CPE-0ED3584D-EE95-4264-B050-DE5FC310095B Detail

CPE Details

Oracle Clusterware 12.1.0.2.0

Vendor

oracle

Product

clusterware

Version

12.1.0.2.0

Created

2019-07-25
17h12 +00:00

Modified

2019-07-25
17h12 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*

Informations

Vendor

oracle

Product

clusterware

Version

12.1.0.2.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2019-2860	2019-07-23 20h31 +00:00	Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). The supported version that is affected is 12.1.0.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Clusterware. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Clusterware accessible data as well as unauthorized read access to a subset of Oracle Clusterware accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Clusterware. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).	5.6	Medium
CVE-2018-11307	2019-07-09 13h37 +00:00	An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.	9.8	Critical
CVE-2018-14719	2019-01-02 17h00 +00:00	FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.	9.8	Critical
CVE-2018-1000873	2018-12-20 16h00 +00:00	Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.	6.5	Medium
CVE-2017-15095	2018-02-06 15h00 +00:00	A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.	9.8	Critical

Oracle Clusterware 12.1.0.2.0

CPE Details

CPE Name: cpe:2.3:a:oracle:clusterware:12.1.0.2.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*