Vulnerability Name:

CVE-2019-12415 (CCN-170015)

Assigned:2019-10-20
Published:2019-10-20
Updated:2022-04-08
Summary:In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-611
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2019-12415

Source: XF
Type: UNKNOWN
apache-poi-cve201912415-info-disc(170015)

Source: CCN
Type: Apache Mailing List, 2019/10/20 19:52:46
Apache POI 4.1.1 released

Source: MISC
Type: Issue Tracking, Release Notes, Vendor Advisory
https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@%3Cannounce.apache.org%3E

Source: MLIST
Type: Mailing List, Third Party Advisory
[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415

Source: MLIST
Type: Mailing List, Third Party Advisory
[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415

Source: MLIST
Type: Mailing List, Third Party Advisory
[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415

Source: MLIST
Type: Mailing List, Third Party Advisory
[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1

Source: CCN
Type: Apache Web site
POI

Source: CCN
Type: IBM Security Bulletin 6116536 (Rational Asset Manager)
Security vulnerability is identified in Apache POI server where Rational Asset Manager is deployed (CVE-2019-12415)

Source: CCN
Type: IBM Security Bulletin 6323249 (ICP Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache POI

Source: CCN
Type: IBM Security Bulletin 6391000 (QRadar SIEM)
Apache Poi as used by IBMQRadar SIEM is vulnerable to information disclosure (CVE-2019-12415, CVE-2017-12626)

Source: CCN
Type: IBM Security Bulletin 6444763 (Log Analysis)
Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to vulnerability in Apache POI (CVE-2019-12415)

Source: CCN
Type: IBM Security Bulletin 6520510 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6601525 (Tivoli Netcool/Impact)
A security vulnerability has been identified in Apache POI shipped with IBM Tivoli Netcool Impact (CVE-2019-12415)

Source: CCN
Type: IBM Security Bulletin 6847291 (Control Desk)
Apache POI up to 4.1.0 allows an attacker while converting user-provided document to XML

Source: CCN
Type: IBM Security Bulletin 6857999 (Cloud Pak for Business Automation)
Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2023

Source: CCN
Type: IBM Security Bulletin 6954471 (Sterling B2B Integrator)
IBM Sterling B2B Integrator is vulnerable to XML Enternal Entity error due to Apache POI (CVE-2019-12415)

Source: CCN
Type: IBM Security Bulletin 6988895 (Atlas eDiscovery Process Management)
Atlas eDiscovery Process Management is affected by a vulnerable poi-ooxml-3.9.jar

Source: N/A
Type: Third Party Advisory
N/A

Source: CCN
Type: Oracle CPUApr2020
Oracle Critical Patch Update Advisory - April 2020

Source: N/A
Type: Third Party Advisory
N/A

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2021
Oracle Critical Patch Update Advisory - April 2021

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: CCN
Type: Oracle CPUJan2020
Oracle Critical Patch Update Advisory - January 2020

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html

Source: CCN
Type: Oracle CPUJan2021
Oracle Critical Patch Update Advisory - January 2021

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html

Source: CCN
Type: Oracle CPUJul2020
Oracle Critical Patch Update Advisory - July 2020

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: CCN
Type: Oracle CPUOct2020
Oracle Critical Patch Update Advisory - October 2020

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-12415

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:poi:*:*:*:*:*:*:*:* (Version <= 4.1.0)

    • Configuration 2:
  • cpe:/a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_originations:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_originations:2.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_product_manufacturing:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_product_manufacturing:2.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_payments:14.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_payments:14.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router_idih::8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_diameter_signaling_router_idih::8.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* (Version >= 8.0.6 and <= 8.0.9)
  • OR cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration_j2ee:11.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_policy_administration_j2ee:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:10.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:11.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_rules_palette:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:18.8.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:*:*:*:*:*:*:*:* (Version >= 17.7 and <= 17.12)
  • OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_clearance_optimization_engine:14.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:16.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:poi:4.1.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_asset_manager:7.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:atlas_ediscovery_process_management:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager:12.1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_order_broker_cloud_service:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:flexcube_private_banking:12.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_asset_manager:7.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:18.8.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_product_manufacturing:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_product_manufacturing:2.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_originations:2.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_enterprise_originations:2.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:22.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:control_desk:7.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.2.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_business_automation:22.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.7:*:*:*:standard:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.disco:def:2019124150000000
    V
    		CVE-2019-12415 on Ubuntu 19.04 (disco) - medium.
    2019-10-23
    oval:com.ubuntu.bionic:def:2019124150000000
    V
    		CVE-2019-12415 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-10-23
    oval:com.ubuntu.xenial:def:2019124150000000
    V
    		CVE-2019-12415 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-10-23
    BACK
    apache poi *
    oracle application testing suite 12.5.0.3
    oracle application testing suite 13.1.0.1
    oracle application testing suite 13.2.0.1
    oracle application testing suite 13.3.0.1
    oracle banking enterprise originations 2.7.0
    oracle banking enterprise originations 2.8.0
    oracle banking enterprise product manufacturing 2.7.0
    oracle banking enterprise product manufacturing 2.8.0
    oracle banking payments 14.0.0
    oracle banking payments 14.1.0
    oracle banking platform 2.4.0
    oracle banking platform 2.4.1
    oracle banking platform 2.5.0
    oracle banking platform 2.6.0
    oracle banking platform 2.6.1
    oracle banking platform 2.6.2
    oracle banking platform 2.7.0
    oracle banking platform 2.7.1
    oracle banking platform 2.9.0
    oracle big data discovery 1.6
    oracle communications diameter signaling router idih: 8.0.0
    oracle communications diameter signaling router idih: 8.2.2
    oracle endeca information discovery studio 3.2.0
    oracle enterprise manager base platform 12.1.0.5
    oracle enterprise manager base platform 13.3.0.0
    oracle enterprise manager base platform 13.4.0.0
    oracle enterprise repository 12.1.3.0.0
    oracle financial services analytical applications infrastructure *
    oracle financial services market risk measurement and management 8.0.6
    oracle financial services market risk measurement and management 8.0.8
    oracle flexcube private banking 12.0.0
    oracle flexcube private banking 12.1.0
    oracle hyperion infrastructure technology 11.1.2.4
    oracle instantis enterprisetrack 17.1
    oracle instantis enterprisetrack 17.2
    oracle instantis enterprisetrack 17.3
    oracle insurance policy administration j2ee 11.0.2
    oracle insurance policy administration j2ee 11.1.0
    oracle insurance policy administration j2ee 11.2.0
    oracle insurance rules palette 10.2.0
    oracle insurance rules palette 10.2.4
    oracle insurance rules palette 11.0.2
    oracle insurance rules palette 11.1.0
    oracle insurance rules palette 11.2.0
    oracle jdeveloper 12.2.1.4.0
    oracle peoplesoft enterprise peopletools 8.57
    oracle peoplesoft enterprise peopletools 8.58
    oracle peoplesoft enterprise peopletools 8.59
    oracle primavera gateway 17.12.6
    oracle primavera gateway 18.8.8.1
    oracle primavera unifier 16.1
    oracle primavera unifier 16.2
    oracle primavera unifier *
    oracle primavera unifier 18.8
    oracle primavera unifier 19.12
    oracle retail clearance optimization engine 14.0
    oracle retail order broker 15.0
    oracle retail order broker 16.0
    oracle retail predictive application server 15.0.3
    oracle retail predictive application server 16.0.3
    oracle webcenter portal 12.2.1.3.0
    oracle webcenter portal 12.2.1.4.0
    oracle webcenter sites 12.2.1.3.0
    oracle webcenter sites 12.2.1.4.0
    apache poi 4.1.0
    ibm rational asset manager 7.5
    ibm atlas ediscovery process management 6.0.3
    ibm tivoli netcool/impact 7.1.0
    oracle enterprise manager 12.1.0.5
    oracle application testing suite 12.5.0.3
    oracle retail order broker cloud service 15.0
    oracle retail order broker cloud service 16.0
    oracle primavera unifier 16.1
    oracle primavera unifier 16.2
    oracle flexcube private banking 12.0
    oracle flexcube private banking 12.1
    oracle enterprise repository 12.1.3.0.0
    oracle banking platform 2.4
    oracle banking platform 2.4.1
    oracle webcenter portal 12.2.1.3.0
    ibm rational asset manager 7.5.1
    oracle big data discovery 1.6.0
    oracle application testing suite 13.1.0.1
    oracle application testing suite 13.2.0.1
    oracle banking platform 2.6
    oracle webcenter sites 12.2.1.3.0
    ibm qradar security information and event manager 7.3
    oracle primavera unifier 17.12
    oracle retail predictive application server 15.0.3
    oracle banking platform 2.6.1
    oracle banking platform 2.6.2
    oracle primavera unifier 18.8
    oracle instantis enterprisetrack 17.3
    oracle peoplesoft enterprise peopletools 8.57
    oracle application testing suite 13.3.0.1
    ibm sterling b2b integrator 6.0.0.0
    oracle financial services market risk measurement and management 8.0.6
    oracle financial services market risk measurement and management 8.0.8
    oracle banking platform 2.7.1
    oracle banking platform 2.7.0
    oracle primavera unifier 19.12
    oracle primavera gateway 17.12.6
    oracle primavera gateway 18.8.8.1
    oracle banking enterprise product manufacturing 2.7.0
    oracle banking enterprise product manufacturing 2.8.0
    oracle banking enterprise originations 2.7.0
    oracle banking enterprise originations 2.8.0
    oracle banking platform 2.9.0
    oracle financial services analytical applications infrastructure 8.0.9
    ibm qradar security information and event manager 7.4 -
    ibm log analysis 1.3.1
    ibm log analysis 1.3.2
    ibm log analysis 1.3.3
    ibm log analysis 1.3.4
    ibm log analysis 1.3.5
    ibm log analysis 1.3.6
    ibm sterling b2b integrator 6.1.0.0
    ibm cognos analytics 11.2.0
    ibm cognos analytics 11.1.7
    ibm cloud pak for business automation 18.0.0
    ibm cloud pak for business automation 18.0.2
    ibm cloud pak for business automation 19.0.1
    ibm cloud pak for business automation 19.0.3
    ibm cloud pak for business automation 20.0.1
    ibm cloud pak for business automation 20.0.3
    ibm cloud pak for business automation 21.0.1 -
    ibm cloud pak for business automation 21.0.2 -
    ibm cloud pak for business automation 21.0.3 -
    ibm cloud pak for business automation 22.0.1 -
    ibm control desk 7.6
    ibm sterling b2b integrator 6.1.2.0
    ibm cloud pak for business automation 22.0.2 -
    ibm sterling b2b integrator 6.0.3.7