CVE-2024-45492
In Oracle Communications Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "MITTEL" für die Schadenshöhe.
EPSS 2.27% · 85.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Financial Services Applications 8.1.2.6 | |
| IBM | IBM DB2 10.5 | |
| Oracle | Oracle Communications <10.4.0.4 | |
| Oracle | Oracle Communications Applications <=12.0.6.0.0 | |
| Debian | Debian Linux | |
| Oracle | Oracle Communications 14.0 | |
| Open Source | Open Source expat <2.6.3 | |
| Dell | Dell PowerScale OneFS OneFS | |
| Oracle | Oracle Fusion Middleware 11.1.1.5.0 | |
| Oracle | Oracle Communications 24.1.1 | |
| Oracle | Oracle Communications 12.11.0 | |
| Dell | Dell PowerProtect Data Domain <7.10.1.70 | |
| Red Hat | Red Hat JBoss Core Services <2.4.62 | |
| Oracle | Oracle Communications 9.1.1.3.0 | |
| Oracle | Oracle Fusion Middleware 14.1.1.0.0 | |
| Broadcom | Broadcom Brocade SANnav | |
| Oracle | Oracle Communications Applications 7.4.1 | |
| Oracle | Oracle Communications 12.11 | |
| Xerox | Xerox FreeFlow Print Server 9 | |
| Oracle | Oracle Linux |
…and 102 more
Exploit Intelligence
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
Timeline
- Aug 29, 2024 CVE Published
- Aug 30, 2024 EPSS Score
- Sep 19, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 18, 2024 Coalition ESS Score
- Oct 30, 2024 EPSS Score
- Nov 19, 2024 EPSS Score
- Dec 10, 2024 EPSS Score
- Jan 20, 2025 EPSS Score
- Feb 9, 2025 EPSS Score
- Mar 1, 2025 EPSS Score
- Mar 12, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1951.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1951 advisory
- https://github.com/advisories/GHSA-4hvh-m426-wv8w advisory
- https://github.com/advisories/GHSA-784x-7qm2-gp97 advisory
- https://github.com/advisories/GHSA-5qxm-qvmj-8v79 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f27c29c09c advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-e86a48cd72 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c7b547bec5 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c5d55d5845 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-527052ab76 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-September/019396.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-2b163f9201 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f750328c3b advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-39d459dd00 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-7db9258d37 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-1e6d6f8452 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-6dedbc5cf9 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-7a069f48e4 advisory
- https://de.tenable.com/security/tns-2024-16 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f652468298 advisory
…and 89 more