Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
94.25%
99.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Construction and Engineering <= 21.12.8 | |
| Oracle | Oracle Communications Applications 8.0.0.6.0 | |
| Oracle | Oracle Financial Services Applications 8.0.7.1.2 | |
| Oracle | Oracle Communications 22.1.0.0.0 | |
| Oracle | Oracle Financial Services Applications 8.0.8.3.1 | |
| Oracle | Oracle Financial Services Applications 8.0.8.2.1 | |
| AWS | config | |
| Oracle | Oracle Communications 8.2.3.0 | |
| Oracle | Oracle Financial Services Applications 8.1.2.4 | |
| Oracle | Oracle Financial Services Applications 8.0.7.3.1 | |
| Oracle | Oracle Financial Services Applications 8.0.8.0.0 | |
| Oracle | Oracle Financial Services Applications 2.7 | |
| Gentoo | Gentoo Linux | |
| Oracle | Oracle Financial Services Applications 8.1.1.0 | |
| Oracle | Oracle Construction and Engineering 22.12 | |
| Oracle | Oracle Utilities Applications 2.5.0.1 | |
| Oracle | Oracle Communications Applications 8.1.0.20.0 | |
| Oracle | Oracle Financial Services Applications 2.9 | |
| Oracle | Oracle Construction and Engineering 21.12 | |
| Oracle | Oracle Financial Services Applications 8.0.8.3.5 |
…and 146 more
Timeline
- Jan 21, 1970 CrowdSec Sighting
- Aug 12, 2021 CrowdSec Sighting
- Nov 19, 2021 CrowdSec Sighting
- Nov 26, 2021 CrowdSec Sighting
- Dec 17, 2021 CrowdSec Sighting
- Apr 14, 2022 CrowdSec Sighting
- Oct 13, 2022 CVE Published
- Oct 14, 2022 EPSS Score
- Oct 19, 2022 PoC Published
- Oct 22, 2022 EPSS Score
- Nov 10, 2022 CrowdSec Sighting
- Nov 26, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1758.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1758 advisory
- https://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/ advisory
- https://github.com/advisories/GHSA-599f-7c49-w659 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2135435 advisory
- https://github.com/SeanWrightSec/CVE-2022-42889-PoC exploit
- https://networks.unify.com/security/advisories/OBSO-2210-01.pdf advisory
- http://www.manageengine.com/products/desktop-central/hotfix-readme1.html advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-spss-modeler-is-vulnerable-to-apache-commons-text-cve-2022-42889/ advisory
- https://support.citrix.com/article/CTX474006/citrix-security-advisory-for-cve202242889 advisory
- https://access.redhat.com/errata/RHSA-2022:8652 advisory
- https://access.redhat.com/errata/RHSA-2022:8876 advisory
- https://access.redhat.com/errata/RHSA-2022:8902 advisory
- https://www.ibm.com/support/pages/node/6841279 advisory
- https://access.redhat.com/errata/RHSA-2022:9023 advisory
- https://www.ibm.com/support/pages/node/6848317 advisory
- http://security.gentoo.org/glsa/202301-05 advisory
- https://access.redhat.com/errata/RHSA-2023:0261 advisory
- https://access.redhat.com/errata/RHSA-2023:1006 advisory
- https://access.redhat.com/errata/RHSA-2023:1524 advisory
…and 86 more