Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
1.47%
80.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian | Atlassian Bitbucket Data Center <9.4.2 (LTS) | |
| Oracle | Oracle Financial Services Applications 8.1.1.4 | |
| Hitachi | Hitachi Ops Center <11.0.4-00 | |
| IBM | IBM InfoSphere Information Server | |
| VMware Tanzu | VMware Tanzu Spring Framework <6.1.14 | |
| Oracle | Oracle Financial Services Applications 8.0.8 | |
| Oracle | Oracle Financial Services Applications 22.2.0.0.0 | |
| Atlassian | Atlassian Bitbucket <10.0.2 | |
| Oracle | Oracle Financial Services Applications 8.0.8.6 | |
| Atlassian | Atlassian Confluence <7.19.30 | |
| SolarWinds | SolarWinds Security Event Manager <2025.4 | |
| RealObjects | RealObjects PDFreactor <12.0.1 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| IBM | IBM InfoSphere Information Server 11.7 | |
| VMware Tanzu | VMware Tanzu Spring Framework <5.3.41 | |
| SAP | SAP Software | |
| Oracle | Oracle Financial Services Applications 8.0.7.8 | |
| IBM | IBM Operational Decision Manager | |
| Atlassian | Atlassian Confluence <8.5.18 | |
| Atlassian | Atlassian Bitbucket <8.19.25 (LTS) |
…and 27 more
Timeline
- Oct 17, 2024 CVE Published
- Oct 18, 2024 Coalition ESS Score
- Oct 19, 2024 EPSS Score
- Oct 22, 2024 Coalition ESS Score
- Nov 6, 2024 EPSS Score
- Nov 6, 2024 Coalition ESS Score
- Nov 24, 2024 EPSS Score
- Dec 13, 2024 EPSS Score
- Dec 29, 2024 Coalition ESS Score
- Jan 18, 2025 EPSS Score
- Feb 5, 2025 EPSS Score
- Feb 23, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3237.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3237 advisory
- https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published advisory
- https://www.pdfreactor.com/pdfreactor-12-hotfix-release-12-0-1-now-available/ advisory
- https://access.redhat.com/errata/RHSA-2024:10700 advisory
- https://github.com/masa42/CVE-2024-38819-POC exploit
- https://jira.atlassian.com/browse/CONFSERVER-98564 advisory
- https://security.netapp.com/advisory/ntap-20250110-0010/ advisory
- https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html advisory
- https://www.ibm.com/support/pages/node/7185046 advisory
- https://www.ibm.com/support/pages/node/7229205 advisory
- https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-113/index.html advisory
- https://security.netapp.com/advisory/NTAP-20241129-0003 advisory
- https://www.dell.com/support/kbdoc/de-de/000338043/dsa-2025-258-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities advisory
- https://support.hcl-software.com/community?id=community_blog&sys_id=d45b6a4b93636e901254f0cd1dba10f2 advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-127/index.html advisory
- https://www.ibm.com/support/pages/node/7246096 advisory
- https://www.ibm.com/support/pages/node/7247442 advisory
- https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-4_release_notes.htm advisory
…and 12 more