Risk Scores
CVSS v3.0
6.199999809265137
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
1.53%
81.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| oracle | enterprise_manager_for_virtualization | 13.2.3, 13.2.2 |
| oracle | retail_xstore_point_of_service | 15.0.1, 6.5.11, 7.0.6 |
| oracle | weblogic_server | 12.2.1.3, 12.2.1.2 |
| apache | struts | 2.5 |
| Apache Software Foundation | Apache Struts | 2.5 to 2.5.14 |
| oracle | global_lifecycle_management_opatchauto | |
| oracle | webcenter_portal | 12.2.1.3.0, 12.2.1.2.0 |
| netapp | oncommand_balance | |
| Apache | Struts | |
| oracle | financial_services_market_risk_measurement_and_management | 8.0.5 |
| oracle | jd_edwards_enterpriseone_tools | 9.2 |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.0.4, 8.0.5 |
| oracle | retail_order_broker | 5.2 |
| Maven | org.apache.struts:struts2-rest-plugin | 2.5.0 |
| oracle | agile_plm_framework | 9.3.6 |
Timeline
- Dec 1, 2017 CVE Published
- Dec 2, 2017 PoC Published
- Apr 26, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Oct 24, 2021 EPSS Score
- Dec 25, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 25, 2022 EPSS Score
- Jun 29, 2022 EPSS Score
- Aug 31, 2022 EPSS Score
- Nov 1, 2022 EPSS Score
References
- https://cwiki.apache.org/confluence/display/WW/S2-054 url
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html url
- 1039946 vdb
- 102021 vdb
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html url
- https://security.netapp.com/advisory/ntap-20171214-0001/ url
- https://cwiki.apache.org/confluence/display/WW/s2-055 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-15707 advisory
- https://github.com/advisories/GHSA-xcrm-qpp8-hcw4 advisory
- https://security.netapp.com/advisory/ntap-20171214-0001 url