Vulnerability Name:

CVE-2018-1258 (CCN-143314)

Assigned:2017-12-06
Published:2018-05-09
Updated:2022-04-11
Summary:Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-863
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2018-1258

Source: CCN
Type: Oracle CPUApr2019
Oracle Critical Patch Update Advisory - April 2019

Source: CCN
Type: Oracle CPUJan2019
Oracle Critical Patch Update Advisory - January 2019

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Source: CCN
Type: Oracle CPUJul2019
Oracle Critical Patch Update Advisory - July 2019

Source: CCN
Type: Oracle CPUOct2018
Oracle Critical Patch Update Advisory - October 2018

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: BID
Type: Third Party Advisory, VDB Entry
104222

Source: CCN
Type: BID-104222
Spring Security and Spring Framework CVE-2018-1258 Authorization Bypass Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041888

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041896

Source: REDHAT
Type: Patch, Third Party Advisory
RHSA-2019:2413

Source: XF
Type: UNKNOWN
pivotal-cve20181258-sec-bypass(143314)

Source: CCN
Type: Pivotal Web site
CVE-2018-1258: Unauthorized Access with Spring Security Method Security

Source: CONFIRM
Type: Vendor Advisory
https://pivotal.io/security/cve-2018-1258

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20181018-0002/

Source: CCN
Type: IBM Security Bulletin 6320835 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: Oracle CPUApr2020
Oracle Critical Patch Update Advisory - April 2020

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: CCN
Type: Oracle CPUJan2020
Oracle Critical Patch Update Advisory - January 2020

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html

Source: CCN
Type: Oracle CPUJul2020
Oracle Critical Patch Update Advisory - July 2020

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Source: CONFIRM
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pivotal_software:spring_security:*:*:*:*:*:*:*:*
  • AND cpe:/a:vmware:spring_framework:5.0.5:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* (Version < 7.0.0.1)
  • OR cpe:/a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* (Version < 8.3)
  • OR cpe:/a:oracle:communications_network_integrity:*:*:*:*:*:*:*:* (Version >= 7.3.2 and <= 7.3.6)
  • OR cpe:/a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:* (Version < 10.2.1)
  • OR cpe:/a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* (Version < 6.1.0.4.0)
  • OR cpe:/a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_for_mysql_database:13.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:goldengate_for_big_data:12.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:goldengate_for_big_data:12.3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:goldengate_for_big_data:12.3.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* (Version <= 8.0.2.8191)
  • OR cpe:/a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_assortment_planning:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_assortment_planning:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_assortment_planning:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:13.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_integration_bus:14.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:service_architecture_leveraging_tuxedo:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:service_architecture_leveraging_tuxedo:12.2.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:* (Version >= 9.4
  • OR cpe:/a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:* (Version >= 7.3
  • OR cpe:/a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:redhat:fuse:7.3.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:pivotal:spring_framework:5.0.6:*:*:*:*:*:*:*
  • AND
  • cpe:/a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager:12.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager:13.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_assortment_planning:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_assortment_planning:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm_framework:9.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm_framework:9.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:2.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_product_lifecycle_management_framework:9.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:agile_plm_framework:9.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:13.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:14.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_financial_integration:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router:8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager:13.2::~~~mysql~~:*:*:*:*:*
  • OR cpe:/a:oracle:retail_integration_bus:14.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql_enterprise_monitor:3.4.9.4237:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql_enterprise_monitor:4.0.6.5281:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:mysql_enterprise_monitor:8.0.2.8191:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_services_gatekeeper:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_service_backbone:16.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:14.0.3.26:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:14.1.3.37:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:15.0.3.100:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_unified_inventory_management:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.trusty:def:20181258000
    V
    		CVE-2018-1258 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-05-11
    BACK
    pivotal_software spring security *
    vmware spring framework 5.0.5
    oracle agile plm 9.3.3
    oracle agile plm 9.3.4
    oracle agile plm 9.3.5
    oracle agile plm 9.3.6
    oracle application testing suite 10.1
    oracle application testing suite 12.5.0.3
    oracle application testing suite 13.1.0.1
    oracle application testing suite 13.2.0.1
    oracle application testing suite 13.3.0.1
    oracle big data discovery 1.6.0
    oracle communications converged application server *
    oracle communications diameter signaling router *
    oracle communications network integrity *
    oracle communications performance intelligence center *
    oracle communications services gatekeeper *
    oracle endeca information discovery integrator 3.1.0
    oracle endeca information discovery integrator 3.2.0
    oracle enterprise manager for mysql database 13.2
    oracle enterprise manager ops center 12.2.2
    oracle enterprise manager ops center 12.3.3
    oracle enterprise repository 11.1.1.7.0
    oracle enterprise repository 12.1.3.0.0
    oracle goldengate for big data 12.2.0.1
    oracle goldengate for big data 12.3.1.1
    oracle goldengate for big data 12.3.2.1
    oracle health sciences information manager 3.0
    oracle healthcare master person index 3.0
    oracle healthcare master person index 4.0
    oracle hospitality guest access 4.2.0
    oracle hospitality guest access 4.2.1
    oracle insurance calculation engine 10.1.1
    oracle insurance calculation engine 10.2
    oracle insurance calculation engine 10.2.1
    oracle insurance policy administration 10.0
    oracle insurance policy administration 10.1
    oracle insurance policy administration 10.2
    oracle insurance policy administration 11.0
    oracle insurance rules palette 10.0
    oracle insurance rules palette 10.1
    oracle insurance rules palette 10.2
    oracle insurance rules palette 11.0
    oracle insurance rules palette 11.1
    oracle micros lucas 2.9.5
    oracle mysql enterprise monitor *
    oracle peoplesoft enterprise fin install 9.2
    oracle retail assortment planning 14.1
    oracle retail assortment planning 15.0
    oracle retail assortment planning 16.0
    oracle retail back office 14.0
    oracle retail back office 14.1
    oracle retail central office 14.0
    oracle retail central office 14.1
    oracle retail customer insights 15.0
    oracle retail customer insights 16.0
    oracle retail financial integration 13.2
    oracle retail financial integration 14.0
    oracle retail financial integration 14.1
    oracle retail financial integration 15.0
    oracle retail financial integration 16.0
    oracle retail integration bus 14.1.2
    oracle retail point-of-service 14.0
    oracle retail point-of-service 14.1
    oracle retail returns management 14.0
    oracle retail returns management 14.1
    oracle retail xstore point of service 17.0
    oracle service architecture leveraging tuxedo 12.1.3.0.0
    oracle service architecture leveraging tuxedo 12.2.2.0.0
    oracle tape library acsls 8.4
    oracle weblogic server 10.3.6.0
    oracle weblogic server 12.1.3.0
    oracle weblogic server 12.2.1.2
    oracle weblogic server 12.2.1.3
    netapp oncommand insight -
    netapp oncommand unified manager *
    netapp oncommand unified manager *
    netapp snapcenter -
    netapp oncommand workflow automation -
    netapp storage automation store -
    redhat fuse 7.3.0
    pivotal spring framework 5.0.6
    oracle weblogic server 10.3.6.0.0
    oracle weblogic server 12.1.3.0.0
    oracle enterprise manager 12.1.0.5
    oracle application testing suite 12.5.0.3
    oracle micros lucas 2.9.5
    oracle enterprise manager 13.2
    oracle retail assortment planning 14.1
    oracle retail assortment planning 15.0
    oracle flexcube private banking 12.0.1
    oracle retail customer insights 15.0
    oracle retail customer insights 16.0
    oracle weblogic server 12.2.1.3.0
    oracle flexcube private banking 12.0.3
    oracle flexcube private banking 12.1
    oracle flexcube private banking 2.0
    oracle hospitality guest access 4.2.0
    oracle hospitality guest access 4.2.1
    oracle agile plm framework 9.3.5
    oracle agile plm framework 9.3.6
    oracle healthcare master person index 3.0
    oracle healthcare master person index 4.0
    oracle flexcube private banking 2.2.0.1
    oracle agile product lifecycle management framework 9.3.3
    oracle agile plm framework 9.3.4
    oracle application testing suite 13.1.0.1
    oracle application testing suite 13.2.0.1
    oracle enterprise manager ops center 12.3.3
    oracle retail financial integration 13.2
    oracle retail financial integration 14.0
    oracle retail financial integration 14.1
    oracle retail financial integration 15.0
    oracle retail financial integration 16.0
    oracle communications diameter signaling router 8
    oracle retail clearance optimization engine 14.0.5
    oracle enterprise manager 13.2
    oracle retail integration bus 14.1.2
    oracle insurance rules palette 10.0
    oracle insurance rules palette 10.2
    oracle mysql enterprise monitor 3.4.9.4237
    oracle mysql enterprise monitor 4.0.6.5281
    oracle mysql enterprise monitor 8.0.2.8191
    oracle insurance calculation engine 10.2
    oracle utilities network management system 1.12.0.3
    oracle application testing suite 13.3.0.1
    oracle communications services gatekeeper 6.1
    oracle health sciences information manager 3.0
    oracle retail service backbone 16.0.1
    oracle retail xstore point of service 17.0
    oracle retail predictive application server 14.0.3.26
    oracle retail predictive application server 14.1.3.37
    oracle retail predictive application server 15.0.3.100
    oracle communications unified inventory management 7.3.2
    oracle communications unified inventory management 7.3.4
    oracle communications unified inventory management 7.3.5
    oracle communications unified inventory management 7.4.0
    ibm security guardium data encryption 3.0.0.2