CPE-02330F67-6B0E-4561-835C-57CB806B6E04 Detail

CPE Details

Oracle Communications Converged Application Server - Service Controller 6.2

Vendor

oracle

Product

communications_converged_application_server_-_service_controller

Version

6.2

Created

2021-11-29
18h32 +00:00

Modified

2022-01-25
17h42 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::*

Informations

Vendor

oracle

Product

communications_converged_application_server_-_service_controller

Version

6.2

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-29425	2021-04-13 04h50 +00:00	In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.	4.8	Medium
CVE-2020-27218	2020-11-27 23h00 +00:00	In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.	4.8	Medium
CVE-2020-27216	2020-10-22 22h05 +00:00	In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.	7	High
CVE-2019-10219	2019-11-08 13h46 +00:00	A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.	6.1	Medium

Oracle Communications Converged Application Server - Service Controller 6.2

CPE Details

CPE Name: cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::*