VDB
BDU%3A2019-01760
BDU%3A2019-01760
PUBLISHED
CVSS 9 CRITICAL
Уязвимость компонента Spring Framework программных продуктов Oracle, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Risk Scores
CVSS 2.0
9
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Corp., Pivotal Software Inc., Red Hat Inc. | Enterprise Manager Ops Center, Enterprise Repository, Insurance Policy Administration, PeopleSoft Enterprise FIN Install, Retail Back Office, Retail Central Office, Retail Returns Management, Retail Point-of-Service, MySQL Enterprise Monitor, Communications Diameter Signaling Router, Oracle Endeca Information Discovery Integrator, WebLogic Server, WebCenter Sites, Oracle Retail Order Broker, Enterprise Manager Base Platform, Spring Framework, Oracle Communications Unified Inventory Management, Oracle FLEXCUBE Private Banking, Oracle Utilities Network Management System, Communications Converged Application Server, Insurance Policy Administration J2EE, Financial Services Analytical Applications Infrastructure, Jboss Fuse, Oracle Hospitality Guest Access, Application Testing Suite, Primavera Gateway, Retail Xstore Point of Service, Oracle Retail Clearance Optimization Engine, Oracle Retail Markdown Optimization, Oracle Retail Customer Insights, Communications Online Mediation Controller, Primavera Analytics, Retail Integration Bus, Oracle Retail Predictive Application Server, Oracle Retail Assortment Planning, Oracle Big Data Discovery, Oracle Insurance Calculation Engine, Oracle Insurance Rules Palette, Oracle Retail Financial Integration, Oracle Retail Service Backbone, Oracle Healthcare Master Person Index, Oracle Agile PLM, Financial Services Behavior Detection Platform, MICROS Lucas, Enterprise Manager for MySQL Database, Oracle GoldenGate for Big Data, Tape Library ACSLS, Oracle Communications Services Gatekeeper, Retail Open Commerce Platform, Oracle Health Sciences Information Manager, Oracle Service Architecture Leveraging Tuxedo, Communications Performance Intelligence Center (PIC) Software, Enterprise Manager for Fusion Applications |
Timeline
- May 16, 2019 CVE Published
- Mar 23, 2021 CVE Updated
- Mar 18, 2026 Distribution Patch
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html url
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html url
- http://www.securityfocus.com/bid/104222 url
- http://www.securitytracker.com/id/1041888 url
- http://www.securitytracker.com/id/1041896 url
- https://access.redhat.com/errata/RHSA-2019:2413 url
- https://pivotal.io/security/cve-2018-1258 url
- https://security.netapp.com/advisory/ntap-20181018-0002/ url
- https://www.oracle.com/security-alerts/cpuapr2020.html url
- https://www.oracle.com/security-alerts/cpujan2020.html url
- https://www.oracle.com/security-alerts/cpujan2021.html url
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html url
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html url
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html url
- https://access.redhat.com/security/cve/CVE-2018-1258?extIdCarryOver=true&sc_cid=701f2000001OH7JAAW advisory