VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-wwax-sg2v-aaag

Essentials
Severities (162)
References (77)
Severity details (61)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-wwax-sg2v-aaag
Aliases	CVE-2018-12022 GHSA-cjjf-94ff-43w7 GHSA-wrr7-33fx-rcvj
Summary	High severity vulnerability that affects com.fasterxml.jackson.core:jackson-databind
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-502	Deserialization of Untrusted Data
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	8.8	https://access.redhat.com/errata/RHBA-2019:0959
generic_textual	HIGH	https://access.redhat.com/errata/RHBA-2019:0959
rhas	Important	https://access.redhat.com/errata/RHSA-2019:0782
rhas	Important	https://access.redhat.com/errata/RHSA-2019:0877
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1106
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1107
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1108
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1140
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1782
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1797
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1822
rhas	Important	https://access.redhat.com/errata/RHSA-2019:1823
rhas	Important	https://access.redhat.com/errata/RHSA-2019:2804
rhas	Important	https://access.redhat.com/errata/RHSA-2019:2858
rhas	Important	https://access.redhat.com/errata/RHSA-2019:3002
rhas	Important	https://access.redhat.com/errata/RHSA-2019:3140
rhas	Important	https://access.redhat.com/errata/RHSA-2019:3149
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2019:3892
rhas	Important	https://access.redhat.com/errata/RHSA-2019:3892
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:3892
rhas	Important	https://access.redhat.com/errata/RHSA-2019:4037
cvssv3	7.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00500	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00698	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00698	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00698	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.00698	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.03093	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
epss	0.07724	https://api.first.org/data/v1/epss?cve=CVE-2018-12022
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1671097
cvssv3.1	7.5	https://bugzilla.redhat.com/show_bug.cgi?id=1671098
generic_textual	HIGH	https://bugzilla.redhat.com/show_bug.cgi?id=1671098
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-cjjf-94ff-43w7
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-wrr7-33fx-rcvj
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84
cvssv3.1	7.5	https://github.com/FasterXML/jackson-databind/issues/2052
generic_textual	HIGH	https://github.com/FasterXML/jackson-databind/issues/2052
cvssv3.1	6.1	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
cvssv3.1	6.1	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
cvssv3.1	7.5	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E
generic_textual	HIGH	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E
cvssv3.1	6.1	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
cvssv3.1	6.1	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
cvssv3.1	6.1	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
cvssv3.1	6.1	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC
cvssv3.1	8.8	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual	HIGH	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3.1	9.8	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual	CRITICAL	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2018-12022
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2018-12022
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2018-12022
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2018-12022
cvssv3.1	7.5	https://seclists.org/bugtraq/2019/May/68
generic_textual	HIGH	https://seclists.org/bugtraq/2019/May/68
cvssv3.1	7.5	https://security.netapp.com/advisory/ntap-20190530-0003
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20190530-0003
cvssv3.1	7.5	https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf
generic_textual	HIGH	https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf
cvssv3.1	7.5	https://www.debian.org/security/2019/dsa-4452
generic_textual	HIGH	https://www.debian.org/security/2019/dsa-4452
cvssv3.1	9.8	https://www.oracle.com/security-alerts/cpuapr2020.html
generic_textual	CRITICAL	https://www.oracle.com/security-alerts/cpuapr2020.html
cvssv3.1	9.8	https://www.oracle.com/security-alerts/cpuoct2020.html
generic_textual	CRITICAL	https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1	9.8	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
generic_textual	LOW	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
cvssv3.1	5.9	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
generic_textual	MODERATE	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
cvssv3.1	7.5	http://www.securityfocus.com/bid/107585
generic_textual	HIGH	http://www.securityfocus.com/bid/107585

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHBA-2019:0959
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-12022
		https://bugzilla.redhat.com/show_bug.cgi?id=1671098
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
		https://github.com/FasterXML/jackson-databind
		https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226
		https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a
		https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a
		https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84
		https://github.com/FasterXML/jackson-databind/issues/2052
		https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
		https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
		https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E
		https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E
		https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
		https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
		https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
		https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/
		https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
		https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
		https://seclists.org/bugtraq/2019/May/68
		https://security.netapp.com/advisory/ntap-20190530-0003
		https://security.netapp.com/advisory/ntap-20190530-0003/
		https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf
		https://www.debian.org/security/2019/dsa-4452
		https://www.oracle.com/security-alerts/cpuapr2020.html
		https://www.oracle.com/security-alerts/cpuoct2020.html
		https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
		https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
		http://www.securityfocus.com/bid/107585
1671097		https://bugzilla.redhat.com/show_bug.cgi?id=1671097
cpe:2.3:a:fasterxml:jackson-databind::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
cpe:2.3:a:redhat:single_sign-on:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:7.3:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:fedoraproject:fedora:29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
CVE-2018-12022		https://nvd.nist.gov/vuln/detail/CVE-2018-12022
GHSA-cjjf-94ff-43w7		https://github.com/advisories/GHSA-cjjf-94ff-43w7
GHSA-wrr7-33fx-rcvj		https://github.com/advisories/GHSA-wrr7-33fx-rcvj
RHSA-2019:0782		https://access.redhat.com/errata/RHSA-2019:0782
RHSA-2019:0877		https://access.redhat.com/errata/RHSA-2019:0877
RHSA-2019:1106		https://access.redhat.com/errata/RHSA-2019:1106
RHSA-2019:1107		https://access.redhat.com/errata/RHSA-2019:1107
RHSA-2019:1108		https://access.redhat.com/errata/RHSA-2019:1108
RHSA-2019:1140		https://access.redhat.com/errata/RHSA-2019:1140
RHSA-2019:1782		https://access.redhat.com/errata/RHSA-2019:1782
RHSA-2019:1797		https://access.redhat.com/errata/RHSA-2019:1797
RHSA-2019:1822		https://access.redhat.com/errata/RHSA-2019:1822
RHSA-2019:1823		https://access.redhat.com/errata/RHSA-2019:1823
RHSA-2019:2804		https://access.redhat.com/errata/RHSA-2019:2804
RHSA-2019:2858		https://access.redhat.com/errata/RHSA-2019:2858
RHSA-2019:3002		https://access.redhat.com/errata/RHSA-2019:3002
RHSA-2019:3140		https://access.redhat.com/errata/RHSA-2019:3140
RHSA-2019:3149		https://access.redhat.com/errata/RHSA-2019:3149
RHSA-2019:3892		https://access.redhat.com/errata/RHSA-2019:3892
RHSA-2019:4037		https://access.redhat.com/errata/RHSA-2019:4037
USN-USN-4813-1		https://usn.ubuntu.com/USN-4813-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHBA-2019:0959

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2019:3892

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:30:15Z/ Found at https://access.redhat.com/errata/RHSA-2019:3892

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=1671098

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/FasterXML/jackson-databind

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/issues/2052

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12022

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12022

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12022

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-12022

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://seclists.org/bugtraq/2019/May/68

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20190530-0003

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2019/dsa-4452

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuapr2020.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/107585

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.76803
EPSS Score	0.00500
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.