Vulnerability Name: | CVE-2014-0114 (CCN-92889) |
Assigned: | 2013-12-03 |
Published: | 2014-04-29 |
Updated: | 2023-02-13 |
Summary: | Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. |
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): Low Availibility (A): Low |
|
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.2 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 7.5 High (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.2 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial |
|
Vulnerability Type: | CWE-470
|
Vulnerability Consequences: | Gain Access |
References: | Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: MITRE Type: CNA CVE-2014-0114
Source: CCN Type: JVN#19118282 Seasar S2Struts vulnerable to ClassLoader manipulation
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: RHSA-2014-0474 Important: struts security update
Source: CCN Type: RHSA-2014-0500 Important: struts security update
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: oss-sec Mailing List, Fri, 1 Jun 2018 10:16:50 -0700 [CVE-2014-0114]: Apache Ignite is vulnerable to existing CVE-2014-0114
Source: CCN Type: oss-sec Mailing List, Tue, 5 Jun 2018 17:11:11 +0000 RE: [CVE-2014-0114]: Apache Ignite is vulnerable to existing CVE-2014-0114
Source: CCN Type: oss-sec Mailing List, Wed, 6 Jun 2018 13:33:59 +0200 Re: [CVE-2014-0114]: Apache Ignite is vulnerable to existing CVE-2014-0114
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Apache Web Site Struts
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: IBM Security Bulletin 1674739 Vulnerabilities found in IBM Sterling B2B Integrator and IBM Sterling File Gateway ( CVE-2014-0114, CVE-2014-0927, CVE-2014-0912)
Source: CCN Type: IBM Security Bulletin 0717691 (WebSphere Application Server in Cloud) Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud
Source: CCN Type: IBM Security Bulletin 740499 (Content Navigator) IBM Content Navigator is affected by a vulnerability in Apache Apache Commons BeanUtils (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 740849 (Rational Collaborative Lifecycle Management) Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology
Source: CCN Type: IBM Security Bulletin 879093 (Security Privileged Identity Manager) Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.
Source: CCN Type: IBM Security Bulletin 1672316 Classloader Manipulation Vulnerability in IBM WebSphere Application Server CVE-2014-0114
Source: CCN Type: IBM Security Bulletin 1673098 ClassLoader manipulation with Apache Struts affecting IBM Endpoint Manager for Remote Control (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1673101 ClassLoader manipulation with Apache Struts affecting Tivoli Endpoint Manager for Remote Control (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1673422 Classloader Manipulation Vulnerability in IBM WebSphere Service Registry and Repository (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1673877 Rational Reporting for Development Intelligence - Apache Struts used by WebSphere Application Server 6.1 and 7 (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1673878 Rational Insight - Apache Struts used by WebSphere Application Server 6.1 and 7 (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1673944 ClassLoader manipulation with Apache Struts affecting IBM Tivoli Netcool Configuration Manager (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674016 ClassLoader manipulation with Apache Struts affecting WebSphere Partner Gateway Advanced/Enterprise Edition (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674017 ClassLoader manipulation with Apache Struts affecting WebSphere Partner Gateway Express Edition(CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674113 Security exposures in IBM Social Media Analytics and IBM Social Media Analytics on Cloud (CVE-2014-0116 and CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674128 One vulnerability in IBM FileNet Content Manager, IBM Content Foundation, IBM FileNet Content Federation Services and IBM FileNet Legacy Content Search Engine (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674191 ClassLoader manipulation with Apache Struts affecting WebSphere Sensor Events 7.0 (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674310 ClassLoader manipulation with Apache Struts affecting Rational Application Developer (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674339 ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674379 ClassLoader manipulation with Apache Struts affecting Tivoli Integrated Portal (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674428 ClassLoader manipulation with Apache Struts affecting Financial Transaction Manager (FTM) Multiplatform (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674435 ClassLoader manipulation with Apache Struts (CVE-2014-0114) affects WebSphere Lombardi Edition and IBM Business Process Manager (BPM)
Source: CCN Type: IBM Security Bulletin 1674613 Open Source Apache Struts V1 ClassLoader manipulation vulnerability (CVE-2014-0114) in IBM Content Navigator
Source: CCN Type: IBM Security Bulletin 1674812 Multiple IBM InfoSphere Information Server components are vulnerable due to ClassLoader manipulation vulnerability in Open Source Apache Struts version 1 (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1674905 TADDM - Struts V1 ClassLoader manipulation vulnerability (CVE-2014-0114).
Source: CCN Type: IBM Security Bulletin 1674937 ClassLoader manipulation with Apache Struts affecting IBM QRadar SIEM (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1675266 ClassLoader manipulation with Apache Struts affecting IBM Records Manager, IBM Content Manager Records Enabler and WebSphere Application Server shipped with IBM Records Manager (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1675387 ClassLoader manipulation with Apache Struts affecting IBM Tivoli Identity Manager/IBM Security Identity Manager (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1675496 IBM Security SiteProtector System can be affected by a vulnerability in IBM Global Security Kit (CVE-2014-0963) and in Apache Struts V1.x (CVE-2014-0114)
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: IBM Security Bulletin 1675689 ClassLoader manipulation with Apache Struts affecting Tivoli Storage Productivity Center (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1675822 An Apache Struts security vulnerability affects the Tivoli Integrated Portal component of the Tivoli Storage Manager Administration Center (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1675898 Open Source Apache Struts V1 ClassLoader manipulation vulnerability (CVE-2014-0114) in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition
Source: CCN Type: IBM Security Bulletin 1675972 Open Source Apache Struts V1 ClassLoader manipulation vulnerability (CVE-2014-0114) in IBM Web Interface for Content Management (WEBi)
Source: CCN Type: IBM Security Bulletin 1676091 Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.33
Source: CCN Type: IBM Security Bulletin 1676110 ClassLoader manipulation with Apache Struts affecting InfoSphere Identity Insight (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1676303 Classloader Manipulation Vulnerability in IBM WebSphere Application Server shipped with IBM Content Collector (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1676375 Classloader Manipulation Vulnerability in Lotus Quickr 8.5 for WebSphere Portal CVE-2014-0114
Source: CCN Type: IBM Security Bulletin 1676485 IBM Tivoli Netcool Configuration Manager, Tivoli Integrated Portal which embeds WebSphere Application Server, is affected by Struts vulnerability (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1676646 IBM Tivoli Netcool Configuration Manager, WebSphere Application Server affected by Struts vulnerability (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1676931 Classloader Manipulation Vulnerability in Rational Change (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1677110 ClassLoader manipulation with Apache Struts affecting Tivoli Provisioning Manager for Software (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1677298 Open Source Apache Struts V1 ClassLoader manipulation vulnerability in GDS component of IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1677335 ClassLoader manipulation with Apache Struts affecting Tivoli Provisioning Manager (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1677352 Tivoli Workload Scheduler Distributed Potential multiple Security vulnerabilities with IBM WebSphere Application Server (CVE-2013-0443 and others)
Source: CCN Type: IBM Security Bulletin 1677449 IBM OpenPages GRC Platform Apache Struts V1 ClassLoader vulnerability(CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1677802 ClassLoader manipulation with Apache Struts affecting Lotus Expeditor (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1678359 ClassLoader manipulation with Apache Struts (CVE-2014-0114) and Denial Of Service vulnerability in Apache Commons FileUpload (CVE-2014-0050) affect IBM Business Process Manager (BPM) V8.5.5.0
Source: CCN Type: IBM Security Bulletin 1678830 Multiple security vulnerabilities in IBM Content Analytics with Enterprise Search and IBM OmniFind Enterprise Edition (CVE-2014-0114, CVE-2014-0050, CVE-2013-5879)
Source: CCN Type: IBM Security Bulletin 1679331 TFAM / IAMSB can be affected by ClassLoader manipulation with Apache Struts in underlying Tivoli Integrated Portal / embedded Websphere Application Server (eWAS) (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1679682 Open Source Apache Struts V1 ClassLoader manipulation vulnerability affecting IBM Tivoli Network Manager(CVE-2014-0114).
Source: CCN Type: IBM Security Bulletin 1680194 ClassLoader Manipulation with Apache Struts affecting IBM WebSphere Portal (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1680533 IBM Tivoli Monitoring (CVE-2014-0114,CVE-2014-0964)
Source: CCN Type: IBM Security Bulletin 1680698 lassLoader manipulation with Apache Struts affecting IBM Tivoli Netcool/OMNIbus_GUI (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1680716 ClassLoader manipulation with Apache Struts affecting IBM Campaign, IBM Contact Optimization, IBM Distributed Marketing, IBM Leads and IBM Predictive Insight (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 1680848 IBM Connections Security Refresh (CVE-2014-0114, CVE-2014-0113, CVE-2014-0112, CVE-2014-0094, CVE-2014-0116 )
Source: CCN Type: IBM Security Bulletin 2011978 (Sterling B2B Integrator) Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator
Source: CCN Type: IBM Security Bulletin 2012006 (Sterling File Gateway) Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway
Source: CCN Type: IBM Security Bulletin 2015894 (Sterling B2B Integrator) Vulnerability in Apache Commons BeanUtils Affects IBM Sterling B2B Integrator(CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 2016214 (WebSphere Application Server) Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle CPUApr2017 Oracle Critical Patch Update Advisory - April 2017
Source: CCN Type: Oracle CPUApr2019 Oracle Critical Patch Update Advisory - April 2019
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle CPUJul2019 Oracle Critical Patch Update Advisory - July 2019
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle CPUOct2017 Oracle Critical Patch Update Advisory - October 2017
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle Critical Patch Update Advisory - January 2015 Oracle Critical Patch Update Advisory - January 2015
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle Critical Patch Update Advisory - July 2014 Oracle Critical Patch Update Advisory - July 2014
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Oracle Critical Patch Update Advisory - October 2014 Oracle Critical Patch Update Advisory - October 2014
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Seasar Web site S2Struts
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: BID-67121 Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Red Hat Bugzilla Bug 1091938 CVE-2014-0114 Apache Struts 1: Class Loader manipulation via request parameters
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: XF Type: UNKNOWN apache-struts-cve20140114-code-exec(92889)
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: IBM Security Bulletin 737061 (Security Guardium) IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability
Source: CCN Type: IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence) IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities
Source: CCN Type: IBM Security Bulletin 3106029 (StoredIQ) Multiple Vulnerabilities identified in IBM StoredIQ
Source: CCN Type: IBM Security Bulletin 6198380 (DB2 for Linux- UNIX and Windows) Multiple vulnerabilities in dependent libraries affect IBM Db2 leading to denial of service or privilege escalation.
Source: CCN Type: IBM Security Bulletin 6210366 (Monitoring) Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product
Source: CCN Type: IBM Security Bulletin 6244618 (Cloud Pak System) Multiple vulnerabilities in Open Source used in IBM Cloud Pak System
Source: CCN Type: IBM Security Bulletin 6254788 (Planning Analytics) IBM Planning Analytics Workspace is affected by security vulnerabilities
Source: CCN Type: IBM Security Bulletin 6369095 (Spectrum Protect Server) Vulnerabilities in IBM Db2 and IBM Java Runtime affect IBM Spectrum Protect Server
Source: CCN Type: IBM Security Bulletin 6444895 (Db2 Warehouse) IBM Db2 Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2
Source: CCN Type: IBM Security Bulletin 6494701 (Tivoli Business Service Manager) A vulnerability has been identified in Apache Commons BeanUtils affects IBM Tivoli Business Service Manager (CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 6495947 (Sterling B2B Integrator) Apache Commons BeanUtils Vulnerabilities Affect IBM Sterling B2B Integrator (CVE-2014-0114, CVE-2019-10086)
Source: CCN Type: IBM Security Bulletin 6565389 (WebSphere Service Registry and Repository) Multiple vulnerabilities in WebSphere Service Registry and Repository in packages such as Apache Struts and Node.js
Source: CCN Type: IBM Security Bulletin 6570915 (Data Risk Manager) IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)
Source: CCN Type: IBM Security Bulletin 6605881 (PureData System for Operational Analytics) Multiple security vulnerabilities have been identified in IBM DB2 shipped with IBM PureData System for Operational Analytics
Source: CCN Type: IBM Security Bulletin 6831813 (Netcool Operations Insight) Netcool Operations Insight v1.6.6 contains fixes for multiple security vulnerabilities.
Source: CCN Type: IBM Security Bulletin 6910171 (Integration Designer) Multiple CVEs affect IBM Integration Designer
Source: CCN Type: IBM Security Bulletin 6956838 (B2B Advanced Communications) IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons BeanUtils (CVE-2014-0114, CVE-2019-10086)
Source: CCN Type: IBM Security Bulletin 6962723 (eDiscovery Manager) Apache Commons Beanutils (Publicly disclosed vulnerability) affects IBM eDiscovery Manager (CVE-2019-10086, CVE-2014-0114)
Source: CCN Type: IBM Security Bulletin 6982881 (Operational Decision Manager) IBM Operational Decision Manager March 2023 - CVE-2014-0114, CVE-2019-10086, CVE-2023-24998
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com
Source: CCN Type: Rapid7 Vulnerability and Exploit Database [07-09-2007] SquirrelMail PGP Plugin Command Execution (SMTP)
Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-0114
|
Vulnerable Configuration: | Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:* Configuration CCN 1: cpe:/a:apache:struts:1.2.7:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.2.8:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.2.9:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.3.10:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.0:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.0.2:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:b1:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:b2:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:b3:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:rc1:*:*:*:*:*:*OR cpe:/a:apache:struts:1.1:rc2:*:*:*:*:*:*OR cpe:/a:apache:struts:1.2.2:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.2.4:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.2.6:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.3.5:*:*:*:*:*:*:*OR cpe:/a:apache:struts:1.3.8:*:*:*:*:*:*:*AND cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:7.0:*:*:*:websphere:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_service_registry_and_repository:6.3:*:*:*:*:*:*:*OR cpe:/a:oracle:weblogic_server:10.3.2.0.0:*:*:*:*:*:*:*OR cpe:/a:oracle:weblogic_server:10.3.1.0.0:*:*:*:*:*:*:*OR cpe:/a:oracle:weblogic_server:10.3.3.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_service_registry_and_repository:7.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_portal:7.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_netcool/omnibus:7.3.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_network_manager:3.8:*:ip:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_service_registry_and_repository:7.5:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6:*:*:*:*:*:*:*OR cpe:/a:ibm:lotus_expeditor:6.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:lotus_expeditor:6.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:lotus_expeditor:6.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:lotus_expeditor:6.2.3:*:*:*:*:*:*:*OR cpe:/a:oracle:jdeveloper:-:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.5:*:*:*:websphere:*:*:*OR cpe:/a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_storage_manager:6.3:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*OR cpe:/a:ibm:connections:4.5:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_identity_insight:8.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_insight:1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_insight:1.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_insight:1.1.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.2:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.3:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.4:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.4.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.4.2:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.5.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:9.0:*:*:*:websphere:*:*:*OR cpe:/a:ibm:filenet_content_manager:5.2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_netcool/omnibus:7.3.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_netcool/omnibus:7.4.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_provisioning_manager:5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_storage_productivity_center:5.1.1:*:*:*:standard:*:*:*OR cpe:/a:ibm:connections:3.0.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:connections:4.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:8.6:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:campaign:9.1:*:*:*:*:*:*:*OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_service_registry_and_repository:8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:content_navigator:2.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:content_navigator:2.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:financial_transaction_manager:2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_provisioning_manager:7.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_provisioning_manager:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_reporting:2.0:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:rational_reporting:2.0.1:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:rational_reporting:2.0.3:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:rational_reporting:2.0.4:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:rational_reporting:2.0.5:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:rational_reporting:2.0.6:*:*:*:development_intelligence:*:*:*OR cpe:/a:ibm:ediscovery_manager:2.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_siteprotector_system:3.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_manager:6.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:9.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:8.5.5:*:*:*:websphere:*:*:*OR cpe:/a:ibm:rational_application_developer:9.0.1:*:*:*:websphere:*:*:*OR cpe:/a:ibm:websphere_portal:6.1:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_master_data_management_collaboration_server:10.0:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_master_data_management_collaboration_server:10.1:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_master_data_management_collaboration_server:11.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_endpoint_manager:*:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:content_collector:2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_workload_scheduler:8.6:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:business_process_manager:7.5:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:7.5.0.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:7.5.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:7.5.1.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:7.5.1.2:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.0:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.0.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.0.1.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.0.1.2:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.5:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.5.0.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:business_process_manager:8.5.5:*:*:*:advanced:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.0.1:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.0.2:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.0.3:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.0.4:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.0.5:*:advanced:*:*:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.1.0:*:*:*:advanced:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.1.1:*:*:*:advanced:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.1.2:*:*:*:advanced:*:*:*OR cpe:/a:ibm:websphere_partner_gateway:6.2.1.3:*:*:*:advanced:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:application_manager_for_smart_business:1.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_network_manager:3.9:*:ip:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_netcool_configuration_manager:6.4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:connections:5.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_portal:8.5.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_network_manager:4.1:*:ip:*:*:*:*:*OR cpe:/a:ibm:tivoli_network_manager:4.1.1:*:ip:*:*:*:*:*OR cpe:/a:ibm:rational_application_developer:8.0.4.3:*:*:*:websphere:*:*:*OR cpe:/a:ibm:openpages_grc_platform:6.0.1.5:*:*:*:*:*:*:*OR cpe:/a:ibm:openpages_grc_platform:6.1.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_insight:1.1.1.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_insight:1.1.1.3:*:*:*:*:*:*:*OR cpe:/a:ibm:content_navigator:2.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_guardium:10:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.6:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.4:*:*:*:*:*:*:*OR cpe:/a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*OR cpe:/a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*OR cpe:/a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*OR cpe:/a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*OR cpe:/a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*OR cpe:/a:oracle:utilities_framework:4.3.0.1.0:*:*:*:*:*:*:*OR cpe:/a:oracle:utilities_framework:4.3.0.2.0:*:*:*:*:*:*:*OR cpe:/a:oracle:utilities_framework:4.3.0.3.0:*:*:*:*:*:*:*OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.5:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*OR cpe:/a:apache:ignite:2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.6:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*OR cpe:/a:ibm:storediq:7.6.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:2.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:*OR cpe:/a:oracle:knowledge:8.6.0:*:*:*:*:*:*:*OR cpe:/a:oracle:knowledge:8.6.1:*:*:*:*:*:*:*OR cpe:/a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*OR cpe:/a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:6.0.1.0:*:*:*:*:*:*:*OR cpe:/a:ibm:operational_decision_manager:8.10:*:*:*:*:*:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*OR cpe:/a:ibm:cloud_pak_system:2.3.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:cloud_pak_system:2.3.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*OR cpe:/a:ibm:spectrum_protect_server:7.1.11:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*OR cpe:/a:ibm:integration_designer:20.0.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:multi-enterprise_integration_gateway:1.0.0.1:*:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
apache struts 1.2.7
apache struts 1.2.8
apache struts 1.2.9
apache struts 1.3.10
apache struts 1.0
apache struts 1.0.2
apache struts 1.1
apache struts 1.1 b1
apache struts 1.1 b2
apache struts 1.1 b3
apache struts 1.1 rc1
apache struts 1.1 rc2
apache struts 1.2.2
apache struts 1.2.4
apache struts 1.2.6
apache struts 1.3.5
apache struts 1.3.8
ibm websphere application server 6.1
redhat enterprise linux 5
redhat enterprise linux 5
ibm websphere application server 7.0
ibm rational application developer 7.0
ibm infosphere information server 8.1
ibm websphere service registry and repository 6.3
oracle weblogic server 10.3.2.0.0
oracle weblogic server 10.3.1.0.0
oracle weblogic server 10.3.3.0.0
ibm websphere service registry and repository 7.0
ibm websphere portal 7.0
ibm tivoli netcool/omnibus 7.3.0
ibm tivoli network manager 3.8
ibm infosphere information server 8.5
ibm infosphere information server 8.0
ibm websphere service registry and repository 7.5
ibm websphere application server 8.0
redhat enterprise linux workstation supplementary 6
ibm lotus expeditor 6.2
ibm websphere portal 8.0
ibm lotus expeditor 6.2.1
ibm lotus expeditor 6.2.2
ibm lotus expeditor 6.2.3
oracle jdeveloper -
ibm websphere application server 8.5
ibm tivoli storage productivity center 5.1
ibm infosphere information server 8.7
ibm rational application developer 8.0
ibm rational application developer 8.5
ibm infosphere information server 9.1
ibm tivoli storage manager 6.3
ibm sterling b2b integrator 5.1
ibm sterling b2b integrator 5.2
ibm qradar security information and event manager 7.1
ibm connections 4.5
ibm infosphere identity insight 8.1
ibm rational insight 1.1
ibm rational insight 1.1.1
ibm rational insight 1.1.1.1
ibm websphere application server 8.5.5
ibm rational application developer 8.0.1
ibm rational application developer 8.0.2
ibm rational application developer 8.0.3
ibm rational application developer 8.0.4
ibm rational application developer 8.0.4.1
ibm rational application developer 8.0.4.2
ibm rational application developer 8.5.1
ibm rational application developer 9.0
ibm filenet content manager 5.2.0
ibm tivoli netcool/omnibus 7.3.1
ibm tivoli netcool/omnibus 7.4.0
ibm tivoli provisioning manager 5.1
ibm tivoli storage productivity center 5.1.1
ibm connections 3.0.1.1
ibm connections 4.0
ibm websphere portal 8.0.0.1
ibm campaign 8.6
ibm campaign 9.0
ibm campaign 9.1
ibm qradar security information and event manager 7.2
ibm websphere service registry and repository 8.0
ibm content navigator 2.0.1
ibm content navigator 2.0.2
ibm sterling file gateway 2.2
ibm financial transaction manager 2.1
ibm sterling b2b integrator 5.2.4
ibm tivoli provisioning manager 7.1
ibm tivoli provisioning manager 7.2
ibm rational reporting 2.0
ibm rational reporting 2.0.1
ibm rational reporting 2.0.3
ibm rational reporting 2.0.4
ibm rational reporting 2.0.5
ibm rational reporting 2.0.6
ibm ediscovery manager 2.2.2
ibm security siteprotector system 3.0
ibm websphere portal 8.5
ibm security identity manager 6.0
ibm rational application developer 9.1
ibm rational application developer 8.5.5
ibm rational application developer 9.0.1
ibm websphere portal 6.1
ibm infosphere master data management collaboration server 10.0
ibm infosphere master data management collaboration server 10.1
ibm infosphere master data management collaboration server 11.0
ibm tivoli endpoint manager *
ibm sterling b2b integrator 5.2.1
ibm sterling b2b integrator 5.2.2
ibm sterling b2b integrator 5.2.3
ibm content collector 2.2
ibm tivoli workload scheduler 8.6
ibm tivoli monitoring 6.2.2
ibm tivoli monitoring 6.2.3
ibm business process manager 7.5
ibm business process manager 7.5.0.1
ibm business process manager 7.5.1
ibm business process manager 7.5.1.1
ibm business process manager 7.5.1.2
ibm business process manager 8.0
ibm business process manager 8.0.1
ibm business process manager 8.0.1.1
ibm business process manager 8.0.1.2
ibm business process manager 8.5
ibm business process manager 8.5.0.1
ibm business process manager 8.5.5
ibm websphere partner gateway 6.2
ibm websphere partner gateway 6.2.0.1
ibm websphere partner gateway 6.2.0.2
ibm websphere partner gateway 6.2.0.3
ibm websphere partner gateway 6.2.0.4
ibm websphere partner gateway 6.2.0.5
ibm websphere partner gateway 6.2.1.0
ibm websphere partner gateway 6.2.1.1
ibm websphere partner gateway 6.2.1.2
ibm websphere partner gateway 6.2.1.3
ibm tivoli monitoring 6.2.0
ibm tivoli monitoring 6.2.1
ibm application manager for smart business 1.2.1
ibm tivoli application dependency discovery manager 7.2
ibm tivoli application dependency discovery manager 7.2.1
ibm tivoli application dependency discovery manager 7.2.2
ibm websphere service registry and repository 8.5
ibm rational collaborative lifecycle management 5.0
ibm tivoli network manager 3.9
ibm tivoli application dependency discovery manager 7.1.2
ibm tivoli netcool configuration manager 6.4.1
ibm connections 5.0
ibm websphere portal 8.5.0
ibm tivoli network manager 4.1
ibm tivoli network manager 4.1.1
ibm rational application developer 8.0.4.3
ibm openpages grc platform 6.0.1.5
ibm openpages grc platform 6.1.0.1
ibm rational collaborative lifecycle management 5.0.1
ibm rational insight 1.1.1.2
ibm rational insight 1.1.1.3
ibm content navigator 2.0.3
ibm sterling b2b integrator 5.2.5
ibm rational collaborative lifecycle management 5.0.2
ibm rational collaborative lifecycle management 6.0
ibm security guardium 10
ibm security identity governance and intelligence 5.2
ibm rational collaborative lifecycle management 6.0.1
ibm sterling b2b integrator 5.2.6
ibm security identity governance and intelligence 5.2.1
ibm rational collaborative lifecycle management 6.0.2
ibm db2 11.1
ibm db2 11.1
ibm db2 11.1
ibm websphere application server 9.0
ibm rational collaborative lifecycle management 6.0.3
ibm rational collaborative lifecycle management 6.0.4
oracle communications webrtc session controller 7.0
oracle communications webrtc session controller 7.1
oracle communications webrtc session controller 7.2
oracle utilities framework 4.2.0.2.0
oracle utilities framework 4.2.0.3.0
oracle utilities framework 4.3.0.1.0
oracle utilities framework 4.3.0.2.0
oracle utilities framework 4.3.0.3.0
ibm monitoring 8.1.4
ibm rational collaborative lifecycle management 6.0.5
ibm websphere application server in cloud *
apache ignite 2.3
ibm security guardium 10.5
ibm security identity governance and intelligence 5.2.2
ibm security identity governance and intelligence 5.2.2.1
ibm security identity governance and intelligence 5.2.3
ibm security identity governance and intelligence 5.2.3.1
ibm security identity governance and intelligence 5.2.3.2
ibm security identity governance and intelligence 5.2.4
ibm rational collaborative lifecycle management 6.0.6
ibm websphere application server in cloud 8.5
ibm websphere application server in cloud 9.0
ibm websphere application server in cloud *
ibm storediq 7.6.0
ibm security identity governance and intelligence 5.2.4.1
ibm sterling b2b integrator 6.0.0.0
ibm sterling b2b integrator 5.2.0.0
ibm security privileged identity manager 2.1.1
ibm tivoli business service manager 6.2.0
oracle knowledge 8.6.0
oracle knowledge 8.6.1
oracle insurance ifrs 17 analyzer 8.0.6
oracle insurance ifrs 17 analyzer 8.0.7
ibm sterling b2b integrator 6.0.1.0
ibm operational decision manager 8.10
ibm db2 11.1
ibm db2 11.1
ibm db2 11.1
ibm db2 11.5
ibm db2 11.5
ibm db2 11.5
ibm cloud pak system 2.3.0.1
ibm cloud pak system 2.3.1.1
ibm planning analytics 2.0
ibm db2 11.5
ibm db2 11.5
ibm db2 11.5
ibm spectrum protect server 7.1.11
ibm sterling b2b integrator 6.1.0.0
ibm integration designer 20.0.0.2
ibm planning analytics 2.0
ibm multi-enterprise integration gateway 1.0.0.1