Red Hat Automation Manager 7.3.1

CPE Details

Red Hat Automation Manager 7.3.1
redhat
automation_manager
7.3.1
2020-04-02
14h22 +00:00
2020-04-02
14h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:automation_manager:7.3.1:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

automation_manager

Version

7.3.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-12022 2019-03-17 17h14 +00:00 An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
7.5
High
CVE-2018-12023 2019-03-17 16h57 +00:00 An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
7.5
High
CVE-2018-19360 2019-01-02 17h00 +00:00 FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
9.8
Critical
CVE-2018-19361 2019-01-02 17h00 +00:00 FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
9.8
Critical
CVE-2018-19362 2019-01-02 17h00 +00:00 FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
9.8
Critical