CPE-81618EE8-6764-49C0-9573-4354C871FF92 Detail

CPE Details

Oracle Utilities Framework 2.2.0.0.0

Vendor

oracle

Product

utilities_framework

Version

2.2.0.0.0

Created

2020-11-13
14h26 +00:00

Modified

2020-11-13
14h26 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:::::::*

Informations

Vendor

oracle

Product

utilities_framework

Version

2.2.0.0.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2020-14895	2020-10-21 12h04 +00:00	Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). Supported versions that are affected are 2.2.0.0.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0 - 4.3.0.6.0, 4.4.0.0.0 and 4.4.0.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Utilities Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Utilities Framework accessible data as well as unauthorized read access to a subset of Oracle Utilities Framework accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).	5.4	Medium
CVE-2020-1945	2020-05-14 13h57 +00:00	Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.	6.3	Medium
CVE-2020-10683	2020-05-01 16h55 +00:00	dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.	9.8	Critical
CVE-2020-9488	2020-04-27 13h36 +00:00	Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1	3.7	Low
CVE-2019-10173	2019-07-23 10h50 +00:00	It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285)	9.8	Critical

Oracle Utilities Framework 2.2.0.0.0

CPE Details

CPE Name: cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:::::::*