f2f1058d2d97bb4efac66b2a9a000a3eb1fbd17712d88a16c6ccf1f21eba1f", "hashmap": [{"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "39419d47e1c1e7af7fccf478645414d2", "key": "cvelist"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "475dcad24e25fed8c1b94e72f0aaadb0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "19ed5e63dc9d224a6191dcefd13f8de0", "key": "modified"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "652e10d4c6dda5446586ce84a3523b13", "key": "description"}, {"hash": "bf65bed5ef164b420c3766cd1a3b85a5", "key": "cwe"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "3c6c55f63b0cbc2fdb89a73d756ad5be", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "id": "CVE-2018-3152", "lastseen": "2019-05-29T18:20:05", "modified": "2018-10-22T15:51:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3152", "type": "cve", "viewCount": 1}, "differentElements": ["modified", "cwe"], "edition": 1, "lastseen": "2019-05-29T18:20:05"}, {"bulletin": {"affectedSoftware": [{"name": "oracle glassfish_server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2018-3152"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-10-04T12:26:21", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2019-10-04T12:26:21", "rev": 2, "value": 5.1, "vector": "NONE"}}, "hash": "ea19d88ef63b1fb1e138a6cf4b21c773d1c5beef8cb77b87b1dcd3dc9009d13c", "hashmap": [{"hash": "f709eac3a5babf4fd87e3a90248f2dda", "key": "affectedSoftware"}, {"hash": "39419d47e1c1e7af7fccf478645414d2", "key": "cvelist"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "475dcad24e25fed8c1b94e72f0aaadb0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "652e10d4c6dda5446586ce84a3523b13", "key": "description"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "3c6c55f63b0cbc2fdb89a73d756ad5be", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "id": "CVE-2018-3152", "lastseen": "2019-10-04T12:26:21", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3152", "type": "cve", "viewCount": 5}, "differentElements": ["affectedSoftware"], "edition": 2, "lastseen": "2019-10-04T12:26:21"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2018-3152"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-09-21T14:29:04", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-09-21T14:29:04", "rev": 2, "value": 5.1, "vector": "NONE"}}, "hash": "44f12c0bbb53db6354dc817ff61efc0c62c2dbfe8952d1aae5bf1d5af943a670", "hashmap": [{"hash": "39419d47e1c1e7af7fccf478645414d2", "key": "cvelist"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "475dcad24e25fed8c1b94e72f0aaadb0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "652e10d4c6dda5446586ce84a3523b13", "key": "description"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "3c6c55f63b0cbc2fdb89a73d756ad5be", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "id": "CVE-2018-3152", "lastseen": "2020-09-21T14:29:04", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3152", "type": "cve", "viewCount": 5}, "differentElements": ["cpeConfiguration"], "edition": 3, "lastseen": "2020-09-21T14:29:04"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-3152"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-10-03T13:20:20", "references": [{"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-10-03T13:20:20", "rev": 2, "value": 5.1, "vector": "NONE"}}, "extraReferences": [], "hash": "0c855535db9dd008036315df485abb94c670541c5745726a3a02e26206344bcf", "hashmap": [{"hash": "39419d47e1c1e7af7fccf478645414d2", "key": "cvelist"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "475dcad24e25fed8c1b94e72f0aaadb0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "652e10d4c6dda5446586ce84a3523b13", "key": "description"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "3c6c55f63b0cbc2fdb89a73d756ad5be", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "id": "CVE-2018-3152", "lastseen": "2020-10-03T13:20:20", "modified": "2019-10-03T00:03:00", "objectVersion": "1.3", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3152", "type": "cve", "viewCount": 6}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-10-03T13:20:20"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2018-3152"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cwe": ["NVD-CWE-noinfo"], "description": "Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GlassFish Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T06:52:36", "references": [{"idList": ["GLASSFISH_CPU_OCT_2018.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310810747"], "type": "openvas"}, {"idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"], "type": "oracle"}], "rev": 2}, "score": {"modified": "2021-02-02T06:52:36", "rev": 2, "value": 5.1, "vector": "NONE"}}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "hash": "ce60763bd6e6ae1e97bde865a55fd7164e5517a223afe46ff28183d87b2e11c0", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "39419d47e1c1e7af7fccf478645414d2", "key": "cvelist"}, {"hash": "b5cef30da83f9b368c6b3bb523042642", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8b76f0cc063c695ab3b7aacb754e9442", "key": "published"}, {"hash": "180f61bc54bc3d1de18fec0ed14780f0", "key": "affectedSoftware"}, {"hash": "e55dd4c14f8d718b383eb32bdd2e58d1", "key": "cpe23"}, {"hash": "59cef0b89c1ee4989503ee2a6ed0e6ee", "key": "cpeConfiguration"}, {"hash": "d1ef457f194efe2fc2aba0c77aa94dec", "key": "references"}, {"hash": "475dcad24e25fed8c1b94e72f0aaadb0", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "85fc9715d07b57d9e72056856b007c7b", "key": "cvss2"}, {"hash": "d370d473ba1bd1721d669ef98e2aeebb", "key": "cwe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5d561ff58a55180d19db0303f5274f6a", "key": "extraReferences"}, {"hash": "701901c50ecea57fd9534fa1838e928c", "key": "cpe"}, {"hash": "652e10d4c6dda5446586ce84a3523b13", "key": "description"}, {"hash": "41b62a8aa1ee5c40897717cadc30784a", "key": "cvss"}, {"hash": "1f0cc7832f07ee78350b613e89af69f8", "key": "modified"}, {"hash": "3c6c55f63b0cbc2fdb89a73d756ad5be", "key": "title"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3152", "id": "CVE-2018-3152", "immutableFields": [], "lastseen": "2021-02-02T06:52:36", "modified": "2019-10-03T00:03:00", "objectVersion": "1.5", "published": "2018-10-17T01:31:00", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "http://www.securityfocus.com/bid/105618"], "reporter": "cve@mitre.org", "title": "CVE-2018-3152", "type": "cve", "viewCount": 7}, "different_elements": ["reporter", "cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T06:52:36"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "180f61bc54bc3d1de18fec0ed14780f0"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "701901c50ecea57fd9534fa1838e928c"}, {"key": "cpe23", "hash": "e55dd4c14f8d718b383eb32bdd2e58d1"}, {"key": "cpeConfiguration", "hash": "b6935156ad78e51afdc8149652940b14"}, {"key": "cvelist", "hash": "39419d47e1c1e7af7fccf478645414d2"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "b5cef30da83f9b368c6b3bb523042642"}, {"key": "cwe", "hash": "d370d473ba1bd1721d669ef98e2aeebb"}, {"key": "description", "hash": "652e10d4c6dda5446586ce84a3523b13"}, {"key": "extraReferences", "hash": "5d561ff58a55180d19db0303f5274f6a"}, {"key": "href", "hash": "475dcad24e25fed8c1b94e72f0aaadb0"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1f0cc7832f07ee78350b613e89af69f8"}, {"key": "published", "hash": "8b76f0cc063c695ab3b7aacb754e9442"}, {"key": "references", "hash": "d1ef457f194efe2fc2aba0c77aa94dec"}, {"key": "reporter", "hash": "ef960757fcde90ea5312e2f1f6726585"}, {"key": "title", "hash": "3c6c55f63b0cbc2fdb89a73d756ad5be"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "70ea7f6f8a1cf29aaa637c7e2712a1f8525ed306ea7e39a19de978a35b62ec79", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["GLASSFISH_CPU_OCT_2018.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310810747"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018"]}], "modified": "2021-04-23T00:24:25", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-04-23T00:24:25", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:oracle:glassfish_server:3.1.2"], "affectedSoftware": [{"cpeName": "oracle:glassfish_server", "name": "oracle glassfish server", "operator": "eq", "version": "3.1.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "cpe23": ["cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-noinfo"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "105618", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105618"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}], "immutableFields": []}], "openvas": [{"id": "OPENVAS:1361412562310810747", "hash": "8881d2cd29f6ff157ba957a7a63b720c", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server Multiple Security Vulnerabilities", "description": "This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.", "published": "2017-04-19T00:00:00", "modified": "2019-07-05T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2018-2911", "CVE-2017-10400", "CVE-2018-3152", "CVE-2016-3092", "CVE-2017-3626"], "lastseen": "2019-07-17T14:19:16", "history": [{"bulletin": {"id": "OPENVAS:1361412562310810747", "hash": "f3d5161c21e451e35ccda0ed3291f6f2fac2b32a5632a4852636a88c1c3bf5f6", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server Multiple Security Vulnerabilities", "description": "This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.", "published": "2017-04-19T00:00:00", "modified": "2019-05-17T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW", "http://www.oracle.com/", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2018-2911", "CVE-2017-10400", "CVE-2018-3152", "CVE-2016-3092", "CVE-2017-3626"], "lastseen": "2019-05-29T18:34:00", "history": [], "viewCount": 16, "enchantments": {"dependencies": {"modified": "2019-05-29T18:34:00", "references": [{"idList": ["ATLASSIAN:JRASERVER-61885", "ATLASSIAN:JRA-61885", "ATLASSIAN:BSERV-8977"], "type": "atlassian"}, {"idList": ["CBCEEB49-3BC7-11E6-8E82-002590263BF5", "61B8C359-4AAB-11E6-A7BD-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["ALAS-2016-736"], "type": "amazon"}, {"idList": ["RHSA-2016:2072", "RHSA-2016:2808", "RHSA-2016:2599", "RHSA-2017:0456", "RHSA-2016:2070", "RHSA-2016:2071", "RHSA-2017:0457", "RHSA-2016:2068", "RHSA-2016:2069", "RHSA-2016:2807"], "type": "redhat"}, {"idList": ["ELSA-2017-2247", "ELSA-2016-2599"], "type": "oraclelinux"}, {"idList": ["CFOUNDRY:1DFE9585B9C1AAABE38F2402F4352EFD"], "type": "cloudfoundry"}, {"idList": ["CVE-2018-2911", "CVE-2017-10400", "CVE-2018-3152", "CVE-2016-3092", "CVE-2017-3626"], "type": "cve"}, {"idList": ["CESA-2016:2599"], "type": "centos"}, {"idList": ["OPENVAS:1361412562310808197", "OPENVAS:1361412562310703614", "OPENVAS:1361412562310808618", "OPENVAS:1361412562310120725", "OPENVAS:1361412562310809211", "OPENVAS:703611", "OPENVAS:1361412562310842824", "OPENVAS:703614", "OPENVAS:1361412562310871961", "OPENVAS:1361412562310703611"], "type": "openvas"}, {"idList": ["GLSA-201705-09"], "type": "gentoo"}, {"idList": ["GLASSFISH_CPU_OCT_2017.NASL", "REDHAT-RHSA-2016-2072.NASL", "GLASSFISH_CPU_OCT_2018.NASL", "UBUNTU_USN-3027-1.NASL", "TOMCAT_7_0_70.NASL", "FREEBSD_PKG_61B8C3594AAB11E6A7BD14DAE9D210B8.NASL", "FEDORA_2016-0A4DCCDD23.NASL", "FEDORA_2016-2B0C16FD82.NASL", "FREEBSD_PKG_CBCEEB493BC711E68E82002590263BF5.NASL", "REDHAT-RHSA-2016-2069.NASL"], "type": "nessus"}, {"idList": ["USN-3024-1", "USN-3027-1"], "type": "ubuntu"}, {"idList": ["F5:K82392041", "SOL82392041"], "type": "f5"}, {"idList": ["JVN:89379547"], "type": "jvn"}, {"idList": ["MYHACK58:62201787046"], "type": "myhack58"}, {"idList": ["DEBIAN:DSA-3609-1:174EB", "DEBIAN:DSA-3614-1:AC7F6", "DEBIAN:DLA-529-1:DC84D", "DEBIAN:DLA-528-1:BE307", "DEBIAN:DSA-3611-1:F53EF"], "type": "debian"}, {"idList": ["ORACLE:CPUJUL2017-3236622", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUAPR2018-3678067", "ORACLE:CPUAPR2017-3236618", "ORACLE:CPUOCT2017-3236626", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["SUSE-SU-2017:1660-1"], "type": "suse"}]}, "score": {"modified": "2019-05-29T18:34:00", "value": 6.6, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle GlassFish Server Multiple Security Vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-3626\", \"CVE-2017-10400\", \"CVE-2016-3092\", \"CVE-2018-2911\",\n \"CVE-2018-3152\");\n script_bugtraq_id(97896, 101383, 91453);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server Multiple Security Vulnerabilities\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to unspecified errors in\n the Java Server Faces, Administration, Web Container (Apache Commons FileUpload)\n and Administration Graphical User Interface sub-components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n users unauthorized read access to a subset of Oracle GlassFish Server accessible\n data, conduct a denial-of-service condition and have an impact on confidentiality\n and integrity.\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate patch from the vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!dbPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE, port:dbPort)) exit(0);\ndbVer = infos['version'];\ndbPath = infos['location'];\n\nif(dbVer =~ \"^3\\.\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\", install_path:dbPath);\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["references", "modified", "sourceData"], "edition": 11, "lastseen": "2019-05-29T18:34:00"}, {"bulletin": {"id": "OPENVAS:1361412562310810747", "hash": "39201e2e2adee28f610c0a499a2d0f1411bf1fae575b1323d4dc46a9db1b67f8", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server Multiple Security Vulnerabilities", "description": "This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.", "published": "2017-04-19T00:00:00", "modified": "2019-05-17T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW", "http://www.oracle.com/", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2018-2911", "CVE-2017-10400", "CVE-2018-3152", "CVE-2016-3092", "CVE-2017-3626"], "lastseen": "2019-05-20T14:37:55", "history": [], "viewCount": 14, "enchantments": {"dependencies": {"modified": "2019-05-20T14:37:55", "references": [{"idList": ["ATLASSIAN:JRASERVER-61885", "ATLASSIAN:JRA-61885", "ATLASSIAN:BSERV-8977"], "type": "atlassian"}, {"idList": ["CBCEEB49-3BC7-11E6-8E82-002590263BF5", "61B8C359-4AAB-11E6-A7BD-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["ALAS-2016-736"], "type": "amazon"}, {"idList": ["ELSA-2017-2247", "ELSA-2016-2599"], "type": "oraclelinux"}, {"idList": ["CFOUNDRY:1DFE9585B9C1AAABE38F2402F4352EFD"], "type": "cloudfoundry"}, {"idList": ["CVE-2018-2911", "CVE-2017-10400", "CVE-2018-3152", "CVE-2016-3092", "CVE-2017-3626"], "type": "cve"}, {"idList": ["CESA-2016:2599"], "type": "centos"}, {"idList": ["RHSA-2016:2072", "RHSA-2016:2808", "RHSA-2016:2599", "RHSA-2017:0456", "RHSA-2016:2070", "RHSA-2016:2071", "RHSA-2017:0455", "RHSA-2016:2068", "RHSA-2016:2069", "RHSA-2016:2807"], "type": "redhat"}, {"idList": ["GLSA-201705-09"], "type": "gentoo"}, {"idList": ["USN-3024-1", "USN-3027-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:1361412562310703614", "OPENVAS:1361412562310808618", "OPENVAS:1361412562310120725", "OPENVAS:1361412562310809211", "OPENVAS:703611", "OPENVAS:1361412562310842824", "OPENVAS:703614", "OPENVAS:1361412562310809213", "OPENVAS:1361412562310871961", "OPENVAS:1361412562310703611"], "type": "openvas"}, {"idList": ["F5:K82392041", "SOL82392041"], "type": "f5"}, {"idList": ["JVN:89379547"], "type": "jvn"}, {"idList": ["MYHACK58:62201787046"], "type": "myhack58"}, {"idList": ["DEBIAN:DSA-3609-1:174EB", "DEBIAN:DSA-3614-1:AC7F6", "DEBIAN:DLA-529-1:DC84D", "DEBIAN:DLA-528-1:BE307", "DEBIAN:DSA-3611-1:F53EF"], "type": "debian"}, {"idList": ["GLASSFISH_CPU_OCT_2017.NASL", "GLASSFISH_CPU_APR_2017.NASL", "GLASSFISH_CPU_OCT_2018.NASL", "DEBIAN_DSA-3611.NASL", "DEBIAN_DLA-528.NASL", "UBUNTU_USN-3027-1.NASL", "TOMCAT_7_0_70.NASL", "FEDORA_2016-0A4DCCDD23.NASL", "FEDORA_2016-2B0C16FD82.NASL", "FREEBSD_PKG_CBCEEB493BC711E68E82002590263BF5.NASL"], "type": "nessus"}, {"idList": ["ORACLE:CPUJUL2017-3236622", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUAPR2018-3678067", "ORACLE:CPUAPR2017-3236618", "ORACLE:CPUOCT2017-3236626", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["SUSE-SU-2017:1660-1"], "type": "suse"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle GlassFish Server Multiple Security Vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-3626\", \"CVE-2017-10400\", \"CVE-2016-3092\", \"CVE-2018-2911\",\n \"CVE-2018-3152\");\n script_bugtraq_id(97896, 101383, 91453);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server Multiple Security Vulnerabilities\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to unspecified errors in\n the Java Server Faces, Administration, Web Container (Apache Commons FileUpload)\n and Administration Graphical User Interface sub-components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n users unauthorized read access to a subset of Oracle GlassFish Server accessible\n data, conduct a denial-of-service condition and have an impact on confidentiality\n and integrity.\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate patch from the vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!dbPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE, port:dbPort)) exit(0);\ndbVer = infos['version'];\ndbPath = infos['location'];\n\nif(dbVer =~ \"^3\\.\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\", install_path:dbPath);\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 10, "lastseen": "2019-05-20T14:37:55"}, {"bulletin": {"id": "OPENVAS:1361412562310810747", "hash": "509c0f71c1aa450c586a2c7a86e922b0b4f24d3f55ad2b2f0b2d399102b1cc46", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server 'Java Server Faces' Security Bypass Vulnerability", "description": "This host is running Oracle GlassFish Server\n and is prone to security bypass vulnerability.", "published": "2017-04-19T00:00:00", "modified": "2017-05-09T00:00:00", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"], "cvelist": ["CVE-2017-3626"], "lastseen": "2017-07-02T21:14:46", "history": [], "viewCount": 4, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_glassfish_java_server_faces_sec_bypass_vuln.nasl 6084 2017-05-09 05:36:00Z cfi $\n#\n# Oracle GlassFish Server 'Java Server Faces' Security Bypass Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"$Revision: 6084 $\");\n script_cve_id(\"CVE-2017-3626\");\n script_bugtraq_id(97896);\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-09 07:36:00 +0200 (Tue, 09 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server 'Java Server Faces' Security Bypass Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified errors in\n the Java Server Faces sub-component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allows remote\n users to unauthorized read access to a subset of Oracle GlassFish Server \n accessible data.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply patches from below link,\n http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\ndbPort = \"\";\ndbVer = \"\";\n\n## Get port\nif(!dbport = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!dbVer = get_app_version(cpe:CPE, port:dbPort)){\n exit(0);\n}\n\n## Check for vulnerable version\nif(dbVer =~ \"^(3\\.)\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\");\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n", "naslFamily": "Databases"}, "differentElements": ["cvss", "references", "description", "cvelist", "modified", "sourceData", "title"], "edition": 1, "lastseen": "2017-07-02T21:14:46"}, {"bulletin": {"id": "OPENVAS:1361412562310810747", "hash": "7575a653080e32a86e74a6616404ebf763abec5fd804faef71a7716df8eb8229", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server Multiple Security Vulnerabilities", "description": "This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.", "published": "2017-04-19T00:00:00", "modified": "2017-10-24T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2017-10400", "CVE-2016-3092", "CVE-2017-3626"], "lastseen": "2017-10-25T14:49:30", "history": [], "viewCount": 7, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_glassfish_java_server_faces_sec_bypass_vuln.nasl 7538 2017-10-24 06:46:01Z santu $\n#\n# Oracle GlassFish Server Multiple Security Vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"$Revision: 7538 $\");\n script_cve_id(\"CVE-2017-3626\", \"CVE-2017-10400\", \"CVE-2016-3092\");\n script_bugtraq_id(97896, 101383, 91453);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 08:46:01 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server Multiple Security Vulnerabilities\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to unspecified errors in\n the Java Server Faces sub-component, Web Container (Apache Commons FileUpload)\n sub-component and Administration Graphical User Interface sub-component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n users unauthorized read access to a subset of Oracle GlassFish Server accessible\n data, conduct a denial-of-service condition and have an impact on confidentiality\n and integrity.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply patches from below link,\n http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\n http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_xref(name : \"URL\" , value : \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\ndbPort = \"\";\ndbVer = \"\";\n\n## Get port\nif(!dbport = get_app_port(cpe:CPE)){\n exit(0);\n}\n\n## Get the version\nif(!dbVer = get_app_version(cpe:CPE, port:dbPort)){\n exit(0);\n}\n\n## Check for vulnerable version\nif(dbVer =~ \"^(3\\.)\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\");\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n", "naslFamily": "Databases"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-25T14:49:30"}, {"bulletin": {"id": "OPENVAS:1361412562310810747", "hash": "4395d266679a080f3e418aa8aaf07267c2dc1e69e98db5d253e1dcddc2fd9a51", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle GlassFish Server Multiple Security Vulnerabilities", "description": "This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.", "published": "2017-04-19T00:00:00", "modified": "2018-05-23T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810747", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2017-10400", "CVE-2016-3092", "CVE-2017-3626"], "lastseen": "2018-05-23T14:56:39", "history": [], "viewCount": 7, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_glassfish_java_server_faces_sec_bypass_vuln.nasl 9927 2018-05-23 04:13:59Z ckuersteiner $\n#\n# Oracle GlassFish Server Multiple Security Vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"$Revision: 9927 $\");\n script_cve_id(\"CVE-2017-3626\", \"CVE-2017-10400\", \"CVE-2016-3092\");\n script_bugtraq_id(97896, 101383, 91453);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-05-23 06:13:59 +0200 (Wed, 23 May 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server Multiple Security Vulnerabilities\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to unspecified errors in\n the Java Server Faces sub-component, Web Container (Apache Commons FileUpload)\n sub-component and Administration Graphical User Interface sub-component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n users unauthorized read access to a subset of Oracle GlassFish Server accessible\n data, conduct a denial-of-service condition and have an impact on confidentiality\n and integrity.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply patches from below link,\n http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\n http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name: \"URL\", value: \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name: \"URL\", value: \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_xref(name: \"URL\", value: \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!dbPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!dbVer = get_app_version(cpe:CPE, port:dbPort)){\n exit(0);\n}\n\nif(dbVer =~ \"^(3\\.)\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\");\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n\nexit(99);\n", "naslFamily": "Databases"}, "differentElements": ["modified", "naslFamily", "sourceData"], "edition": 3, "lastseen": "2018-05-23T14:56:39"}], "viewCount": 54, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-10400", "CVE-2018-2911", "CVE-2017-3626", "CVE-2018-3152", "CVE-2016-3092"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-3626", "UB:CVE-2016-3092"]}, {"type": "f5", "idList": ["F5:K82392041", "SOL82392041"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2016-0684"]}, {"type": "myhack58", "idList": ["MYHACK58:62201787046"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2016-2069.NASL", "DEBIAN_DLA-529.NASL", "DEBIAN_DSA-3609.NASL", "GLASSFISH_CPU_APR_2017.NASL", "TOMCAT_7_0_70.NASL", "ACTIVEMQ_5_15_5.NASL", "FEDORA_2016-2B0C16FD82.NASL", "DEBIAN_DSA-3614.NASL", "REDHAT-RHSA-2016-2807.NASL", "WEBSPHERE_547999.NASL", "FEDORA_2016-0A4DCCDD23.NASL", "9905.PRM", "9904.PRM", "OPENSUSE-2016-1056.NASL", "UBUNTU_USN-3024-1.NASL", "ORACLE_WEBCENTER_SITES_APR_2018_CPU.NASL", "GLASSFISH_CPU_OCT_2017.NASL", "SL_20161103_TOMCAT_ON_SL7_X.NASL", "DEBIAN_DLA-528.NASL", "UBUNTU_USN-3027-1.NASL", "CENTOS_RHSA-2016-2599.NASL", "700700.PASL", "MYSQL_ENTERPRISE_MONITOR_3_3_3_1199.NASL", "REDHAT-RHSA-2016-2072.NASL", "GLASSFISH_CPU_OCT_2018.NASL", "9941.PRM", "FEDORA_2016-F4A443888B.NASL", "ORACLELINUX_ELSA-2016-2599.NASL", "DEBIAN_DSA-3611.NASL", "FREEBSD_PKG_CBCEEB493BC711E68E82002590263BF5.NASL", "EULEROS_SA-2016-1054.NASL", "REDHAT-RHSA-2016-2599.NASL", "ALA_ALAS-2016-736.NASL", "FREEBSD_PKG_61B8C3594AAB11E6A7BD14DAE9D210B8.NASL"]}, {"type": "redhat", "idList": ["RHSA-2016:2072", "RHSA-2016:2808", "RHSA-2016:2599", "RHSA-2016:2069", "RHSA-2016:2068", "RHSA-2016:2070", "RHSA-2016:2071", "RHSA-2016:2807"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-61885", "ATLASSIAN:BSERV-8977", "ATLASSIAN:JRA-61885"]}, {"type": "amazon", "idList": ["ALAS-2016-736"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310808618", "OPENVAS:703611", "OPENVAS:1361412562310871961", "OPENVAS:703609", "OPENVAS:703614", "OPENVAS:1361412562310120725", "OPENVAS:1361412562311220161054", "OPENVAS:1361412562310809211", "OPENVAS:1361412562310842824", "OPENVAS:1361412562310871701", "OPENVAS:1361412562310842823", "OPENVAS:1361412562310703611", "OPENVAS:1361412562310703614", "OPENVAS:1361412562310811250", "OPENVAS:1361412562310809213", "OPENVAS:1361412562310808197", "OPENVAS:1361412562310703609"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3614-1:2E149", "DEBIAN:DSA-3611-1:F53EF", "DEBIAN:DSA-3609-1:174EB", "DEBIAN:DSA-3614-1:AC7F6", "DEBIAN:DLA-528-1:BE307", "DEBIAN:DLA-529-1:DC84D", "DEBIAN:DLA-528-1:C8771", "DEBIAN:DSA-3611-1:6D627", "DEBIAN:DLA-529-1:758C3"]}, {"type": "fedora", "idList": ["FEDORA:44AA5603A529", "FEDORA:77E4F6087EA4", "FEDORA:CF0AC608B5E3"]}, {"type": "jvn", "idList": ["JVN:89379547"]}, {"type": "tomcat", "idList": ["TOMCAT:3433D97DD68E3E4EE81DAC140FD2AF8F", "TOMCAT:7E8B1837DB1B24489FB7CEAE24C18E30", "TOMCAT:0771E17F0F0733FEFCB0AD32B094C50F"]}, {"type": "github", "idList": ["GHSA-FVM3-CFVJ-GXQQ"]}, {"type": "ubuntu", "idList": ["USN-3027-1", "USN-3024-1"]}, {"type": "freebsd", "idList": ["61B8C359-4AAB-11E6-A7BD-14DAE9D210B8", "CBCEEB49-3BC7-11E6-8E82-002590263BF5"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-1000394"]}, {"type": "gentoo", "idList": ["GLSA-202107-39"]}, {"type": "centos", "idList": ["CESA-2016:2599"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2599"]}], "modified": "2019-07-17T14:19:16", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2019-07-17T14:19:16", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310810747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle GlassFish Server Multiple Security Vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:glassfish_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810747\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2017-3626\", \"CVE-2017-10400\", \"CVE-2016-3092\", \"CVE-2018-2911\",\n \"CVE-2018-3152\");\n script_bugtraq_id(97896, 101383, 91453);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-04-19 13:45:58 +0530 (Wed, 19 Apr 2017)\");\n script_name(\"Oracle GlassFish Server Multiple Security Vulnerabilities\");\n\n script_tag(name:\"summary\", value:\"This host is running Oracle GlassFish Server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to unspecified errors in\n the Java Server Faces, Administration, Web Container (Apache Commons FileUpload)\n and Administration Graphical User Interface sub-components.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n users unauthorized read access to a subset of Oracle GlassFish Server accessible\n data, conduct a denial-of-service condition and have an impact on confidentiality\n and integrity.\");\n\n script_tag(name:\"affected\", value:\"Oracle GlassFish Server versions 3.1.2\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate patch from the vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixFMW\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"GlassFish_detect.nasl\");\n script_mandatory_keys(\"GlassFish/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!dbPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE, port:dbPort)) exit(0);\ndbVer = infos['version'];\ndbPath = infos['location'];\n\nif(dbVer =~ \"^3\\.\")\n{\n if(version_is_equal(version:dbVer, test_version:\"3.1.2\"))\n {\n report = report_fixed_ver(installed_version:dbVer, fixed_version:\"Apply the appropriate patch\", install_path:dbPath);\n security_message(data:report, port:dbPort);\n exit(0);\n }\n}\n\nexit(99);\n", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}], "oracle": [{"id": "ORACLE:CPUOCT2018", "hash": "bd6314cc5d40029baa152f28d39cc2a1", "type": "oracle", "bulletinFamily": "software", "title": "Oracle Critical Patch Update - October 2018", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2456979.1>).\n", "published": "2018-12-18T00:00:00", "modified": "2018-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "https://www.oracle.com/security-alerts/cpuoct2018.html", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2012-1007", "CVE-2014-0014", "CVE-2014-0114", "CVE-2014-3490", "CVE-2014-7817", "CVE-2015-0235", "CVE-2015-0252", "CVE-2015-3144", "CVE-2015-3145", "CVE-2015-3153", "CVE-2015-3236", "CVE-2015-3237", "CVE-2015-6937", "CVE-2015-7501", "CVE-2015-7990", "CVE-2015-9251", "CVE-2016-0635", "CVE-2016-0729", "CVE-2016-0755", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-3739", "CVE-2016-4000", "CVE-2016-5019", "CVE-2016-5080", "CVE-2016-5244", "CVE-2016-5419", "CVE-2016-5420", "CVE-2016-5421", "CVE-2016-6814", "CVE-2016-7141", "CVE-2016-7167", "CVE-2016-8615", "CVE-2016-8616", "CVE-2016-8617", "CVE-2016-8618", "CVE-2016-8619", "CVE-2016-8620", "CVE-2016-8621", "CVE-2016-8622", "CVE-2016-8623", "CVE-2016-8624", "CVE-2016-9586", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-14735", "CVE-2017-15095", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2017-5529", "CVE-2017-5533", "CVE-2017-5645", "CVE-2017-5715", "CVE-2017-7407", "CVE-2017-7525", "CVE-2017-7805", "CVE-2017-9798", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11307", "CVE-2018-11776", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-13785", "CVE-2018-14048", "CVE-2018-18223", "CVE-2018-18224", "CVE-2018-2887", "CVE-2018-2889", "CVE-2018-2902", "CVE-2018-2909", "CVE-2018-2911", "CVE-2018-2912", "CVE-2018-2913", "CVE-2018-2914", "CVE-2018-2922", "CVE-2018-2971", "CVE-2018-3011", "CVE-2018-3059", "CVE-2018-3115", "CVE-2018-3122", "CVE-2018-3126", "CVE-2018-3127", "CVE-2018-3128", "CVE-2018-3129", "CVE-2018-3130", "CVE-2018-3131", "CVE-2018-3132", "CVE-2018-3133", "CVE-2018-3134", "CVE-2018-3135", "CVE-2018-3136", "CVE-2018-3137", "CVE-2018-3138", "CVE-2018-3139", "CVE-2018-3140", "CVE-2018-3141", "CVE-2018-3142", "CVE-2018-3143", "CVE-2018-3144", "CVE-2018-3145", "CVE-2018-3146", "CVE-2018-3147", "CVE-2018-3148", "CVE-2018-3149", "CVE-2018-3150", "CVE-2018-3151", "CVE-2018-3152", "CVE-2018-3153", "CVE-2018-3154", "CVE-2018-3155", "CVE-2018-3156", "CVE-2018-3157", "CVE-2018-3158", "CVE-2018-3159", "CVE-2018-3160", "CVE-2018-3161", "CVE-2018-3162", "CVE-2018-3163", "CVE-2018-3164", "CVE-2018-3165", "CVE-2018-3166", "CVE-2018-3167", "CVE-2018-3168", "CVE-2018-3169", "CVE-2018-3170", "CVE-2018-3171", "CVE-2018-3172", "CVE-2018-3173", "CVE-2018-3174", "CVE-2018-3175", "CVE-2018-3176", "CVE-2018-3177", "CVE-2018-3178", "CVE-2018-3179", "CVE-2018-3180", "CVE-2018-3181", "CVE-2018-3182", "CVE-2018-3183", "CVE-2018-3184", "CVE-2018-3185", "CVE-2018-3186", "CVE-2018-3187", "CVE-2018-3188", "CVE-2018-3189", "CVE-2018-3190", "CVE-2018-3191", "CVE-2018-3192", "CVE-2018-3193", "CVE-2018-3194", "CVE-2018-3195", "CVE-2018-3196", "CVE-2018-3197", "CVE-2018-3198", "CVE-2018-3200", "CVE-2018-3201", "CVE-2018-3202", "CVE-2018-3203", "CVE-2018-3204", "CVE-2018-3205", "CVE-2018-3206", "CVE-2018-3207", "CVE-2018-3208", "CVE-2018-3209", "CVE-2018-3210", "CVE-2018-3211", "CVE-2018-3212", "CVE-2018-3213", "CVE-2018-3214", "CVE-2018-3215", "CVE-2018-3217", "CVE-2018-3218", "CVE-2018-3219", "CVE-2018-3220", "CVE-2018-3221", "CVE-2018-3222", "CVE-2018-3223", "CVE-2018-3224", "CVE-2018-3225", "CVE-2018-3226", "CVE-2018-3227", "CVE-2018-3228", "CVE-2018-3229", "CVE-2018-3230", "CVE-2018-3231", "CVE-2018-3232", "CVE-2018-3233", "CVE-2018-3234", "CVE-2018-3235", "CVE-2018-3236", "CVE-2018-3237", "CVE-2018-3238", "CVE-2018-3239", "CVE-2018-3241", "CVE-2018-3242", "CVE-2018-3243", "CVE-2018-3244", "CVE-2018-3245", "CVE-2018-3246", "CVE-2018-3247", "CVE-2018-3248", "CVE-2018-3249", "CVE-2018-3250", "CVE-2018-3251", "CVE-2018-3252", "CVE-2018-3253", "CVE-2018-3254", "CVE-2018-3255", "CVE-2018-3256", "CVE-2018-3257", "CVE-2018-3258", "CVE-2018-3259", "CVE-2018-3261", "CVE-2018-3262", "CVE-2018-3263", "CVE-2018-3264", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3267", "CVE-2018-3268", "CVE-2018-3269", "CVE-2018-3270", "CVE-2018-3271", "CVE-2018-3272", "CVE-2018-3273", "CVE-2018-3274", "CVE-2018-3275", "CVE-2018-3276", "CVE-2018-3277", "CVE-2018-3278", "CVE-2018-3279", "CVE-2018-3280", "CVE-2018-3281", "CVE-2018-3282", "CVE-2018-3283", "CVE-2018-3284", "CVE-2018-3285", "CVE-2018-3286", "CVE-2018-3287", "CVE-2018-3288", "CVE-2018-3289", "CVE-2018-3290", "CVE-2018-3291", "CVE-2018-3292", "CVE-2018-3293", "CVE-2018-3294", "CVE-2018-3295", "CVE-2018-3296", "CVE-2018-3297", "CVE-2018-3298", "CVE-2018-3299", "CVE-2018-3301", "CVE-2018-3302", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "immutableFields": [], "lastseen": "2021-10-22T15:44:22", "history": [{"bulletin": {"id": "ORACLE:CPUOCT2018", "hash": "b2258f0a8b2cbd93cbe5393f1ef070f7", "type": "oracle", "bulletinFamily": "software", "title": "Oracle Critical Patch Update - October 2018", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2456979.1>).\n", "published": "2018-12-18T00:00:00", "modified": "2018-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "immutableFields": [], "lastseen": "2020-10-04T21:15:56", "history": [], "viewCount": 8, "enchantments": {"dependencies": {"modified": "2020-10-04T21:15:56", "references": [{"idList": ["DEBIAN:DLA-711-1:02E2B", "DEBIAN:DSA-3705-1:8640E"], "type": "debian"}, {"idList": ["FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "UBUNTU_USN-3799-1.NASL", "MYSQL_8_0_13.NASL", "FEDORA_2018-C82FC3E109.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "MYSQL_5_7_24.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "ALA_ALAS-2018-1114.NASL", "FEDORA_2018-B4820696E1.NASL"], "type": "nessus"}, {"idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"], "type": "cloudfoundry"}, {"idList": ["ELSA-2019-4652"], "type": "oraclelinux"}, {"idList": ["765FEB7D-A0D1-11E6-A881-B499BAEBFEAF", "EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF"], "type": "freebsd"}, {"idList": ["ORACLE:CPUOCT2018-4428296"], "type": "oracle"}, {"idList": ["KLA11340", "KLA11339"], "type": "kaspersky"}, {"idList": ["RHSA-2018:3003", "RHSA-2018:3002"], "type": "redhat"}, {"idList": ["FEDORA:C38F16060C6A", "FEDORA:C4AB56030B10", "FEDORA:40D1C6051CE4", "FEDORA:760A36277A05"], "type": "fedora"}, {"idList": ["SUSE-SU-2016:2700-1", "OPENSUSE-SU-2018:3478-1", "SUSE-SU-2016:2714-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2699-1"], "type": "suse"}, {"idList": ["SSA-2016-308-01"], "type": "slackware"}, {"idList": ["F5:K74843522", "F5:K04320238", "F5:K42842401", "F5:K50148721", "F5:K11009429", "F5:K50394032", "F5:K14301401", "F5:K63470526", "F5:K03451253"], "type": "f5"}, {"idList": ["ALAS-2018-1114", "ALAS-2016-766", "ALAS-2018-1115"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310814261", "OPENVAS:1361412562310814264", "OPENVAS:1361412562310814262", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814263"], "type": "openvas"}, {"idList": ["GLSA-201701-47"], "type": "gentoo"}, {"idList": ["USN-3123-1", "USN-3799-1"], "type": "ubuntu"}], "rev": 2}, "score": {"modified": "2020-10-04T21:15:56", "rev": 2, "value": 4.4, "vector": "NONE"}}, "objectVersion": "1.5", "affectedSoftware": []}, "lastseen": "2020-10-04T21:15:56", "differentElements": ["cvss2", "cvss3"], "edition": 1}, {"bulletin": {"id": "ORACLE:CPUOCT2018", "hash": "6712cbd6d740aa8e321cc2664a1c4039", "type": "oracle", "bulletinFamily": "software", "title": "Oracle Critical Patch Update - October 2018", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2456979.1>).\n", "published": "2018-12-18T00:00:00", "modified": "2018-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "immutableFields": [], "lastseen": "2021-07-28T15:43:35", "history": [], "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K04320238", "F5:K11009429", "F5:K42842401", "F5:K50394032", "F5:K63470526", "F5:K14301401", "F5:K03451253", "F5:K74843522", "F5:K50148721"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296"]}, {"type": "fedora", "idList": ["FEDORA:40D1C6051CE4", "FEDORA:C4AB56030B10", "FEDORA:C38F16060C6A", "FEDORA:760A36277A05"]}, {"type": "nessus", "idList": ["FEDORA_2018-192148F4FF.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "OPENSUSE-2018-1330.NASL", "SUSE_SU-2019-0119-1.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "MYSQL_5_7_24.NASL", "OPENSUSE-2018-1284.NASL", "ORACLE_JAVA_CPU_OCT_2018.NASL", "FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "FEDORA_2018-242F6C1A41.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "MYSQL_5_6_42.NASL", "REDHAT-RHSA-2018-3003.NASL", "FEDORA_2016-E8E8CDB4ED.NASL", "FEDORA_2016-89769648A0.NASL", "REDHAT-RHSA-2018-3002.NASL", "ALA_ALAS-2018-1114.NASL", "MARIADB_10_2_19.NASL", "ALA_ALAS-2018-1115.NASL", "ORACLE_JAVA_CPU_OCT_2018_UNIX.NASL", "FEDORA_2018-C82FC3E109.NASL", "MYSQL_8_0_13.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2018_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2018.NASL", "EULEROS_SA-2017-1035.NASL", "FEDORA_2018-55B875C1AC.NASL", "VIRTUALBOX_5_2_20.NASL", "700659.PRM", "SOLARIS_OCT2018_SRU11_4_0_0_0.NASL", "OPENSUSE-2019-863.NASL", "FEDORA_2018-B4820696E1.NASL", "GENTOO_GLSA-201701-47.NASL", "SUSE_SU-2016-2699-1.NASL", "UBUNTU_USN-3799-1.NASL", "DEBIAN_DSA-3705.NASL", "EULEROS_SA-2017-1036.NASL", "DEBIAN_DLA-711.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ALA_ALAS-2016-766.NASL", "SUSE_SU-2016-2714-1.NASL", "UBUNTU_USN-3123-1.NASL", "OPENSUSE-2016-1280.NASL", "ORACLELINUX_ELSA-2019-4652.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310876169", "OPENVAS:1361412562310810155", "OPENVAS:1361412562310814264", "OPENVAS:1361412562310814263", "OPENVAS:1361412562310814262", "OPENVAS:703705", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310814261", "OPENVAS:1361412562310851985", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310851432", "OPENVAS:1361412562311220171036", "OPENVAS:1361412562311220171035", "OPENVAS:1361412562310872080", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310703705"]}, {"type": "freebsd", "idList": ["EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF", "765FEB7D-A0D1-11E6-A881-B499BAEBFEAF"]}, {"type": "ubuntu", "idList": ["USN-3123-1", "USN-3799-1"]}, {"type": "amazon", "idList": ["ALAS-2016-766", "ALAS-2018-1114", "ALAS-2018-1115"]}, {"type": "kaspersky", "idList": ["KLA11340", "KLA11339"]}, {"type": "suse", "idList": ["SUSE-SU-2016:2699-1", "OPENSUSE-SU-2016:2768-1", "OPENSUSE-SU-2018:3478-1", "SUSE-SU-2016:2700-1", "SUSE-SU-2016:2714-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "gentoo", "idList": ["GLSA-201701-47"]}, {"type": "debian", "idList": ["DEBIAN:DLA-711-1:02E2B", "DEBIAN:DSA-3705-1:8640E"]}, {"type": "redhat", "idList": ["RHSA-2018:3003", "RHSA-2018:3002"]}, {"type": "slackware", "idList": ["SSA-2016-308-01"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4652"]}], "modified": "2021-07-28T15:43:35", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-07-28T15:43:35", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": []}, "lastseen": "2021-07-28T15:43:35", "differentElements": ["cvss3"], "edition": 2}, {"bulletin": {"id": "ORACLE:CPUOCT2018", "hash": "aaf647b7e55ddd5e702add933895900cd3b9cce3ee7981e144c3273546c4fa5d", "type": "oracle", "bulletinFamily": "software", "title": "Oracle Critical Patch Update - October 2018", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2456979.1>).\n", "published": "2018-12-18T00:00:00", "modified": "2018-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2012-1007", "CVE-2014-0014", "CVE-2014-0114", "CVE-2014-3490", "CVE-2014-7817", "CVE-2015-0235", "CVE-2015-0252", "CVE-2015-3144", "CVE-2015-3145", "CVE-2015-3153", "CVE-2015-3236", "CVE-2015-3237", "CVE-2015-6937", "CVE-2015-7501", "CVE-2015-7990", "CVE-2015-9251", "CVE-2016-0635", "CVE-2016-0729", "CVE-2016-0755", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-3739", "CVE-2016-4000", "CVE-2016-5019", "CVE-2016-5080", "CVE-2016-5244", "CVE-2016-5419", "CVE-2016-5420", "CVE-2016-5421", "CVE-2016-6814", "CVE-2016-7141", "CVE-2016-7167", "CVE-2016-8615", "CVE-2016-8616", "CVE-2016-8617", "CVE-2016-8618", "CVE-2016-8619", "CVE-2016-8620", "CVE-2016-8621", "CVE-2016-8622", "CVE-2016-8623", "CVE-2016-8624", "CVE-2016-9586", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-14735", "CVE-2017-15095", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2017-5529", "CVE-2017-5533", "CVE-2017-5645", "CVE-2017-5715", "CVE-2017-7407", "CVE-2017-7525", "CVE-2017-7805", "CVE-2017-9798", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11307", "CVE-2018-11776", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-13785", "CVE-2018-14048", "CVE-2018-18223", "CVE-2018-18224", "CVE-2018-2887", "CVE-2018-2889", "CVE-2018-2902", "CVE-2018-2909", "CVE-2018-2911", "CVE-2018-2912", "CVE-2018-2913", "CVE-2018-2914", "CVE-2018-2922", "CVE-2018-2971", "CVE-2018-3011", "CVE-2018-3059", "CVE-2018-3115", "CVE-2018-3122", "CVE-2018-3126", "CVE-2018-3127", "CVE-2018-3128", "CVE-2018-3129", "CVE-2018-3130", "CVE-2018-3131", "CVE-2018-3132", "CVE-2018-3133", "CVE-2018-3134", "CVE-2018-3135", "CVE-2018-3136", "CVE-2018-3137", "CVE-2018-3138", "CVE-2018-3139", "CVE-2018-3140", "CVE-2018-3141", "CVE-2018-3142", "CVE-2018-3143", "CVE-2018-3144", "CVE-2018-3145", "CVE-2018-3146", "CVE-2018-3147", "CVE-2018-3148", "CVE-2018-3149", "CVE-2018-3150", "CVE-2018-3151", "CVE-2018-3152", "CVE-2018-3153", "CVE-2018-3154", "CVE-2018-3155", "CVE-2018-3156", "CVE-2018-3157", "CVE-2018-3158", "CVE-2018-3159", "CVE-2018-3160", "CVE-2018-3161", "CVE-2018-3162", "CVE-2018-3163", "CVE-2018-3164", "CVE-2018-3165", "CVE-2018-3166", "CVE-2018-3167", "CVE-2018-3168", "CVE-2018-3169", "CVE-2018-3170", "CVE-2018-3171", "CVE-2018-3172", "CVE-2018-3173", "CVE-2018-3174", "CVE-2018-3175", "CVE-2018-3176", "CVE-2018-3177", "CVE-2018-3178", "CVE-2018-3179", "CVE-2018-3180", "CVE-2018-3181", "CVE-2018-3182", "CVE-2018-3183", "CVE-2018-3184", "CVE-2018-3185", "CVE-2018-3186", "CVE-2018-3187", "CVE-2018-3188", "CVE-2018-3189", "CVE-2018-3190", "CVE-2018-3191", "CVE-2018-3192", "CVE-2018-3193", "CVE-2018-3194", "CVE-2018-3195", "CVE-2018-3196", "CVE-2018-3197", "CVE-2018-3198", "CVE-2018-3200", "CVE-2018-3201", "CVE-2018-3202", "CVE-2018-3203", "CVE-2018-3204", "CVE-2018-3205", "CVE-2018-3206", "CVE-2018-3207", "CVE-2018-3208", "CVE-2018-3209", "CVE-2018-3210", "CVE-2018-3211", "CVE-2018-3212", "CVE-2018-3213", "CVE-2018-3214", "CVE-2018-3215", "CVE-2018-3217", "CVE-2018-3218", "CVE-2018-3219", "CVE-2018-3220", "CVE-2018-3221", "CVE-2018-3222", "CVE-2018-3223", "CVE-2018-3224", "CVE-2018-3225", "CVE-2018-3226", "CVE-2018-3227", "CVE-2018-3228", "CVE-2018-3229", "CVE-2018-3230", "CVE-2018-3231", "CVE-2018-3232", "CVE-2018-3233", "CVE-2018-3234", "CVE-2018-3235", "CVE-2018-3236", "CVE-2018-3237", "CVE-2018-3238", "CVE-2018-3239", "CVE-2018-3241", "CVE-2018-3242", "CVE-2018-3243", "CVE-2018-3244", "CVE-2018-3245", "CVE-2018-3246", "CVE-2018-3247", "CVE-2018-3248", "CVE-2018-3249", "CVE-2018-3250", "CVE-2018-3251", "CVE-2018-3252", "CVE-2018-3253", "CVE-2018-3254", "CVE-2018-3255", "CVE-2018-3256", "CVE-2018-3257", "CVE-2018-3258", "CVE-2018-3259", "CVE-2018-3261", "CVE-2018-3262", "CVE-2018-3263", "CVE-2018-3264", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3267", "CVE-2018-3268", "CVE-2018-3269", "CVE-2018-3270", "CVE-2018-3271", "CVE-2018-3272", "CVE-2018-3273", "CVE-2018-3274", "CVE-2018-3275", "CVE-2018-3276", "CVE-2018-3277", "CVE-2018-3278", "CVE-2018-3279", "CVE-2018-3280", "CVE-2018-3281", "CVE-2018-3282", "CVE-2018-3283", "CVE-2018-3284", "CVE-2018-3285", "CVE-2018-3286", "CVE-2018-3287", "CVE-2018-3288", "CVE-2018-3289", "CVE-2018-3290", "CVE-2018-3291", "CVE-2018-3292", "CVE-2018-3293", "CVE-2018-3294", "CVE-2018-3295", "CVE-2018-3296", "CVE-2018-3297", "CVE-2018-3298", "CVE-2018-3299", "CVE-2018-3301", "CVE-2018-3302", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "immutableFields": [], "lastseen": "2021-07-28T15:43:35", "history": [], "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K74843522", "F5:K14301401", "F5:K11009429", "F5:K50394032", "F5:K63470526", "F5:K42842401", "F5:K03451253", "F5:K50148721", "F5:K04320238"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296"]}, {"type": "nessus", "idList": ["ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "FEDORA_2018-C82FC3E109.NASL", "UBUNTU_USN-3799-1.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "MYSQL_5_7_24.NASL", "ALA_ALAS-2018-1114.NASL", "FEDORA_2018-B4820696E1.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "MYSQL_8_0_13.NASL", "FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814264", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310814263", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310851432", "OPENVAS:1361412562310814261", "OPENVAS:1361412562310814262"]}, {"type": "fedora", "idList": ["FEDORA:760A36277A05", "FEDORA:40D1C6051CE4", "FEDORA:C38F16060C6A", "FEDORA:C4AB56030B10"]}, {"type": "freebsd", "idList": ["EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF", "765FEB7D-A0D1-11E6-A881-B499BAEBFEAF"]}, {"type": "ubuntu", "idList": ["USN-3799-1", "USN-3123-1"]}, {"type": "amazon", "idList": ["ALAS-2018-1114", "ALAS-2016-766", "ALAS-2018-1115"]}, {"type": "kaspersky", "idList": ["KLA11340", "KLA11339"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3478-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2699-1", "SUSE-SU-2016:2714-1", "SUSE-SU-2016:2700-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"]}, {"type": "gentoo", "idList": ["GLSA-201701-47"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3705-1:8640E", "DEBIAN:DLA-711-1:02E2B"]}, {"type": "slackware", "idList": ["SSA-2016-308-01"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4652"]}, {"type": "redhat", "idList": ["RHSA-2018:3002", "RHSA-2018:3003"]}], "modified": "2021-07-28T15:43:35", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-07-28T15:43:35", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": []}, "lastseen": "2021-07-28T15:43:35", "differentElements": ["cvss3", "href"], "edition": 3}], "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K42842401", "F5:K74843522", "F5:K14301401", "F5:K63470526", "F5:K50148721", "F5:K03451253", "F5:K11009429", "F5:K50394032", "F5:K04320238"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296"]}, {"type": "fedora", "idList": ["FEDORA:C4AB56030B10", "FEDORA:760A36277A05", "FEDORA:C38F16060C6A", "FEDORA:40D1C6051CE4"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814262", "OPENVAS:1361412562311220171035", "OPENVAS:1361412562310814263", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310810155", "OPENVAS:1361412562310703705", "OPENVAS:1361412562310872080", "OPENVAS:1361412562310876169", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310851985", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814264", "OPENVAS:1361412562311220171036", "OPENVAS:1361412562310814261", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310851432", "OPENVAS:703705"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3705.NASL", "FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "OPENSUSE-2019-863.NASL", "EULEROS_SA-2017-1036.NASL", "ALA_ALAS-2018-1115.NASL", "FREEBSD_PKG_765FEB7DA0D111E6A881B499BAEBFEAF.NASL", "FEDORA_2018-55B875C1AC.NASL", "SUSE_SU-2016-2714-1.NASL", "VIRTUALBOX_5_2_20.NASL", "700659.PRM", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_JAVA_CPU_OCT_2018.NASL", "FEDORA_2016-89769648A0.NASL", "SUSE_SU-2019-0119-1.NASL", "MYSQL_8_0_13.NASL", "FEDORA_2016-E8E8CDB4ED.NASL", "FEDORA_2018-242F6C1A41.NASL", "REDHAT-RHSA-2018-3002.NASL", "MARIADB_10_2_19.NASL", "EULEROS_SA-2017-1035.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2018.NASL", "FEDORA_2018-192148F4FF.NASL", "ALA_ALAS-2016-766.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2018_CPU.NASL", "OPENSUSE-2018-1284.NASL", "SUSE_SU-2016-2699-1.NASL", "9826.PRM", "SOLARIS_OCT2018_SRU11_4_0_0_0.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "MYSQL_5_6_42.NASL", "MYSQL_5_7_24.NASL", "FEDORA_2018-B4820696E1.NASL", "UBUNTU_USN-3123-1.NASL", "DEBIAN_DLA-711.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "UBUNTU_USN-3799-1.NASL", "OPENSUSE-2018-1330.NASL", "ALA_ALAS-2018-1114.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "REDHAT-RHSA-2018-3003.NASL", "FEDORA_2018-C82FC3E109.NASL", "GENTOO_GLSA-201701-47.NASL", "SLACKWARE_SSA_2016-308-01.NASL", "OPENSUSE-2016-1280.NASL", "ORACLELINUX_ELSA-2019-4652.NASL", "ORACLE_JAVA_CPU_OCT_2018_UNIX.NASL"]}, {"type": "freebsd", "idList": ["EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF"]}, {"type": "ubuntu", "idList": ["USN-3799-1", "USN-3123-1"]}, {"type": "amazon", "idList": ["ALAS-2018-1115", "ALAS-2016-766", "ALAS-2018-1114"]}, {"type": "kaspersky", "idList": ["KLA11340", "KLA11339"]}, {"type": "suse", "idList": ["SUSE-SU-2016:2714-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2700-1", "OPENSUSE-SU-2018:3478-1", "SUSE-SU-2016:2699-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "gentoo", "idList": ["GLSA-201701-47"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3705-1:8640E", "DEBIAN:DLA-711-1:02E2B"]}, {"type": "redhat", "idList": ["RHSA-2018:3002", "RHSA-2018:3003"]}], "modified": "2021-10-22T15:44:22", "rev": 2}, "score": {"value": 4.3, "vector": "NONE", "modified": "2021-10-22T15:44:22", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.oracle.OracleBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.oracle.OracleBulletin"]}, {"id": "ORACLE:CPUOCT2018-4428296", "hash": "82e79a63252f57f8f79238e35e854354657046213d1c359404804a74027c074f", "type": "oracle", "bulletinFamily": "software", "title": "CPU Oct 2018", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "published": "2018-12-18T00:00:00", "modified": "2018-10-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "lastseen": "2021-06-08T18:47:19", "history": [{"bulletin": {"affectedSoftware": [{"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "6u201"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.2.1"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.2.2"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.1"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.1.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "16.0"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.6"}, {"name": "Primavera Unifier", "operator": "le", "version": "18.1"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "15.0"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.3"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.0"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.1"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.5"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "6u201"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "17.7"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "17.0.2"}, {"name": "Oracle Text", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.1"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Hospitality Cruise Fleet Management", "operator": "le", "version": "9.0"}, {"name": "Spatial", "operator": "le", "version": "2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "15.2"}, {"name": "Java SE", "operator": "le", "version": "8u181"}, {"name": "Oracle Retail Returns Management", "operator": "le", "version": "14.1"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Communications Application Session Controller", "operator": "le", "version": "3.7.1M0"}, {"name": "Java VM", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "15.0.2"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.4"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.57"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.1"}, {"name": "Oracle Identity Analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.9"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.6"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "8u181"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.3.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14.1"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.4"}, {"name": "MySQL Server", "operator": "le", "version": "8.0.12"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.2"}, {"name": "JD Edwards EnterpriseOne Tools", "operator": "le", "version": "9.2"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.1"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "PeopleSoft Enterprise Interaction Hub", "operator": "le", "version": "9.1.0.0"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "17.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "11"}, {"name": "Spatial", "operator": "le", "version": "2.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Server", "operator": "le", "version": "5.5.61"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "15.0"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "operator": "le", "version": "8.0"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.55"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.2.0"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Solaris", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.1.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.1"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.1"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.2.1"}, {"name": "Enterprise Manager for MySQL Database", "operator": "le", "version": "13.2"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "17.12"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.5.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Java SE", "operator": "le", "version": "11"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.1"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.56"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "7u191"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.0"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.3"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.4"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.1"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "16.0"}, {"name": "Primavera Gateway", "operator": "le", "version": "16.2"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "13.2"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.5"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Instant Messaging Server", "operator": "le", "version": "10.0.1"}, {"name": "Oracle Communications User Data Repository", "operator": "le", "version": "12.2.0"}, {"name": "Oracle API Gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Central Office", "operator": "le", "version": "14.1"}, {"name": "JD Edwards EnterpriseOne Orchestrator", "operator": "le", "version": "9.2"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.2"}, {"name": "Java VM", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.2"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "8.4"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.1"}, {"name": "Hyperion Common Events", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.1"}, {"name": "Solaris", "operator": "le", "version": "10"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "12.2"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.2.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.6"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.0"}, {"name": "OSS Support Tools", "operator": "le", "version": "18.4"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "16.0"}, {"name": "MICROS Retail-J", "operator": "le", "version": "12.1.2"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.3"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.2"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "17.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.8"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.2"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.0"}, {"name": "MICROS Lucas", "operator": "le", "version": "2.9.5"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.5"}, {"name": "MICROS PC Workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.5.0"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "operator": "le", "version": "6.2.0.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.2"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.9"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.3"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "15.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "15.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.4"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.5"}, {"name": "Java VM", "operator": "le", "version": "18c"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Text", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.6"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.0"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.1.3"}, {"name": "Oracle Retail Integration Bus", "operator": "le", "version": "14.1.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.6.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Real-Time Decision Server", "operator": "le", "version": "3.2.1"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.1"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.3"}, {"name": "Oracle Hospitality Materials Control", "operator": "le", "version": "18.1"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.2"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.6"}, {"name": "MySQL Server", "operator": "le", "version": "5.7.23"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.7.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "16.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.1.7"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.1"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "13.2"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.0"}, {"name": "Oracle Text", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "16.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.7"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Communications Messaging Server", "operator": "le", "version": "8.0.2"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.7.0"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "7.3.5"}, {"name": "MySQL Server", "operator": "le", "version": "5.6.41"}, {"name": "Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers", "operator": "le", "version": "2352"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.1"}, {"name": "Hyperion Essbase Administration Services", "operator": "le", "version": "11.1.2.4"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "7u191"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "18.8"}, {"name": "Rapid Home Provisioning", "operator": "le", "version": "18c"}, {"name": "Oracle HTTP Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS Retail-J", "operator": "le", "version": "13.0.0"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "operator": "le", "version": "1123"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "15.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.5"}, {"name": "Oracle Communications MetaSolv Solution", "operator": "le", "version": "6.3.0"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.8"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "8u181"}, {"name": "Oracle Big Data Discovery", "operator": "le", "version": "1.6.0"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.2.1.3"}, {"name": "Hyperion BI+", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.3"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.3"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.2"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.1.1"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "10.3.6.0"}, {"name": "Hyperion Data Relationship Management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.2"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.7"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.2"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.6.1"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.2"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.1"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.7"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.1.3"}, {"name": "Java VM", "operator": "le", "version": "12.2.0.1"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "11"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.1"}, {"name": "Oracle Tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "12.1.0.5"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle VM VirtualBox", "operator": "le", "version": "5.2.20"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "16.0.4"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.0"}, {"name": "Spatial", "operator": "le", "version": "2.2"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Directory Server Enterprise Edition", "operator": "le", "version": "11.1.1.7"}, {"name": "MySQL Connectors", "operator": "le", "version": "8.0.12"}, {"name": "Oracle Transportation Management", "operator": "le", "version": "6.3.7"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.3"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.7"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "10.8"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "16.0"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GlassFish Server", "operator": "le", "version": "3.1.2"}, {"name": "Solaris", "operator": "le", "version": "11.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "6.5.12"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.1"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "13.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.2"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.2"}, {"name": "Oracle Healthcare Translational Research", "operator": "le", "version": "3.1.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.0.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "enchantments": {"dependencies": {"modified": "2018-12-19T04:53:24", "references": [{"idList": ["DEBIAN:DLA-711-1:02E2B", "DEBIAN:DSA-3705-1:8640E"], "type": "debian"}, {"idList": ["KLA11340"], "type": "kaspersky"}, {"idList": ["OPENVAS:1361412562310814261", "OPENVAS:1361412562310872080", "OPENVAS:1361412562310814262", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310851432", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310876169", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814263"], "type": "openvas"}, {"idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"], "type": "cloudfoundry"}, {"idList": ["ELSA-2019-4652"], "type": "oraclelinux"}, {"idList": ["765FEB7D-A0D1-11E6-A881-B499BAEBFEAF", "EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF"], "type": "freebsd"}, {"idList": ["CVE-2018-14048", "CVE-2018-11039", "CVE-2018-1000300", "CVE-2018-18224", "CVE-2017-14735"], "type": "cve"}, {"idList": ["RHSA-2018:3533", "RHSA-2018:3534"], "type": "redhat"}, {"idList": ["ASA-201611-4", "ASA-201611-10", "ASA-201611-8", "ASA-201611-9", "ASA-201611-5"], "type": "archlinux"}, {"idList": ["SSA-2016-308-01"], "type": "slackware"}, {"idList": ["SOLARIS_OCT2018_SRU11_4_0_0_0.NASL", "UBUNTU_USN-3123-1.NASL", "FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "UBUNTU_USN-3799-1.NASL", "MYSQL_8_0_13.NASL", "FEDORA_2018-C82FC3E109.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "DEBIAN_DLA-711.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "FEDORA_2018-B4820696E1.NASL"], "type": "nessus"}, {"idList": ["USN-3123-1", "USN-3799-1", "USN-3804-1"], "type": "ubuntu"}, {"idList": ["ALAS-2018-1114", "ALAS-2016-766", "ALAS-2018-1115"], "type": "amazon"}, {"idList": ["GLSA-201701-47"], "type": "gentoo"}, {"idList": ["F5:K74843522", "F5:K04320238", "F5:K42842401", "SOL16708", "F5:K50148721", "F5:K11009429", "F5:K50394032", "F5:K14301401", "F5:K63470526", "F5:K03451253"], "type": "f5"}, {"idList": ["SUSE-SU-2016:2700-1", "SUSE-SU-2016:2714-1", "OPENSUSE-SU-2018:3235-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2699-1"], "type": "suse"}]}, "score": {"modified": "2018-12-19T04:53:24", "value": 5.0, "vector": "NONE"}}, "hash": "1225ae1ea90ae7f340443cb20f436cbf14d387989b9af4f4667b0c87dbe90f44", "history": [], "href": "", "id": "ORACLE:CPUOCT2018-4428296", "lastseen": "2018-12-19T04:53:24", "modified": "2018-10-16T00:00:00", "objectVersion": "1.4", "published": "2018-12-18T00:00:00", "references": [], "reporter": "Oracle", "title": "CPU Oct 2018", "type": "oracle", "viewCount": 613}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-12-19T04:53:24"}, {"bulletin": {"_object_type": "robots.models.oracle.OracleBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.oracle.OracleBulletin"], "affectedSoftware": [{"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "6u201"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.2.1"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.2.2"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.1"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.1.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "16.0"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.6"}, {"name": "Primavera Unifier", "operator": "le", "version": "18.1"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "15.0"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.3"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.0"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.1"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.5"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "6u201"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "17.7"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "17.0.2"}, {"name": "Oracle Text", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.1"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Hospitality Cruise Fleet Management", "operator": "le", "version": "9.0"}, {"name": "Spatial", "operator": "le", "version": "2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "15.2"}, {"name": "Java SE", "operator": "le", "version": "8u181"}, {"name": "Oracle Retail Returns Management", "operator": "le", "version": "14.1"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Communications Application Session Controller", "operator": "le", "version": "3.7.1M0"}, {"name": "Java VM", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "15.0.2"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.4"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.57"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.1"}, {"name": "Oracle Identity Analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.9"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.6"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "8u181"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.3.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14.1"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.4"}, {"name": "MySQL Server", "operator": "le", "version": "8.0.12"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.2"}, {"name": "JD Edwards EnterpriseOne Tools", "operator": "le", "version": "9.2"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.1"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "PeopleSoft Enterprise Interaction Hub", "operator": "le", "version": "9.1.0.0"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "17.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "11"}, {"name": "Spatial", "operator": "le", "version": "2.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Server", "operator": "le", "version": "5.5.61"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "15.0"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "operator": "le", "version": "8.0"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.55"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.2.0"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Solaris", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.1.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.1"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.1"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.2.1"}, {"name": "Enterprise Manager for MySQL Database", "operator": "le", "version": "13.2"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "17.12"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.5.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Java SE", "operator": "le", "version": "11"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.1"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.56"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "7u191"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.0"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.3"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.4"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.1"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "16.0"}, {"name": "Primavera Gateway", "operator": "le", "version": "16.2"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "13.2"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.5"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Instant Messaging Server", "operator": "le", "version": "10.0.1"}, {"name": "Oracle Communications User Data Repository", "operator": "le", "version": "12.2.0"}, {"name": "Oracle API Gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Central Office", "operator": "le", "version": "14.1"}, {"name": "JD Edwards EnterpriseOne Orchestrator", "operator": "le", "version": "9.2"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.2"}, {"name": "Java VM", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.2"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "8.4"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.1"}, {"name": "Hyperion Common Events", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.1"}, {"name": "Solaris", "operator": "le", "version": "10"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "12.2"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.2.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.6"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.0"}, {"name": "OSS Support Tools", "operator": "le", "version": "18.4"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "16.0"}, {"name": "MICROS Retail-J", "operator": "le", "version": "12.1.2"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.3"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.2"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "17.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.8"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.2"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.0"}, {"name": "MICROS Lucas", "operator": "le", "version": "2.9.5"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.5"}, {"name": "MICROS PC Workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.5.0"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "operator": "le", "version": "6.2.0.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.2"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.9"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.3"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "15.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "15.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.4"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.5"}, {"name": "Java VM", "operator": "le", "version": "18c"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Text", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.6"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.0"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.1.3"}, {"name": "Oracle Retail Integration Bus", "operator": "le", "version": "14.1.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.6.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Real-Time Decision Server", "operator": "le", "version": "3.2.1"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.1"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.3"}, {"name": "Oracle Hospitality Materials Control", "operator": "le", "version": "18.1"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.2"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.6"}, {"name": "MySQL Server", "operator": "le", "version": "5.7.23"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.7.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "16.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.1.7"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.1"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "13.2"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.0"}, {"name": "Oracle Text", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "16.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.7"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Communications Messaging Server", "operator": "le", "version": "8.0.2"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.7.0"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "7.3.5"}, {"name": "MySQL Server", "operator": "le", "version": "5.6.41"}, {"name": "Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers", "operator": "le", "version": "2352"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.1"}, {"name": "Hyperion Essbase Administration Services", "operator": "le", "version": "11.1.2.4"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "7u191"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "18.8"}, {"name": "Rapid Home Provisioning", "operator": "le", "version": "18c"}, {"name": "Oracle HTTP Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS Retail-J", "operator": "le", "version": "13.0.0"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "operator": "le", "version": "1123"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "15.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.5"}, {"name": "Oracle Communications MetaSolv Solution", "operator": "le", "version": "6.3.0"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.8"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "8u181"}, {"name": "Oracle Big Data Discovery", "operator": "le", "version": "1.6.0"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.2.1.3"}, {"name": "Hyperion BI+", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.3"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.3"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.2"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.1.1"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "10.3.6.0"}, {"name": "Hyperion Data Relationship Management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.2"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.7"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.2"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.6.1"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.2"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.1"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.7"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.1.3"}, {"name": "Java VM", "operator": "le", "version": "12.2.0.1"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "11"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.1"}, {"name": "Oracle Tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "12.1.0.5"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle VM VirtualBox", "operator": "le", "version": "5.2.20"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "16.0.4"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.0"}, {"name": "Spatial", "operator": "le", "version": "2.2"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Directory Server Enterprise Edition", "operator": "le", "version": "11.1.1.7"}, {"name": "MySQL Connectors", "operator": "le", "version": "8.0.12"}, {"name": "Oracle Transportation Management", "operator": "le", "version": "6.3.7"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.3"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.7"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "10.8"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "16.0"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GlassFish Server", "operator": "le", "version": "3.1.2"}, {"name": "Solaris", "operator": "le", "version": "11.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "6.5.12"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.1"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "13.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.2"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.2"}, {"name": "Oracle Healthcare Translational Research", "operator": "le", "version": "3.1.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.0.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:21:14", "references": [{"idList": ["DEBIAN:DLA-711-1:02E2B", "DEBIAN:DSA-3705-1:8640E"], "type": "debian"}, {"idList": ["FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "UBUNTU_USN-3799-1.NASL", "MYSQL_8_0_13.NASL", "FEDORA_2018-C82FC3E109.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "MYSQL_5_7_24.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "ALA_ALAS-2018-1114.NASL", "FEDORA_2018-B4820696E1.NASL"], "type": "nessus"}, {"idList": ["ORACLE:CPUOCT2018"], "type": "oracle"}, {"idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"], "type": "cloudfoundry"}, {"idList": ["ELSA-2019-4652"], "type": "oraclelinux"}, {"idList": ["765FEB7D-A0D1-11E6-A881-B499BAEBFEAF", "EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF"], "type": "freebsd"}, {"idList": ["KLA11340", "KLA11339"], "type": "kaspersky"}, {"idList": ["RHSA-2018:3003", "RHSA-2018:3002"], "type": "redhat"}, {"idList": ["FEDORA:C38F16060C6A", "FEDORA:C4AB56030B10", "FEDORA:40D1C6051CE4", "FEDORA:760A36277A05"], "type": "fedora"}, {"idList": ["SUSE-SU-2016:2700-1", "OPENSUSE-SU-2018:3478-1", "SUSE-SU-2016:2714-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2699-1"], "type": "suse"}, {"idList": ["SSA-2016-308-01"], "type": "slackware"}, {"idList": ["F5:K74843522", "F5:K04320238", "F5:K42842401", "F5:K50148721", "F5:K11009429", "F5:K50394032", "F5:K14301401", "F5:K63470526", "F5:K03451253"], "type": "f5"}, {"idList": ["ALAS-2018-1114", "ALAS-2016-766", "ALAS-2018-1115"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310814261", "OPENVAS:1361412562310814264", "OPENVAS:1361412562310814262", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814263"], "type": "openvas"}, {"idList": ["GLSA-201701-47"], "type": "gentoo"}, {"idList": ["USN-3123-1", "USN-3799-1"], "type": "ubuntu"}], "rev": 2}, "score": {"modified": "2019-05-29T18:21:14", "rev": 2, "value": 4.2, "vector": "NONE"}}, "hash": "ff360586e1ba4cfdbba0e9306720a239b8b4f00e9cf4bbf95db38c23abe5c85a", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "58a884ceeb1f8333f96dcaf64a45a7e7", "key": "_object_type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "href"}, {"hash": "8fa85797fba695ca1ebfb6cb53ffb06d", "key": "cvelist"}, {"hash": "0b765324c2200d7521a1d3f879e8bc53", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "a189c633d9995e11bf8607170ec9a4b8", "key": "type"}, {"hash": "30162ed78b6c10f731411f2fc440c24f", "key": "reporter"}, {"hash": "a3aeb937dc10d5276960e9d4d421cc31", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "139b181ff9a9189c83df474cbf3323ee", "key": "title"}, {"hash": "edfca85c4c320ffaa9dcfdcb6a20ce1d", "key": "cvss"}, {"hash": "99cf33fdc76c271eacfb873ef259f621", "key": "modified"}, {"hash": "bd9514fdd074efeae64b77f841222304", "key": "_object_types"}, {"hash": "4745a4a5f0eb640c582dd636acf165d8", "key": "description"}], "history": [], "href": "", "id": "ORACLE:CPUOCT2018-4428296", "immutableFields": [], "lastseen": "2019-05-29T18:21:14", "modified": "2018-10-16T00:00:00", "objectVersion": "1.5", "published": "2018-12-18T00:00:00", "references": [], "reporter": "Oracle", "title": "CPU Oct 2018", "type": "oracle", "viewCount": 652}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:21:14"}, {"bulletin": {"affectedSoftware": [{"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "6u201"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.2.1"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.2.2"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.1"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.1.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "16.0"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.6"}, {"name": "Primavera Unifier", "operator": "le", "version": "18.1"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "15.0"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.3"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.0"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.1"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.5"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "6u201"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "17.7"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "17.0.2"}, {"name": "Oracle Text", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.1"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Hospitality Cruise Fleet Management", "operator": "le", "version": "9.0"}, {"name": "Spatial", "operator": "le", "version": "2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "15.2"}, {"name": "Java SE", "operator": "le", "version": "8u181"}, {"name": "Oracle Retail Returns Management", "operator": "le", "version": "14.1"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Communications Application Session Controller", "operator": "le", "version": "3.7.1M0"}, {"name": "Java VM", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "15.0.2"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.4"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.57"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.1"}, {"name": "Oracle Identity Analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.9"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.6"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "8u181"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.3.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14.1"}, {"name": "MySQL Server", "operator": "le", "version": "8.0.12"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.2"}, {"name": "JD Edwards EnterpriseOne Tools", "operator": "le", "version": "9.2"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.1"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "PeopleSoft Enterprise Interaction Hub", "operator": "le", "version": "9.1.0.0"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "17.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "11"}, {"name": "Spatial", "operator": "le", "version": "2.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Server", "operator": "le", "version": "5.5.61"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "15.0"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "operator": "le", "version": "8.0"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.55"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.2.0"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Solaris", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.1.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.1"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.1"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.2.1"}, {"name": "Enterprise Manager for MySQL Database", "operator": "le", "version": "13.2"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "17.12"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.5.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Java SE", "operator": "le", "version": "11"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.1"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.56"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "7u191"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.0"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.3"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.4"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.1"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "16.0"}, {"name": "Primavera Gateway", "operator": "le", "version": "16.2"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "13.2"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.5"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Instant Messaging Server", "operator": "le", "version": "10.0.1"}, {"name": "Oracle Communications User Data Repository", "operator": "le", "version": "12.2.0"}, {"name": "Oracle API Gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Central Office", "operator": "le", "version": "14.1"}, {"name": "JD Edwards EnterpriseOne Orchestrator", "operator": "le", "version": "9.2"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.2"}, {"name": "Java VM", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.2"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "8.4"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.1"}, {"name": "Hyperion Common Events", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.1"}, {"name": "Solaris", "operator": "le", "version": "10"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "12.2"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.2.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.6"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.0"}, {"name": "OSS Support Tools", "operator": "le", "version": "18.4"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "16.0"}, {"name": "MICROS Retail-J", "operator": "le", "version": "12.1.2"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.3"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.2"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "17.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.8"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.2"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.0"}, {"name": "MICROS Lucas", "operator": "le", "version": "2.9.5"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.5"}, {"name": "MICROS PC Workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.5.0"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "operator": "le", "version": "6.2.0.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.2"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.9"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.3"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "15.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "15.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.4"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.5"}, {"name": "Java VM", "operator": "le", "version": "18c"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Text", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.6"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.0"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.1.3"}, {"name": "Oracle Retail Integration Bus", "operator": "le", "version": "14.1.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.6.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Real-Time Decision Server", "operator": "le", "version": "3.2.1"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.1"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.3"}, {"name": "Oracle Hospitality Materials Control", "operator": "le", "version": "18.1"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.2"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.6"}, {"name": "MySQL Server", "operator": "le", "version": "5.7.23"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.7.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "16.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.1.7"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.1"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "13.2"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.0"}, {"name": "Oracle Text", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "16.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.7"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Communications Messaging Server", "operator": "le", "version": "8.0.2"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.7.0"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "7.3.5"}, {"name": "MySQL Server", "operator": "le", "version": "5.6.41"}, {"name": "Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers", "operator": "le", "version": "2352"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.1"}, {"name": "Hyperion Essbase Administration Services", "operator": "le", "version": "11.1.2.4"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "7u191"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "18.8"}, {"name": "Rapid Home Provisioning", "operator": "le", "version": "18c"}, {"name": "Oracle HTTP Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS Retail-J", "operator": "le", "version": "13.0.0"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "operator": "le", "version": "1123"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "15.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.5"}, {"name": "Oracle Communications MetaSolv Solution", "operator": "le", "version": "6.3.0"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.8"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "8u181"}, {"name": "Oracle Big Data Discovery", "operator": "le", "version": "1.6.0"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.2.1.3"}, {"name": "Hyperion BI+", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.3"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.3"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.2"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.1.1"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "10.3.6.0"}, {"name": "Hyperion Data Relationship Management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.2"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.7"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.2"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.6.1"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.2"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.1"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.7"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.1.3"}, {"name": "Java VM", "operator": "le", "version": "12.2.0.1"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "11"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.1"}, {"name": "Oracle Tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "12.1.0.5"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle VM VirtualBox", "operator": "le", "version": "5.2.20"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "16.0.4"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.0"}, {"name": "Spatial", "operator": "le", "version": "2.2"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Directory Server Enterprise Edition", "operator": "le", "version": "11.1.1.7"}, {"name": "MySQL Connectors", "operator": "le", "version": "8.0.12"}, {"name": "Oracle Transportation Management", "operator": "le", "version": "6.3.7"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.3"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.7"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "10.8"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "16.0"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GlassFish Server", "operator": "le", "version": "3.1.2"}, {"name": "Solaris", "operator": "le", "version": "11.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "6.5.12"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.1"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "13.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.2"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.2"}, {"name": "Oracle Healthcare Translational Research", "operator": "le", "version": "3.1.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.0.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "enchantments": {"score": {"modified": "2018-10-20T04:31:57", "value": 5.0, "vector": "NONE"}}, "hash": "68861abcb4a4120a0e8de219d996efa4e690f2ca00337974d4c778c3618c6153", "history": [], "href": "", "id": "ORACLE:CPUOCT2018-4428296", "lastseen": "2018-10-20T04:31:57", "modified": "2018-10-16T00:00:00", "objectVersion": "1.4", "published": "2018-10-19T00:00:00", "references": [], "reporter": "Oracle", "title": "CPU Oct 2018", "type": "oracle", "viewCount": 26}, "differentElements": ["published"], "edition": 4, "lastseen": "2018-10-20T04:31:57"}, {"bulletin": {"affectedSoftware": [{"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "6u201"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.2.1"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.2.2"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.1"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.1.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "16.0"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.6"}, {"name": "Primavera Unifier", "operator": "le", "version": "18.1"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "15.0"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.3"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.0"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.1"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.5"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "6u201"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "17.7"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "17.0.2"}, {"name": "Oracle Text", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.1"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Hospitality Cruise Fleet Management", "operator": "le", "version": "9.0"}, {"name": "Spatial", "operator": "le", "version": "2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "15.2"}, {"name": "Java SE", "operator": "le", "version": "8u181"}, {"name": "Oracle Retail Returns Management", "operator": "le", "version": "14.1"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Communications Application Session Controller", "operator": "le", "version": "3.7.1M0"}, {"name": "Java VM", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "15.0.2"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.4"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.57"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.1"}, {"name": "Oracle Identity Analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.9"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.6"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "8u181"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.3.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14.1"}, {"name": "MySQL Server", "operator": "le", "version": "8.0.12"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.2"}, {"name": "JD Edwards EnterpriseOne Tools", "operator": "le", "version": "9.2"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.1"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "PeopleSoft Enterprise Interaction Hub", "operator": "le", "version": "9.1.0.0"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "17.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "11"}, {"name": "Spatial", "operator": "le", "version": "2.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Server", "operator": "le", "version": "5.5.61"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "15.0"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "operator": "le", "version": "8.0"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.55"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.2.0"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Solaris", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.1.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.1"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.1"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.2.1"}, {"name": "Enterprise Manager for MySQL Database", "operator": "le", "version": "13.2"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "17.12"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.5.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Java SE", "operator": "le", "version": "11"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.1"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.56"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "7u191"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.0"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.3"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.4"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.1"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "16.0"}, {"name": "Primavera Gateway", "operator": "le", "version": "16.2"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "13.2"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.5"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Instant Messaging Server", "operator": "le", "version": "10.0.1"}, {"name": "Oracle Communications User Data Repository", "operator": "le", "version": "12.2.0"}, {"name": "Oracle API Gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Central Office", "operator": "le", "version": "14.1"}, {"name": "JD Edwards EnterpriseOne Orchestrator", "operator": "le", "version": "9.2"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.2"}, {"name": "Java VM", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.2"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "8.4"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.1"}, {"name": "Hyperion Common Events", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.1"}, {"name": "Solaris", "operator": "le", "version": "10"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "12.2"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.2.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.6"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.0"}, {"name": "OSS Support Tools", "operator": "le", "version": "18.4"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "16.0"}, {"name": "MICROS Retail-J", "operator": "le", "version": "12.1.2"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.3"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.2"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "17.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.8"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.2"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.0"}, {"name": "MICROS Lucas", "operator": "le", "version": "2.9.5"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.5"}, {"name": "MICROS PC Workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.5.0"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "operator": "le", "version": "6.2.0.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.2"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.9"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.3"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "15.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "15.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.4"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.5"}, {"name": "Java VM", "operator": "le", "version": "18c"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Text", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.6"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.0"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.1.3"}, {"name": "Oracle Retail Integration Bus", "operator": "le", "version": "14.1.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.6.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Real-Time Decision Server", "operator": "le", "version": "3.2.1"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.1"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.3"}, {"name": "Oracle Hospitality Materials Control", "operator": "le", "version": "18.1"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.2"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.6"}, {"name": "MySQL Server", "operator": "le", "version": "5.7.23"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.7.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "16.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.1.7"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.1"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "13.2"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.0"}, {"name": "Oracle Text", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "16.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.7"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Communications Messaging Server", "operator": "le", "version": "8.0.2"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.7.0"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "7.3.5"}, {"name": "MySQL Server", "operator": "le", "version": "5.6.41"}, {"name": "Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers", "operator": "le", "version": "2352"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.1"}, {"name": "Hyperion Essbase Administration Services", "operator": "le", "version": "11.1.2.4"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "7u191"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "18.8"}, {"name": "Rapid Home Provisioning", "operator": "le", "version": "18c"}, {"name": "Oracle HTTP Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS Retail-J", "operator": "le", "version": "13.0.0"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "operator": "le", "version": "1123"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "15.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.5"}, {"name": "Oracle Communications MetaSolv Solution", "operator": "le", "version": "6.3.0"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.8"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "8u181"}, {"name": "Oracle Big Data Discovery", "operator": "le", "version": "1.6.0"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.2.1.3"}, {"name": "Hyperion BI+", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.3"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.3"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.2"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.1.1"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "10.3.6.0"}, {"name": "Hyperion Data Relationship Management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.2"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.7"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.2"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.6.1"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.2"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.1"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.7"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.1.3"}, {"name": "Java VM", "operator": "le", "version": "12.2.0.1"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "11"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.1"}, {"name": "Oracle Tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "12.1.0.5"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle VM VirtualBox", "operator": "le", "version": "5.2.20"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "16.0.4"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.0"}, {"name": "Spatial", "operator": "le", "version": "2.2"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Directory Server Enterprise Edition", "operator": "le", "version": "11.1.1.7"}, {"name": "MySQL Connectors", "operator": "le", "version": "8.0.12"}, {"name": "Oracle Transportation Management", "operator": "le", "version": "6.3.7"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.3"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.7"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "10.8"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "16.0"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GlassFish Server", "operator": "le", "version": "3.1.2"}, {"name": "Solaris", "operator": "le", "version": "11.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "6.5.12"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.1"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "13.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.2"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.2"}, {"name": "Oracle Healthcare Translational Research", "operator": "le", "version": "3.1.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.0.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "enchantments": {"score": {"modified": "2018-10-19T04:31:48", "value": 5.0, "vector": "NONE"}}, "hash": "49e298f58e67f5c411c9d61c55bef575394ca2a5759b012632932b233247a7fd", "history": [], "href": "", "id": "ORACLE:CPUOCT2018-4428296", "lastseen": "2018-10-19T04:31:48", "modified": "2018-10-16T00:00:00", "objectVersion": "1.4", "published": "2018-10-18T00:00:00", "references": [], "reporter": "Oracle", "title": "CPU Oct 2018", "type": "oracle", "viewCount": 16}, "differentElements": ["published"], "edition": 3, "lastseen": "2018-10-19T04:31:48"}, {"bulletin": {"affectedSoftware": [{"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "6u201"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.2.1"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.2.2"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.1"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.1.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "16.0"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.6"}, {"name": "Primavera Unifier", "operator": "le", "version": "18.1"}, {"name": "Oracle Hospitality Reporting and Analytics", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "15.0"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.3"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.0"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.1"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.5"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "6u201"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "17.7"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "17.0.2"}, {"name": "Oracle Text", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.1"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Hospitality Cruise Fleet Management", "operator": "le", "version": "9.0"}, {"name": "Spatial", "operator": "le", "version": "2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "15.2"}, {"name": "Oracle Retail Returns Management", "operator": "le", "version": "14.1"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.3"}, {"name": "Java SE", "operator": "le", "version": "8u182"}, {"name": "Oracle Communications Application Session Controller", "operator": "le", "version": "3.7.1M0"}, {"name": "Java VM", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "15.0.2"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.4"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.57"}, {"name": "Oracle Identity Analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.9"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.6"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.1.3"}, {"name": "Enterprise Manager Ops Center", "operator": "le", "version": "12.3.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14.1"}, {"name": "MySQL Server", "operator": "le", "version": "8.0.12"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.2"}, {"name": "JD Edwards EnterpriseOne Tools", "operator": "le", "version": "9.2"}, {"name": "Oracle Hospitality Guest Access", "operator": "le", "version": "4.2.1"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "PeopleSoft Enterprise Interaction Hub", "operator": "le", "version": "9.1.0.0"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "17.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "11"}, {"name": "Spatial", "operator": "le", "version": "2.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Server", "operator": "le", "version": "5.5.61"}, {"name": "Oracle WebCenter Portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "15.0"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "operator": "le", "version": "8.0"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.55"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.2.0"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Solaris", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.3.1.1"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.1"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.1"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.2.1"}, {"name": "Enterprise Manager for MySQL Database", "operator": "le", "version": "13.2"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.1"}, {"name": "Primavera Gateway", "operator": "le", "version": "17.12"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.5.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Java SE", "operator": "le", "version": "11"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.1"}, {"name": "PeopleSoft Enterprise PeopleTools", "operator": "le", "version": "8.56"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "7u191"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.6"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "8u182"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.0"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.3"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.4"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.1"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.1.3.0"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "16.0"}, {"name": "Primavera Gateway", "operator": "le", "version": "16.2"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "13.2"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.5"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Communications Instant Messaging Server", "operator": "le", "version": "10.0.1"}, {"name": "Oracle Communications User Data Repository", "operator": "le", "version": "12.2.0"}, {"name": "Oracle API Gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Enterprise Repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Central Office", "operator": "le", "version": "14.1"}, {"name": "JD Edwards EnterpriseOne Orchestrator", "operator": "le", "version": "9.2"}, {"name": "Oracle Banking Platform", "operator": "le", "version": "2.6.2"}, {"name": "Java VM", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.2"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "8.4"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "15.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.1"}, {"name": "Hyperion Common Events", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.1.1"}, {"name": "Solaris", "operator": "le", "version": "10"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "12.2"}, {"name": "Oracle Endeca Information Discovery Studio", "operator": "le", "version": "3.2.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.6"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "Oracle User Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "11.0"}, {"name": "OSS Support Tools", "operator": "le", "version": "18.4"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.1"}, {"name": "Java SE, Java SE Embedded, JRockit", "operator": "le", "version": "8u182"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "16.0"}, {"name": "MICROS Retail-J", "operator": "le", "version": "12.1.2"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.3"}, {"name": "Oracle iLearning", "operator": "le", "version": "6.2"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "14.1"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "17.0"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.8"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.2"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.0"}, {"name": "MICROS Lucas", "operator": "le", "version": "2.9.5"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.5"}, {"name": "MICROS PC Workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.5.0"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "operator": "le", "version": "6.2.0.0"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.1.2"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.9"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.3"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "15.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Invoice Matching", "operator": "le", "version": "15.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.4"}, {"name": "BI Publisher (formerly XML Publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.5"}, {"name": "Java VM", "operator": "le", "version": "18c"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Text", "operator": "le", "version": "12.1.0.2"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.6"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.0"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.1.3"}, {"name": "Oracle Retail Integration Bus", "operator": "le", "version": "14.1.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.1"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.6.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Real-Time Decision Server", "operator": "le", "version": "3.2.1"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "16.1"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.3"}, {"name": "Oracle Hospitality Materials Control", "operator": "le", "version": "18.1"}, {"name": "Oracle Retail Order Broker", "operator": "le", "version": "5.2"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.6"}, {"name": "MySQL Server", "operator": "le", "version": "5.7.23"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.7.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "16.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.1.7"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.1"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "14.0"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "13.2"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.0"}, {"name": "Oracle Text", "operator": "le", "version": "11.2.0.4"}, {"name": "Oracle Retail Allocation", "operator": "le", "version": "16.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Email Center", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.7"}, {"name": "Oracle WebCenter Sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Communications Messaging Server", "operator": "le", "version": "8.0.2"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.7.0"}, {"name": "Oracle Demantra Demand Management", "operator": "le", "version": "7.3.5"}, {"name": "MySQL Server", "operator": "le", "version": "5.6.41"}, {"name": "Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers", "operator": "le", "version": "2352"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "5.3.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "14.1"}, {"name": "Hyperion Essbase Administration Services", "operator": "le", "version": "11.1.2.4"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "7u191"}, {"name": "Oracle Service Bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "Oracle Communications Performance Intelligence Center (PIC) Software", "operator": "le", "version": "10.2.0"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "operator": "le", "version": "18.8"}, {"name": "Rapid Home Provisioning", "operator": "le", "version": "18c"}, {"name": "Oracle HTTP Server", "operator": "le", "version": "12.2.1.3"}, {"name": "Oracle GoldenGate for Big Data", "operator": "le", "version": "12.2.0.1"}, {"name": "MICROS Retail-J", "operator": "le", "version": "13.0.0"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "operator": "le", "version": "1123"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "15.0"}, {"name": "Oracle Agile PLM", "operator": "le", "version": "9.3.5"}, {"name": "Oracle Communications MetaSolv Solution", "operator": "le", "version": "6.3.0"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.8"}, {"name": "Oracle Big Data Discovery", "operator": "le", "version": "1.6.0"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Fusion Middleware MapViewer", "operator": "le", "version": "12.2.1.3"}, {"name": "Hyperion BI+", "operator": "le", "version": "11.1.2.4"}, {"name": "Oracle GoldenGate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.3"}, {"name": "Oracle E-Business Intelligence", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Virtual Directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.3"}, {"name": "Primavera Unifier", "operator": "le", "version": "15.2"}, {"name": "Oracle Adaptive Access Manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle Endeca Information Discovery Integrator", "operator": "le", "version": "3.1.0"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Insurance Calculation Engine", "operator": "le", "version": "10.1.1"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.2"}, {"name": "Oracle WebLogic Server", "operator": "le", "version": "10.3.6.0"}, {"name": "Hyperion Data Relationship Management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.2"}, {"name": "Siebel UI Framework", "operator": "le", "version": "18.7"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "MICROS XBRi", "operator": "le", "version": "10.8.2"}, {"name": "Oracle Endeca Server", "operator": "le", "version": "7.6.1"}, {"name": "Oracle iProcurement", "operator": "le", "version": "12.1.2"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.7"}, {"name": "Oracle Business Intelligence Enterprise Edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Open Commerce Platform", "operator": "le", "version": "6.0.1"}, {"name": "Siebel Apps - Marketing", "operator": "le", "version": "18.7"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.1.3"}, {"name": "Java VM", "operator": "le", "version": "12.2.0.1"}, {"name": "Java SE, Java SE Embedded", "operator": "le", "version": "11"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.1"}, {"name": "Oracle Tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "Enterprise Manager Base Platform", "operator": "le", "version": "12.1.0.5"}, {"name": "Oracle Identity Management Suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "Oracle VM VirtualBox", "operator": "le", "version": "5.2.20"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.1"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "16.0.4"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.0"}, {"name": "Spatial", "operator": "le", "version": "2.2"}, {"name": "Oracle Identity Manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "Oracle Directory Server Enterprise Edition", "operator": "le", "version": "11.1.1.7"}, {"name": "MySQL Connectors", "operator": "le", "version": "8.0.12"}, {"name": "Oracle Transportation Management", "operator": "le", "version": "6.3.7"}, {"name": "Primavera Unifier", "operator": "le", "version": "16.2"}, {"name": "Oracle User Management", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.7"}, {"name": "Oracle iStore", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Outside In Technology", "operator": "le", "version": "8.5.3"}, {"name": "Oracle Customer Interaction History", "operator": "le", "version": "12.1.2"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "14"}, {"name": "Oracle Retail Financial Integration", "operator": "le", "version": "14.0"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.7"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "10.8"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Predictive Application Server", "operator": "le", "version": "15.0"}, {"name": "Oracle Retail Customer Management and Segmentation Foundation", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Manager", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Configuration Manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "MICROS Relate CRM Software", "operator": "le", "version": "11.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.1.3"}, {"name": "Oracle Retail Assortment Planning", "operator": "le", "version": "16.0"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Insurance Rules Palette", "operator": "le", "version": "10.0"}, {"name": "Oracle Retail Sales Audit", "operator": "le", "version": "16.0"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.4"}, {"name": "Oracle Trade Management", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Application Object Library", "operator": "le", "version": "12.2.4"}, {"name": "Oracle GlassFish Server", "operator": "le", "version": "3.1.2"}, {"name": "Solaris", "operator": "le", "version": "11.3"}, {"name": "Oracle Retail Back Office", "operator": "le", "version": "13.4"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "6.5.12"}, {"name": "Oracle Agile Engineering Data Management", "operator": "le", "version": "6.2.1"}, {"name": "Oracle Marketing", "operator": "le", "version": "12.2.5"}, {"name": "Oracle Applications Framework", "operator": "le", "version": "12.2.6"}, {"name": "Oracle Retail Point-of-Service", "operator": "le", "version": "13.4"}, {"name": "Oracle Partner Management", "operator": "le", "version": "12.2.4"}, {"name": "MySQL Enterprise Monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "Instantis EnterpriseTrack", "operator": "le", "version": "17.2"}, {"name": "Oracle Retail Extract Transform and Load", "operator": "le", "version": "13.2"}, {"name": "Oracle Healthcare Translational Research", "operator": "le", "version": "3.1.0"}, {"name": "Application Management Pack for Oracle E-Business Suite", "operator": "le", "version": "12.2.3"}, {"name": "Oracle Hospitality Gift and Loyalty", "operator": "le", "version": "9.0"}, {"name": "Oracle Retail Xstore Point of Service", "operator": "le", "version": "7.0.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "enchantments": {}, "hash": "b7baf753a5caf1d81c6054e78e536632fd00fafcf848dbdc6653c0eb3c9e09cb", "history": [], "href": "", "id": "ORACLE:CPUOCT2018-4428296", "lastseen": "2018-10-17T04:31:43", "modified": "2018-10-16T00:00:00", "objectVersion": "1.4", "published": "2018-10-16T00:00:00", "references": [], "reporter": "Oracle", "title": "CPU Oct 2018", "type": "oracle", "viewCount": 9}, "differentElements": ["published", "affectedSoftware"], "edition": 1, "lastseen": "2018-10-17T04:31:43"}], "viewCount": 658, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K42842401", "F5:K74843522", "F5:K14301401", "F5:K63470526", "F5:K50148721", "F5:K03451253", "F5:K11009429", "F5:K50394032", "F5:K04320238"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018"]}, {"type": "fedora", "idList": ["FEDORA:C4AB56030B10", "FEDORA:760A36277A05", "FEDORA:C38F16060C6A", "FEDORA:40D1C6051CE4"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814262", "OPENVAS:1361412562311220171035", "OPENVAS:1361412562310814263", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310842943", "OPENVAS:1361412562310810155", "OPENVAS:1361412562310703705", "OPENVAS:1361412562310872080", "OPENVAS:1361412562310876169", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310851985", "OPENVAS:1361412562310843667", "OPENVAS:1361412562310814264", "OPENVAS:1361412562311220171036", "OPENVAS:1361412562310814261", "OPENVAS:1361412562310876275", "OPENVAS:1361412562310814260", "OPENVAS:1361412562310851432", "OPENVAS:703705"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3705.NASL", "FREEBSD_PKG_EC5072B0D43A11E8A6D2B499BAEBFEAF.NASL", "OPENSUSE-2019-863.NASL", "EULEROS_SA-2017-1036.NASL", "ALA_ALAS-2018-1115.NASL", "FREEBSD_PKG_765FEB7DA0D111E6A881B499BAEBFEAF.NASL", "FEDORA_2018-55B875C1AC.NASL", "SUSE_SU-2016-2714-1.NASL", "VIRTUALBOX_5_2_20.NASL", "700659.PRM", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_JAVA_CPU_OCT_2018.NASL", "FEDORA_2016-89769648A0.NASL", "SUSE_SU-2019-0119-1.NASL", "MYSQL_8_0_13.NASL", "FEDORA_2016-E8E8CDB4ED.NASL", "FEDORA_2018-242F6C1A41.NASL", "REDHAT-RHSA-2018-3002.NASL", "MARIADB_10_2_19.NASL", "EULEROS_SA-2017-1035.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2018.NASL", "FEDORA_2018-192148F4FF.NASL", "ALA_ALAS-2016-766.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2018_CPU.NASL", "OPENSUSE-2018-1284.NASL", "SUSE_SU-2016-2699-1.NASL", "9826.PRM", "SOLARIS_OCT2018_SRU11_4_0_0_0.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2018.NASL", "MYSQL_5_6_42.NASL", "MYSQL_5_7_24.NASL", "FEDORA_2018-B4820696E1.NASL", "UBUNTU_USN-3123-1.NASL", "DEBIAN_DLA-711.NASL", "SMB_NT_MS19_FEB_EXCHANGE.NASL", "UBUNTU_USN-3799-1.NASL", "OPENSUSE-2018-1330.NASL", "ALA_ALAS-2018-1114.NASL", "FEDORA_2018-4AE94C8DEB.NASL", "REDHAT-RHSA-2018-3003.NASL", "FEDORA_2018-C82FC3E109.NASL", "GENTOO_GLSA-201701-47.NASL", "SLACKWARE_SSA_2016-308-01.NASL", "OPENSUSE-2016-1280.NASL", "ORACLELINUX_ELSA-2019-4652.NASL", "ORACLE_JAVA_CPU_OCT_2018_UNIX.NASL"]}, {"type": "freebsd", "idList": ["EC5072B0-D43A-11E8-A6D2-B499BAEBFEAF"]}, {"type": "ubuntu", "idList": ["USN-3799-1", "USN-3123-1"]}, {"type": "amazon", "idList": ["ALAS-2018-1115", "ALAS-2016-766", "ALAS-2018-1114"]}, {"type": "kaspersky", "idList": ["KLA11340", "KLA11339"]}, {"type": "suse", "idList": ["SUSE-SU-2016:2714-1", "OPENSUSE-SU-2016:2768-1", "SUSE-SU-2016:2700-1", "OPENSUSE-SU-2018:3478-1", "SUSE-SU-2016:2699-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7D5FB6CA51F09BC6516D6E547D7F4E42"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "gentoo", "idList": ["GLSA-201701-47"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3705-1:8640E", "DEBIAN:DLA-711-1:02E2B"]}, {"type": "redhat", "idList": ["RHSA-2018:3002", "RHSA-2018:3003"]}], "modified": "2021-06-08T18:47:19", "rev": 2}, "score": {"value": 4.1, "vector": "NONE", "modified": "2021-06-08T18:47:19", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "oracle istore", "operator": "le", "version": "12.2.7"}, {"name": "oracle email center", "operator": "le", "version": "12.1.2"}, {"name": "oracle agile engineering data management", "operator": "le", "version": "6.1.3"}, {"name": "oracle weblogic server", "operator": "le", "version": "12.2.1.3"}, {"name": "java vm", "operator": "le", "version": "12.1.0.2"}, {"name": "oracle enterprise repository", "operator": "le", "version": "12.1.3.0.0"}, {"name": "fujitsu m10-1, m10-4, m10-4s, m12-1, m12-2, m12-2s servers", "operator": "le", "version": "2352"}, {"name": "oracle partner management", "operator": "le", "version": "12.2.5"}, {"name": "oracle email center", "operator": "le", "version": "12.2.6"}, {"name": "oracle text", "operator": "le", "version": "11.2.0.4"}, {"name": "primavera unifier", "operator": "le", "version": "16.1"}, {"name": "oracle retail allocation", "operator": "le", "version": "16.0"}, {"name": "oracle retail back office", "operator": "le", "version": "13.3"}, {"name": "oracle real-time decision server", "operator": "le", "version": "3.2.1"}, {"name": "oracle application object library", "operator": "le", "version": "12.2.6"}, {"name": "oracle agile engineering data management", "operator": "le", "version": "6.2.1"}, {"name": "oracle big data discovery", "operator": "le", "version": "1.6.0"}, {"name": "oracle hospitality reporting and analytics", "operator": "le", "version": "9.0"}, {"name": "oracle business intelligence enterprise edition", "operator": "le", "version": "11.1.1.9.0"}, {"name": "oracle istore", "operator": "le", "version": "12.1.1"}, {"name": "oracle trade management", "operator": "le", "version": "12.1.1"}, {"name": "oracle goldengate", "operator": "le", "version": "12.3.0.1.0"}, {"name": "oracle endeca information discovery studio", "operator": "le", "version": "3.2.0"}, {"name": "oracle hospitality materials control", "operator": "le", "version": "18.1"}, {"name": "oracle trade management", "operator": "le", "version": "12.1.2"}, {"name": "oracle trade management", "operator": "le", "version": "12.2.7"}, {"name": "instantis enterprisetrack", "operator": "le", "version": "17.2"}, {"name": "oracle service bus", "operator": "le", "version": "12.2.1.3.0"}, {"name": "oracle http server", "operator": "le", "version": "12.2.1.3"}, {"name": "oracle outside in technology", "operator": "le", "version": "8.5.4"}, {"name": "peoplesoft enterprise interaction hub", "operator": "le", "version": "9.1.0.0"}, {"name": "enterprise manager base platform", "operator": "le", "version": "13.2"}, {"name": "oracle business intelligence enterprise edition", "operator": "le", "version": "12.2.1.3.0"}, {"name": "oracle application object library", "operator": "le", "version": "12.2.4"}, {"name": "peoplesoft enterprise peopletools", "operator": "le", "version": "8.56"}, {"name": "oracle retail order broker", "operator": "le", "version": "5.1"}, {"name": "primavera unifier", "operator": "le", "version": "17.1"}, {"name": "oracle partner management", "operator": "le", "version": "12.2.7"}, {"name": "bi publisher (formerly xml publisher)", "operator": "le", "version": "11.1.1.7.0"}, {"name": "siebel ui framework", "operator": "le", "version": "18.7"}, {"name": "oracle endeca server", "operator": "le", "version": "7.6.1"}, {"name": "oracle applications framework", "operator": "le", "version": "12.1.3"}, {"name": "oracle applications framework", "operator": "le", "version": "12.2.3"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "8.4"}, {"name": "oracle retail back office", "operator": "le", "version": "14.1"}, {"name": "oracle healthcare translational research", "operator": "le", "version": "3.1.0"}, {"name": "primavera gateway", "operator": "le", "version": "15.2"}, {"name": "oracle enterprise repository", "operator": "le", "version": "11.1.1.7.0"}, {"name": "oracle user management", "operator": "le", "version": "12.2.6"}, {"name": "peoplesoft enterprise peopletools", "operator": "le", "version": "8.55"}, {"name": "oracle email center", "operator": "le", "version": "12.2.7"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.2.7"}, {"name": "oracle applications manager", "operator": "le", "version": "12.2.4"}, {"name": "oracle virtual directory", "operator": "le", "version": "11.1.1.9.0"}, {"name": "java se, java se embedded", "operator": "le", "version": "6u201"}, {"name": "oracle identity manager", "operator": "le", "version": "12.2.1.3.0"}, {"name": "oracle marketing", "operator": "le", "version": "12.2.4"}, {"name": "oracle banking platform", "operator": "le", "version": "2.6.2"}, {"name": "oracle marketing", "operator": "le", "version": "12.2.5"}, {"name": "mysql server", "operator": "le", "version": "5.5.61"}, {"name": "oracle retail financial integration", "operator": "le", "version": "15.0"}, {"name": "siebel apps - marketing", "operator": "le", "version": "18.9"}, {"name": "oracle virtual directory", "operator": "le", "version": "11.1.1.7.0"}, {"name": "oracle user management", "operator": "le", "version": "12.2.3"}, {"name": "java se, java se embedded, jrockit", "operator": "le", "version": "7u191"}, {"name": "java se", "operator": "le", "version": "8u181"}, {"name": "oracle partner management", "operator": "le", "version": "12.1.1"}, {"name": "primavera gateway", "operator": "le", "version": "17.12"}, {"name": "oracle retail central office", "operator": "le", "version": "14.1"}, {"name": "oracle demantra demand management", "operator": "le", "version": "12.2"}, {"name": "oracle application object library", "operator": "le", "version": "12.2.5"}, {"name": "oracle insurance rules palette", "operator": "le", "version": "10.1"}, {"name": "oracle hospitality cruise shipboard property management system", "operator": "le", "version": "8.0"}, {"name": "oracle webcenter portal", "operator": "le", "version": "12.2.1.3.0"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "18.8"}, {"name": "hyperion common events", "operator": "le", "version": "11.1.2.4"}, {"name": "oracle istore", "operator": "le", "version": "12.1.2"}, {"name": "java se, java se embedded, jrockit", "operator": "le", "version": "8u181"}, {"name": "oracle trade management", "operator": "le", "version": "12.2.3"}, {"name": "oracle retail predictive application server", "operator": "le", "version": "15.0"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "16.2"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.2.5"}, {"name": "oracle retail order broker", "operator": "le", "version": "15.0"}, {"name": "oracle applications manager", "operator": "le", "version": "12.2.6"}, {"name": "oracle goldengate for big data", "operator": "le", "version": "12.3.1.1"}, {"name": "oracle communications messaging server", "operator": "le", "version": "8.0.2"}, {"name": "mysql server", "operator": "le", "version": "5.6.41"}, {"name": "oracle communications instant messaging server", "operator": "le", "version": "10.0.1"}, {"name": "oracle retail order broker", "operator": "le", "version": "5.0"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "16.0.4"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.2.7"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "7.1.7"}, {"name": "oracle retail assortment planning", "operator": "le", "version": "14.1"}, {"name": "oracle applications manager", "operator": "le", "version": "12.2.7"}, {"name": "oracle identity analytics", "operator": "le", "version": "11.1.1.5.8"}, {"name": "spatial", "operator": "le", "version": "2.2"}, {"name": "java se, java se embedded, jrockit", "operator": "le", "version": "11"}, {"name": "oracle retail open commerce platform", "operator": "le", "version": "6.0"}, {"name": "oracle e-business intelligence", "operator": "le", "version": "12.1.1"}, {"name": "solaris", "operator": "le", "version": "11.3"}, {"name": "oracle application object library", "operator": "le", "version": "12.2.3"}, {"name": "oracle retail assortment planning", "operator": "le", "version": "16.0"}, {"name": "oracle customer interaction history", "operator": "le", "version": "12.1.3"}, {"name": "oracle retail extract transform and load", "operator": "le", "version": "13.1"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "6.5.12"}, {"name": "oracle retail invoice matching", "operator": "le", "version": "15.0"}, {"name": "oracle outside in technology", "operator": "le", "version": "8.5.3"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "15.2"}, {"name": "oracle business intelligence enterprise edition", "operator": "le", "version": "12.2.1.4.0"}, {"name": "oracle marketing", "operator": "le", "version": "12.1.3"}, {"name": "oracle retail sales audit", "operator": "le", "version": "15.0"}, {"name": "oracle insurance rules palette", "operator": "le", "version": "10.0"}, {"name": "oracle endeca information discovery integrator", "operator": "le", "version": "3.2.0"}, {"name": "oracle directory server enterprise edition", "operator": "le", "version": "11.1.1.7"}, {"name": "oracle banking platform", "operator": "le", "version": "2.6.1"}, {"name": "oracle vm virtualbox", "operator": "le", "version": "5.2.20"}, {"name": "oracle applications framework", "operator": "le", "version": "12.2.5"}, {"name": "rapid home provisioning", "operator": "le", "version": "18c"}, {"name": "oracle goldengate", "operator": "le", "version": "12.1.2.1.0"}, {"name": "spatial", "operator": "le", "version": "2.1"}, {"name": "oracle marketing", "operator": "le", "version": "12.2.7"}, {"name": "oracle weblogic server", "operator": "le", "version": "12.1.3.0"}, {"name": "oracle retail financial integration", "operator": "le", "version": "14.1"}, {"name": "oracle communications performance intelligence center (pic) software", "operator": "le", "version": "10.2.0"}, {"name": "jd edwards enterpriseone tools", "operator": "le", "version": "9.2"}, {"name": "oracle applications manager", "operator": "le", "version": "12.2.3"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.2.3"}, {"name": "oracle retail open commerce platform", "operator": "le", "version": "6.0.1"}, {"name": "oracle text", "operator": "le", "version": "12.1.0.2"}, {"name": "oracle insurance calculation engine", "operator": "le", "version": "10.2.1"}, {"name": "java se, java se embedded", "operator": "le", "version": "7u191"}, {"name": "oracle fusion middleware mapviewer", "operator": "le", "version": "12.2.1.3"}, {"name": "oracle email center", "operator": "le", "version": "12.1.1"}, {"name": "oracle retail open commerce platform", "operator": "le", "version": "5.3"}, {"name": "oracle user management", "operator": "le", "version": "12.2.7"}, {"name": "oracle hospitality guest access", "operator": "le", "version": "4.2.0"}, {"name": "instantis enterprisetrack", "operator": "le", "version": "17.3"}, {"name": "oracle webcenter portal", "operator": "le", "version": "11.1.1.9.0"}, {"name": "hyperion data relationship management", "operator": "le", "version": "11.1.2.4.345"}, {"name": "oracle user management", "operator": "le", "version": "12.2.4"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.1.1"}, {"name": "java se, java se embedded, jrockit", "operator": "le", "version": "6u201"}, {"name": "solaris", "operator": "le", "version": "10"}, {"name": "enterprise manager for mysql database", "operator": "le", "version": "13.2"}, {"name": "java se, java se embedded", "operator": "le", "version": "11"}, {"name": "micros xbri", "operator": "le", "version": "10.8.1"}, {"name": "enterprise manager base platform", "operator": "le", "version": "12.1.0.5"}, {"name": "oracle marketing", "operator": "le", "version": "12.1.2"}, {"name": "oracle glassfish server", "operator": "le", "version": "3.1.2"}, {"name": "micros retail-j", "operator": "le", "version": "12.1.2"}, {"name": "micros xbri", "operator": "le", "version": "10.6.0"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "7.0.7"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "17.0.2"}, {"name": "oracle adaptive access manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "oracle text", "operator": "le", "version": "12.2.0.1"}, {"name": "oracle marketing", "operator": "le", "version": "12.2.6"}, {"name": "mysql enterprise monitor", "operator": "le", "version": "4.0.6.5281"}, {"name": "enterprise manager ops center", "operator": "le", "version": "12.2.2"}, {"name": "oracle istore", "operator": "le", "version": "12.2.4"}, {"name": "java se, java se embedded", "operator": "le", "version": "8u181"}, {"name": "oracle istore", "operator": "le", "version": "12.1.3"}, {"name": "oracle communications user data repository", "operator": "le", "version": "12.2.0"}, {"name": "oracle retail financial integration", "operator": "le", "version": "13.2"}, {"name": "oracle marketing", "operator": "le", "version": "12.2.3"}, {"name": "oracle service bus", "operator": "le", "version": "12.1.3.0.0"}, {"name": "oracle identity management suite", "operator": "le", "version": "12.2.1.3.0"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "15.1"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.1.3"}, {"name": "hyperion bi+", "operator": "le", "version": "11.1.2.4"}, {"name": "oracle communications performance intelligence center (pic) software", "operator": "le", "version": "10.2.1"}, {"name": "java vm", "operator": "le", "version": "11.2.0.4"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "16.1"}, {"name": "oracle goldengate for big data", "operator": "le", "version": "12.2.0.1"}, {"name": "oracle retail customer management and segmentation foundation", "operator": "le", "version": "16.0"}, {"name": "oracle partner management", "operator": "le", "version": "12.1.3"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.2.6"}, {"name": "oracle identity management suite", "operator": "le", "version": "11.1.2.3.0"}, {"name": "oracle retail financial integration", "operator": "le", "version": "16.0"}, {"name": "micros pc workstation 2015", "operator": "le", "version": "01.3.0.2i"}, {"name": "oracle retail integration bus", "operator": "le", "version": "14.1.2"}, {"name": "oracle configuration manager", "operator": "le", "version": "12.1.2.0.5"}, {"name": "primavera gateway", "operator": "le", "version": "16.2"}, {"name": "micros relate crm software", "operator": "le", "version": "11.4"}, {"name": "java vm", "operator": "le", "version": "12.2.0.1"}, {"name": "oracle endeca information discovery studio", "operator": "le", "version": "3.1.0"}, {"name": "oracle partner management", "operator": "le", "version": "12.2.3"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.1.2"}, {"name": "oracle communications application session controller", "operator": "le", "version": "3.7.1M0"}, {"name": "micros lucas", "operator": "le", "version": "2.9.5"}, {"name": "oracle applications framework", "operator": "le", "version": "12.2.7"}, {"name": "oracle retail financial integration", "operator": "le", "version": "14.0"}, {"name": "oracle communications metasolv solution", "operator": "le", "version": "6.3.0"}, {"name": "oracle retail returns management", "operator": "le", "version": "14.1"}, {"name": "oracle weblogic server", "operator": "le", "version": "10.3.6.0"}, {"name": "oracle partner management", "operator": "le", "version": "12.1.2"}, {"name": "oracle ilearning", "operator": "le", "version": "6.1"}, {"name": "oracle hospitality gift and loyalty", "operator": "le", "version": "9.0"}, {"name": "oracle demantra demand management", "operator": "le", "version": "7.3.5"}, {"name": "micros xbri", "operator": "le", "version": "10.5.0"}, {"name": "mysql server", "operator": "le", "version": "8.0.12"}, {"name": "oracle business intelligence enterprise edition", "operator": "le", "version": "11.1.1.7.0"}, {"name": "enterprise manager ops center", "operator": "le", "version": "12.3.3"}, {"name": "oracle agile engineering data management", "operator": "le", "version": "6.2.0"}, {"name": "oracle trade management", "operator": "le", "version": "12.2.6"}, {"name": "solaris", "operator": "le", "version": "11.4"}, {"name": "oracle marketing", "operator": "le", "version": "12.1.1"}, {"name": "oracle application object library", "operator": "le", "version": "12.1.3"}, {"name": "micros relate crm software", "operator": "le", "version": "10.8"}, {"name": "mysql server", "operator": "le", "version": "5.7.23"}, {"name": "jd edwards enterpriseone orchestrator", "operator": "le", "version": "9.2"}, {"name": "oracle customer interaction history", "operator": "le", "version": "12.1.1"}, {"name": "oracle endeca server", "operator": "le", "version": "7.7.0"}, {"name": "oracle retail sales audit", "operator": "le", "version": "16.0"}, {"name": "oracle banking platform", "operator": "le", "version": "2.6.0"}, {"name": "oracle application object library", "operator": "le", "version": "12.2.7"}, {"name": "oracle hospitality guest access", "operator": "le", "version": "4.2.1"}, {"name": "oracle retail allocation", "operator": "le", "version": "15.0"}, {"name": "primavera unifier", "operator": "le", "version": "15.1"}, {"name": "oracle applications manager", "operator": "le", "version": "12.1.3"}, {"name": "oracle e-business intelligence", "operator": "le", "version": "12.1.2"}, {"name": "oracle istore", "operator": "le", "version": "12.2.3"}, {"name": "oracle e-business intelligence", "operator": "le", "version": "12.1.3"}, {"name": "oracle customer interaction history", "operator": "le", "version": "12.1.2"}, {"name": "bi publisher (formerly xml publisher)", "operator": "le", "version": "12.2.1.4.0"}, {"name": "siebel apps - marketing", "operator": "le", "version": "18.8"}, {"name": "oracle identity manager", "operator": "le", "version": "11.1.2.3.0"}, {"name": "peoplesoft enterprise peopletools", "operator": "le", "version": "8.57"}, {"name": "oracle insurance calculation engine", "operator": "le", "version": "10.1.1"}, {"name": "oracle retail invoice matching", "operator": "le", "version": "16.0"}, {"name": "oracle applications framework", "operator": "le", "version": "12.2.6"}, {"name": "oracle fusion middleware mapviewer", "operator": "le", "version": "12.1.3.0"}, {"name": "primavera p6 enterprise project portfolio management", "operator": "le", "version": "17.7"}, {"name": "micros xbri", "operator": "le", "version": "10.7.0"}, {"name": "instantis enterprisetrack", "operator": "le", "version": "17.1"}, {"name": "oracle api gateway", "operator": "le", "version": "11.1.2.4.0"}, {"name": "oracle user management", "operator": "le", "version": "12.1.3"}, {"name": "oracle retail order broker", "operator": "le", "version": "16.0"}, {"name": "primavera unifier", "operator": "le", "version": "16.2"}, {"name": "oracle goldengate", "operator": "le", "version": "12.2.0.2.0"}, {"name": "oracle agile plm", "operator": "le", "version": "9.3.6"}, {"name": "oracle partner management", "operator": "le", "version": "12.2.6"}, {"name": "java se", "operator": "le", "version": "11"}, {"name": "oracle weblogic server", "operator": "le", "version": "12.2.1.3.20180913"}, {"name": "sparc enterprise m3000, m4000, m5000, m8000, m9000 servers", "operator": "le", "version": "1123"}, {"name": "oracle istore", "operator": "le", "version": "12.2.6"}, {"name": "oracle email center", "operator": "le", "version": "12.2.3"}, {"name": "oracle tuxedo", "operator": "le", "version": "12.1.1.0"}, {"name": "oracle agile plm", "operator": "le", "version": "9.3.3"}, {"name": "micros retail-j", "operator": "le", "version": "13.0.0"}, {"name": "oracle insurance rules palette", "operator": "le", "version": "11.1"}, {"name": "oracle hospitality gift and loyalty", "operator": "le", "version": "9.1"}, {"name": "oracle trade management", "operator": "le", "version": "12.2.5"}, {"name": "oracle retail point-of-service", "operator": "le", "version": "14.0"}, {"name": "siebel apps - marketing", "operator": "le", "version": "18.7"}, {"name": "oracle email center", "operator": "le", "version": "12.2.4"}, {"name": "mysql enterprise monitor", "operator": "le", "version": "3.4.9.4237"}, {"name": "bi publisher (formerly xml publisher)", "operator": "le", "version": "11.1.1.9.0"}, {"name": "oracle trade management", "operator": "le", "version": "12.2.4"}, {"name": "primavera unifier", "operator": "le", "version": "15.2"}, {"name": "primavera unifier", "operator": "le", "version": "18.1"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.1.3"}, {"name": "siebel ui framework", "operator": "le", "version": "18.8"}, {"name": "micros xbri", "operator": "le", "version": "10.8.2"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.2.5"}, {"name": "oracle email center", "operator": "le", "version": "12.2.5"}, {"name": "oracle trade management", "operator": "le", "version": "12.1.3"}, {"name": "oracle iprocurement", "operator": "le", "version": "12.2.4"}, {"name": "oracle goldengate for big data", "operator": "le", "version": "12.3.2.1"}, {"name": "oracle agile product lifecycle management for process", "operator": "le", "version": "6.2.0.0"}, {"name": "oracle retail back office", "operator": "le", "version": "14"}, {"name": "bi publisher (formerly xml publisher)", "operator": "le", "version": "12.2.1.3.0"}, {"name": "oracle applications manager", "operator": "le", "version": "12.2.5"}, {"name": "oracle agile plm", "operator": "le", "version": "9.3.4"}, {"name": "oracle retail customer management and segmentation foundation", "operator": "le", "version": "17.0"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.2.6"}, {"name": "oracle retail extract transform and load", "operator": "le", "version": "13.0"}, {"name": "oracle banking platform", "operator": "le", "version": "2.5.0"}, {"name": "oracle retail open commerce platform", "operator": "le", "version": "6.0.0"}, {"name": "spatial", "operator": "le", "version": "2.0"}, {"name": "siebel ui framework", "operator": "le", "version": "18.9"}, {"name": "oracle retail predictive application server", "operator": "le", "version": "14.1"}, {"name": "oracle retail extract transform and load", "operator": "le", "version": "13.2"}, {"name": "oracle transportation management", "operator": "le", "version": "6.3.7"}, {"name": "oracle insurance rules palette", "operator": "le", "version": "10.2"}, {"name": "oracle retail xstore point of service", "operator": "le", "version": "15.0.2"}, {"name": "oracle retail order broker", "operator": "le", "version": "5.2"}, {"name": "oracle endeca information discovery integrator", "operator": "le", "version": "3.1.0"}, {"name": "oracle hospitality reporting and analytics", "operator": "le", "version": "9.1"}, {"name": "oracle istore", "operator": "le", "version": "12.2.5"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.2.4"}, {"name": "java vm", "operator": "le", "version": "18c"}, {"name": "oracle retail back office", "operator": "le", "version": "13.4"}, {"name": "oracle agile plm", "operator": "le", "version": "9.3.5"}, {"name": "oracle configuration manager", "operator": "le", "version": "12.1.2.0.2"}, {"name": "oracle ilearning", "operator": "le", "version": "6.2"}, {"name": "oracle retail open commerce platform", "operator": "le", "version": "5.3.0"}, {"name": "hyperion essbase administration services", "operator": "le", "version": "11.1.2.4"}, {"name": "oracle webcenter sites", "operator": "le", "version": "11.1.1.8.0"}, {"name": "oracle user management", "operator": "le", "version": "12.2.5"}, {"name": "oracle applications framework", "operator": "le", "version": "12.2.4"}, {"name": "oracle adaptive access manager", "operator": "le", "version": "11.1.1.7.0"}, {"name": "oracle retail predictive application server", "operator": "le", "version": "16.0"}, {"name": "oracle hospitality cruise fleet management", "operator": "le", "version": "9.0"}, {"name": "oracle webcenter sites", "operator": "le", "version": "12.2.1.3.0"}, {"name": "oracle insurance rules palette", "operator": "le", "version": "11.0"}, {"name": "mysql enterprise monitor", "operator": "le", "version": "8.0.2.8191"}, {"name": "oss support tools", "operator": "le", "version": "18.4"}, {"name": "oracle email center", "operator": "le", "version": "12.1.3"}, {"name": "oracle retail point-of-service", "operator": "le", "version": "14.1"}, {"name": "oracle retail point-of-service", "operator": "le", "version": "13.4"}, {"name": "oracle retail predictive application server", "operator": "le", "version": "14.0"}, {"name": "micros xbri", "operator": "le", "version": "10.8.3"}, {"name": "mysql connectors", "operator": "le", "version": "8.0.12"}, {"name": "oracle partner management", "operator": "le", "version": "12.2.4"}, {"name": "oracle retail assortment planning", "operator": "le", "version": "15.0"}, {"name": "application management pack for oracle e-business suite", "operator": "le", "version": "12.2.3"}], "_object_type": "robots.models.oracle.OracleBulletin", "_object_types": ["robots.models.oracle.OracleBulletin", "robots.models.base.Bulletin"], "immutableFields": [], "edition": 2, "hashmap": [{"key": "_object_type", "hash": "58a884ceeb1f8333f96dcaf64a45a7e7"}, {"key": "_object_types", "hash": "bd9514fdd074efeae64b77f841222304"}, {"key": "affectedSoftware", "hash": "6deee7962b2b0fba06b389c7f915dfb8"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "8fa85797fba695ca1ebfb6cb53ffb06d"}, {"key": "cvss", "hash": "edfca85c4c320ffaa9dcfdcb6a20ce1d"}, {"key": "description", "hash": "4745a4a5f0eb640c582dd636acf165d8"}, {"key": "href", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "99cf33fdc76c271eacfb873ef259f621"}, {"key": "published", "hash": "0b765324c2200d7521a1d3f879e8bc53"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "30162ed78b6c10f731411f2fc440c24f"}, {"key": "title", "hash": "139b181ff9a9189c83df474cbf3323ee"}, {"key": "type", "hash": "a189c633d9995e11bf8607170ec9a4b8"}], "scheme": null, "cvss2": {}, "cvss3": {}}]}

Glassfish Server Open Source Edition 3.1 2.2 Vulnerability

Source: https://vulners.com/nessus/GLASSFISH_CPU_OCT_2018.NASL