CVE-2019-10173

Оценки

EPSS

0.928высокий92.8%

0%20%40%60%80%100%

Процентиль: 92.8%

CVSS

7.3высокий3.x

0246810

Оценка CVSS: 7.3/10

Все оценки CVSS

CVSS 3.x

7.3

Вектор: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS 2.0

7.5

Вектор: AV:N/AC:L/Au:N/C:P/I:P/A:P

Описание

Было обнаружено, что версия xstream API 1.4.10 до 1.4.11 внесла регрессию для предыдущей уязвимости десериализации. Если платформа безопасности не была инициализирована, это может позволить удаленному злоумышленнику выполнять произвольные команды оболочки при разборе XML или любого поддерживаемого формата, например JSON (регрессия CVE-2013-7285).

Сканер-ВС 7 — современное решение для управления уязвимостями

Использует эту базу данных для обнаружения уязвимостей. Высокая скорость поиска, кроссплатформенность, продвинутый аудит конфигурации и гибкая фильтрация. Подходит для организаций любого масштаба.

Подробнее о Сканер-ВС 7

Источники

debiannvdubuntu

CWE

CWE-94

Связанные уязвимости

BDU:2019-02936

Уязвимое ПО (21)

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu bionic 18.04

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu disco 19.04

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu eoan 19.10

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu focal 20.04

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu groovy 20.10

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu hirsute 21.04

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu trusty 14.04

Характеристика:

{  "unfixed": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: ubuntu xenial 16.04

Характеристика:

{  "unaffected": true}

Источник: ubuntu

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: debian

Характеристика:

{  "fixed": "1.4.11-1"}

Источник: debian

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: debian stretch 9

Характеристика:

{  "unaffected": true}

Источник: debian

Тип: Конфигурация

Продукт: libxstream-java

Операционная система: debian jessie 8

Характеристика:

{  "unaffected": true}

Источник: debian

Тип: Конфигурация

Поставщик: *

Продукт: banking_platform

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: business_activity_monitoring

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: communications_billing_and_revenue_management_elastic_charging_engine

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: communications_diameter_signaling_router

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: communications_unified_inventory_management

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: endeca_information_discovery_studio

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: retail_xstore_point_of_service

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: utilities_framework

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Тип: Конфигурация

Поставщик: *

Продукт: webcenter_portal

Операционная система: * * *

Характеристика:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.10.0",      "versionStartIncluding": "2.4.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",      "versionEndIncluding": "8.2.2",      "versionStartIncluding": "8.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*",      "versionEndIncluding": "4.3.0.6.0",      "versionStartIncluding": "4.3.0.1.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Источник: nvd

Каталог уязвимостей Сканер-ВС

CVE-2019-10173

Оценки

EPSS

CVSS

Все оценки CVSS

Разбор вектора

CVSS

Вектор атаки

Сложность атаки

Требуемые привилегии

Взаимодействие с пользователем

Область воздействия

Воздействие на конфиденциальность

Воздействие на целостность

Воздействие на доступность

Разбор вектора

CVSS

Вектор атаки

Сложность атаки

Аутентификация

Воздействие на конфиденциальность

Воздействие на целостность

Воздействие на доступность

Описание

Сканер-ВС 7 — современное решение для управления уязвимостями

Источники

CWE

Связанные уязвимости

Рекомендации

Уязвимое ПО (21)