VDB
CVE-2022-23221
CVE-2022-23221
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
EPSS 26.57% · 96.4th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
26.57%
96.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Fusion Middleware 14.1.1.0.0 | |
| IBM | IBM QRadar SIEM | |
| Oracle | Oracle Fusion Middleware 8.5.6 | |
| Oracle | Oracle Fusion Middleware 12.2.1.4.0 | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.3.13 | |
| Hitachi | Hitachi Ops Center | |
| Atlassian | Atlassian Bitbucket <10.0.2 | |
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.1.10 | |
| Red Hat | Red Hat Enterprise Linux | |
| Atlassian | Atlassian Bitbucket <8.19.25 (LTS) | |
| Red Hat | Red Hat FUSE <7.11.0 | |
| IBM | IBM Spectrum Protect Plus 10.1 | |
| IBM | IBM QRadar SIEM 7.4 | |
| Debian | Debian Linux | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| IBM | IBM QRadar SIEM 7.5 | |
| Atlassian | Atlassian Bitbucket <9.4.13 (LTS) | |
| EMC | EMC Avamar |
Exploit Intelligence
- http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html (nist-nvd)
- http://seclists.org/fulldisclosure/2022/Jan/39 (nist-nvd)
- https://twitter.com/d0nkey_man/status/1483824727936450564 (nist-nvd)
- H2 Database Console Remote Code Execution Exploit (0day-today)
- H2 Database Console Remote Code Execution Exploit (0day-today)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
…and 5 more exploits
Timeline
- CVE Published
- Jan 25, 2022 PoC Published
- Feb 8, 2022 EPSS Score
- Jul 26, 2022 EPSS Score
- Apr 26, 2023 EPSS Score
- May 23, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
- Aug 12, 2023 EPSS Score
- Aug 27, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Feb 29, 2024 EPSS Score
- Jun 6, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0102.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0102 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-23221 advisory
- https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00043.html advisory
- https://access.redhat.com/errata/RHSA-2022:4918 advisory
- https://access.redhat.com/errata/RHSA-2022:4919 advisory
- https://access.redhat.com/errata/RHSA-2022:4922 advisory
- https://ubuntu.com/security/notices/USN-5365-1 advisory
- https://www.google.com/url?q=https%3A%2F%2Fubuntu.com%2Fsecurity%2Fnotices%2FUSN-6834-1&%3Bsource=gmail&%3Bust=1718378370385000&%3Busg=AOvVaw0RVF_FMFfBi3o2pZ10vhWK advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0123.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0123 advisory
- https://www.oracle.com/security-alerts/cpujan2024.html#AppendixFMW advisory
- https://github.com/nullcult/CVE_2024_209321 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0607.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0607 advisory
- https://access.redhat.com/errata/RHSA-2022:5532 advisory
- https://access.redhat.com/errata/RHSA-2022:5596 advisory
- https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-125/index.html advisory
- https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-124/index.html advisory
…and 34 more