Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-48989 (GCVE-0-2025-48989)
Vulnerability from cvelistv5 – Published: 2025-08-13 12:11 – Updated: 2026-05-12 12:08
VLAI
EPSS
Title
Apache Tomcat: h2 DoS - Made You Reset
Summary
Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.
Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-404 - Improper Resource Shutdown or Release
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Affected:
11.0.0-M1 , ≤ 11.0.9
(semver)
Affected: 10.1.0-M1 , ≤ 10.1.43 (semver) Affected: 9.0.0.M1 , ≤ 9.0.107 (semver) Unknown: 8.5.0 , ≤ 8.5.100 (semver) Unknown: 10.0.0-M1 , ≤ 10.0.27 (semver) |
|
| Siemens | SIMATIC CN 4100 |
Affected:
0 , < V5.0
(custom)
|
Credits
Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel of Tel Aviv University
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:37:15.707400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T19:56:35.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:11:10.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/767506"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CN 4100",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:08:14.457Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "11.0.9",
"status": "affected",
"version": "11.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.1.43",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.107",
"status": "affected",
"version": "9.0.0.M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.100",
"status": "unknown",
"version": "8.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.27",
"status": "unknown",
"version": "10.0.0-M1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel of Tel Aviv University"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.\u003c/p\u003e"
}
],
"value": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.\n\nUsers are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404 Improper Resource Shutdown or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T11:45:02.604Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Tomcat: h2 DoS - Made You Reset",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-48989",
"datePublished": "2025-08-13T12:11:26.124Z",
"dateReserved": "2025-05-29T15:25:37.243Z",
"dateUpdated": "2026-05-12T12:08:14.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-48989",
"date": "2026-06-18",
"epss": "0.02931",
"percentile": "0.85292"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-48989\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-08-13T13:15:34.153\",\"lastModified\":\"2026-05-12T13:17:20.093\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.\\n\\nUsers are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de apagado o liberaci\u00f3n incorrecta de recursos en Apache Tomcat lo hizo vulnerable al ataque \\\"Maked You Reset\\\". Este problema afecta a Apache Tomcat desde la versi\u00f3n 11.0.0-M1 hasta la 11.0.9, desde la 10.1.0-M1 hasta la 10.1.43 y desde la 9.0.0.M1 hasta la 9.0.107. Las versiones anteriores al final de su vida \u00fatil tambi\u00e9n pueden verse afectadas. Se recomienda actualizar a una de las versiones 11.0.10, 10.1.44 o 9.0.108, que solucionan el problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.1\",\"versionEndExcluding\":\"9.0.108\",\"matchCriteriaId\":\"BB3FEF17-23FB-460F-AEF8-FDBA52DC2B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.1.44\",\"matchCriteriaId\":\"0820A463-9915-448C-9EC0-49F79D12708A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.10\",\"matchCriteriaId\":\"CA7FF893-81BF-455F-A9D5-47D6A6F9E6E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D0689FE-4BC0-4F53-8C79-34B21F9B86C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B129B2-FB6F-4EF9-BF12-E589A87996CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6787B6-54A8-475E-BA1C-AB99334B2535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6DA0BE-908C-4DA8-A191-A0113235E99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*\",\"matchCriteriaId\":\"39029C72-28B4-46A4-BFF5-EC822CFB2A4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2E05A3-014F-4C4D-81E5-88E725FBD6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C533C-0833-41D5-99B6-17A4FAB3CAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768C60-21FA-4B92-B98C-C3A2602D1BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F542E12-6BA8-4504-A494-DA83E7E19BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2409CC7-6A85-4A66-A457-0D62B9895DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A7E5-4455-4B1C-8FAC-AE6DDC70689E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF411DDA-2601-449A-9046-D250419A0E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B4FBF97-DE16-4E5E-BE19-471E01818D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B266B1E-24B5-47EE-A421-E0E3CC0C7471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*\",\"matchCriteriaId\":\"29614C3A-6FB3-41C7-B56E-9CC3F45B04F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AB156C-8FF6-4727-AF75-590D0DCB3F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C5F004-F7D8-45DB-B173-351C50B0EC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1902D2E-1896-4D3D-9E1C-3A675255072C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"49AAF4DF-F61D-47A8-8788-A21E317A145D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"454211D0-60A2-4661-AECA-4C0121413FEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0686F977-889F-4960-8E0B-7784B73A7F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"558703AE-DB5E-4DFF-B497-C36694DD7B24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED6273F2-1165-47A4-8DD7-9E9B2472941B\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/767506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-032379.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/767506\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:11:10.863Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48989\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-13T18:37:15.707400Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-13T18:37:19.170Z\"}}], \"cna\": {\"title\": \"Apache Tomcat: h2 DoS - Made You Reset\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel of Tel Aviv University\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"important\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tomcat\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"11.0.9\"}, {\"status\": \"affected\", \"version\": \"10.1.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.1.43\"}, {\"status\": \"affected\", \"version\": \"9.0.0.M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.0.107\"}, {\"status\": \"unknown\", \"version\": \"8.5.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.5.100\"}, {\"status\": \"unknown\", \"version\": \"10.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.0.27\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.\\n\\nUsers are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eImproper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-404\", \"description\": \"CWE-404 Improper Resource Shutdown or Release\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-10-29T11:45:02.604Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-48989\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T21:11:10.863Z\", \"dateReserved\": \"2025-05-29T15:25:37.243Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-08-13T12:11:26.124Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2026-0165
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00Summary
Oracle Siebel CRM: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Siebel CRM ist eine CRM-Lösung von Oracle.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
Affected products
Last affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Siebel CRM <=25.10
Oracle / Siebel CRM
|
<=25.10 | ||
|
Oracle Siebel CRM <=25.2
Oracle / Siebel CRM
|
<=25.2 | ||
|
Oracle Siebel CRM <=25.9
Oracle / Siebel CRM
|
<=25.9 | ||
|
Oracle Siebel CRM <=25.11
Oracle / Siebel CRM
|
<=25.11 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0165 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0165.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0165 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0165"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Siebel CRM vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixSECR"
}
],
"source_lang": "en-US",
"title": "Oracle Siebel CRM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T09:05:44.183+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0165",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=25.2",
"product": {
"name": "Oracle Siebel CRM \u003c=25.2",
"product_id": "T042836"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.2",
"product": {
"name": "Oracle Siebel CRM \u003c=25.2",
"product_id": "T042836-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.10",
"product": {
"name": "Oracle Siebel CRM \u003c=25.10",
"product_id": "T047959"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.10",
"product": {
"name": "Oracle Siebel CRM \u003c=25.10",
"product_id": "T047959-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.11",
"product": {
"name": "Oracle Siebel CRM \u003c=25.11",
"product_id": "T050156"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.11",
"product": {
"name": "Oracle Siebel CRM \u003c=25.11",
"product_id": "T050156-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.9",
"product": {
"name": "Oracle Siebel CRM \u003c=25.9",
"product_id": "T050157"
}
},
{
"category": "product_version_range",
"name": "\u003c=25.9",
"product": {
"name": "Oracle Siebel CRM \u003c=25.9",
"product_id": "T050157-fixed"
}
}
],
"category": "product_name",
"name": "Siebel CRM"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33813",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2021-33813"
},
{
"cve": "CVE-2022-23395",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-23395"
},
{
"cve": "CVE-2024-23807",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-4575",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-4575"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-53547",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-53643",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53643"
},
{
"cve": "CVE-2025-5372",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-5372"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-8916",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-8916"
},
{
"cve": "CVE-2026-21926",
"product_status": {
"last_affected": [
"T047959",
"T042836",
"T050157",
"T050156"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21926"
}
]
}
WID-SEC-W-2026-0173
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00Summary
Oracle Utilities Applications: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen Lösungen für Ver- und Entsorger.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 2.6.0.2.5
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.2.5
|
2.6.0.2.5 | |
|
Oracle Utilities Applications 4.3.0.5.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.5.0
|
4.3.0.5.0 | |
|
Oracle Utilities Applications 2.6.0.1.9
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.1.9
|
2.6.0.1.9 | |
|
Oracle Utilities Applications 25.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.10
|
25.1 | |
|
Oracle Utilities Applications 7.0.0.1.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.1.4
|
7.0.0.1.4 | |
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 7.0.0.0.6
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.0.6
|
7.0.0.0.6 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.5.0.1.3
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.3
|
4.5.0.1.3 | |
|
Oracle Utilities Applications 2.5.0.2.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.5.0.2.10
|
2.5.0.2.10 | |
|
Oracle Utilities Applications 25.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4
|
25.4 | |
|
Oracle Utilities Applications 4.5.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.2.0
|
4.5.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.4.0.4.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.4.0
|
4.4.0.4.0 | |
|
Oracle Utilities Applications 25.4.0.0.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4.0.0.1
|
25.4.0.0.1 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.5.0.1.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.1
|
4.5.0.1.1 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 2.6.0.2.5
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.2.5
|
2.6.0.2.5 | |
|
Oracle Utilities Applications 4.3.0.5.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.5.0
|
4.3.0.5.0 | |
|
Oracle Utilities Applications 2.6.0.1.9
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.1.9
|
2.6.0.1.9 | |
|
Oracle Utilities Applications 25.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.10
|
25.1 | |
|
Oracle Utilities Applications 7.0.0.1.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.1.4
|
7.0.0.1.4 | |
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 7.0.0.0.6
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.0.6
|
7.0.0.0.6 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.5.0.1.3
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.3
|
4.5.0.1.3 | |
|
Oracle Utilities Applications 2.5.0.2.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.5.0.2.10
|
2.5.0.2.10 | |
|
Oracle Utilities Applications 25.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4
|
25.4 | |
|
Oracle Utilities Applications 4.5.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.2.0
|
4.5.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.4.0.4.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.4.0
|
4.4.0.4.0 | |
|
Oracle Utilities Applications 25.4.0.0.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4.0.0.1
|
25.4.0.0.1 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.5.0.1.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.1
|
4.5.0.1.1 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 2.6.0.2.5
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.2.5
|
2.6.0.2.5 | |
|
Oracle Utilities Applications 4.3.0.5.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.5.0
|
4.3.0.5.0 | |
|
Oracle Utilities Applications 2.6.0.1.9
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.1.9
|
2.6.0.1.9 | |
|
Oracle Utilities Applications 25.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.10
|
25.1 | |
|
Oracle Utilities Applications 7.0.0.1.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.1.4
|
7.0.0.1.4 | |
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 7.0.0.0.6
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.0.6
|
7.0.0.0.6 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.5.0.1.3
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.3
|
4.5.0.1.3 | |
|
Oracle Utilities Applications 2.5.0.2.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.5.0.2.10
|
2.5.0.2.10 | |
|
Oracle Utilities Applications 25.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4
|
25.4 | |
|
Oracle Utilities Applications 4.5.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.2.0
|
4.5.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.4.0.4.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.4.0
|
4.4.0.4.0 | |
|
Oracle Utilities Applications 25.4.0.0.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4.0.0.1
|
25.4.0.0.1 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.5.0.1.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.1
|
4.5.0.1.1 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 2.6.0.2.5
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.2.5
|
2.6.0.2.5 | |
|
Oracle Utilities Applications 4.3.0.5.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.5.0
|
4.3.0.5.0 | |
|
Oracle Utilities Applications 2.6.0.1.9
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.1.9
|
2.6.0.1.9 | |
|
Oracle Utilities Applications 25.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.10
|
25.1 | |
|
Oracle Utilities Applications 7.0.0.1.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.1.4
|
7.0.0.1.4 | |
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 7.0.0.0.6
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.0.6
|
7.0.0.0.6 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.5.0.1.3
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.3
|
4.5.0.1.3 | |
|
Oracle Utilities Applications 2.5.0.2.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.5.0.2.10
|
2.5.0.2.10 | |
|
Oracle Utilities Applications 25.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4
|
25.4 | |
|
Oracle Utilities Applications 4.5.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.2.0
|
4.5.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.4.0.4.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.4.0
|
4.4.0.4.0 | |
|
Oracle Utilities Applications 25.4.0.0.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4.0.0.1
|
25.4.0.0.1 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.5.0.1.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.1
|
4.5.0.1.1 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Utilities Applications 2.6.0.2.5
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.2.5
|
2.6.0.2.5 | |
|
Oracle Utilities Applications 4.3.0.5.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.5.0
|
4.3.0.5.0 | |
|
Oracle Utilities Applications 2.6.0.1.9
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.6.0.1.9
|
2.6.0.1.9 | |
|
Oracle Utilities Applications 25.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.10
|
25.1 | |
|
Oracle Utilities Applications 7.0.0.1.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.1.4
|
7.0.0.1.4 | |
|
Oracle Utilities Applications 4.4.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.0.0
|
4.4.0.0.0 | |
|
Oracle Utilities Applications 7.0.0.0.6
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:7.0.0.0.6
|
7.0.0.0.6 | |
|
Oracle Utilities Applications 4.3.0.6.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.3.0.6.0
|
4.3.0.6.0 | |
|
Oracle Utilities Applications 4.5.0.1.3
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.3
|
4.5.0.1.3 | |
|
Oracle Utilities Applications 2.5.0.2.10
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:2.5.0.2.10
|
2.5.0.2.10 | |
|
Oracle Utilities Applications 25.4
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4
|
25.4 | |
|
Oracle Utilities Applications 4.5.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.2.0
|
4.5.0.2.0 | |
|
Oracle Utilities Applications 4.4.0.3.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.3.0
|
4.4.0.3.0 | |
|
Oracle Utilities Applications 4.4.0.4.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.4.0
|
4.4.0.4.0 | |
|
Oracle Utilities Applications 25.4.0.0.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:25.4.0.0.1
|
25.4.0.0.1 | |
|
Oracle Utilities Applications 4.4.0.2.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.4.0.2.0
|
4.4.0.2.0 | |
|
Oracle Utilities Applications 4.5.0.1.1
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.1.1
|
4.5.0.1.1 | |
|
Oracle Utilities Applications 4.5.0.0.0
Oracle / Utilities Applications
|
cpe:/a:oracle:utilities:4.5.0.0.0
|
4.5.0.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Utilities Applications ist eine Produktfamilie mit branchenspezifischen L\u00f6sungen f\u00fcr Ver- und Entsorger.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Utilities Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0173 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0173.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0173 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0173"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Utilities Applications vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixUTIL"
}
],
"source_lang": "en-US",
"title": "Oracle Utilities Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T09:10:33.315+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0173",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.5.0.2.10",
"product": {
"name": "Oracle Utilities Applications 2.5.0.2.10",
"product_id": "T050181",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:2.5.0.2.10"
}
}
},
{
"category": "product_version",
"name": "2.6.0.1.9",
"product": {
"name": "Oracle Utilities Applications 2.6.0.1.9",
"product_id": "T050182",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:2.6.0.1.9"
}
}
},
{
"category": "product_version",
"name": "2.6.0.2.5",
"product": {
"name": "Oracle Utilities Applications 2.6.0.2.5",
"product_id": "T050183",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:2.6.0.2.5"
}
}
},
{
"category": "product_version",
"name": "7.0.0.0.6",
"product": {
"name": "Oracle Utilities Applications 7.0.0.0.6",
"product_id": "T050184",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:7.0.0.0.6"
}
}
},
{
"category": "product_version",
"name": "7.0.0.1.4",
"product": {
"name": "Oracle Utilities Applications 7.0.0.1.4",
"product_id": "T050185",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:7.0.0.1.4"
}
}
},
{
"category": "product_version",
"name": "25.4.0.0.1",
"product": {
"name": "Oracle Utilities Applications 25.4.0.0.1",
"product_id": "T050186",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:25.4.0.0.1"
}
}
},
{
"category": "product_version",
"name": "4.4.0.3.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.3.0",
"product_id": "T050187",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.3.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.0.0",
"product_id": "T050188",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.5.0.1.1",
"product": {
"name": "Oracle Utilities Applications 4.5.0.1.1",
"product_id": "T050189",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.1.1"
}
}
},
{
"category": "product_version",
"name": "4.5.0.1.3",
"product": {
"name": "Oracle Utilities Applications 4.5.0.1.3",
"product_id": "T050190",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.1.3"
}
}
},
{
"category": "product_version",
"name": "4.5.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.5.0.2.0",
"product_id": "T050191",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.5.0.2.0"
}
}
},
{
"category": "product_version",
"name": "25.4",
"product": {
"name": "Oracle Utilities Applications 25.4",
"product_id": "T050192",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:25.4"
}
}
},
{
"category": "product_version",
"name": "25.1",
"product": {
"name": "Oracle Utilities Applications 25.10",
"product_id": "T050193",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:25.10"
}
}
},
{
"category": "product_version",
"name": "4.3.0.5.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.5.0",
"product_id": "T050194",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.5.0"
}
}
},
{
"category": "product_version",
"name": "4.3.0.6.0",
"product": {
"name": "Oracle Utilities Applications 4.3.0.6.0",
"product_id": "T050195",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.3.0.6.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.0.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.0.0",
"product_id": "T050196",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.0.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.2.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.2.0",
"product_id": "T050197",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.2.0"
}
}
},
{
"category": "product_version",
"name": "4.4.0.4.0",
"product": {
"name": "Oracle Utilities Applications 4.4.0.4.0",
"product_id": "T050198",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:utilities:4.4.0.4.0"
}
}
}
],
"category": "product_name",
"name": "Utilities Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T050183",
"T050194",
"T050182",
"T050193",
"T050185",
"T050196",
"T050184",
"T050195",
"T050190",
"T050181",
"T050192",
"T050191",
"T050187",
"T050198",
"T050186",
"T050197",
"T050189",
"T050188"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050183",
"T050194",
"T050182",
"T050193",
"T050185",
"T050196",
"T050184",
"T050195",
"T050190",
"T050181",
"T050192",
"T050191",
"T050187",
"T050198",
"T050186",
"T050197",
"T050189",
"T050188"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T050183",
"T050194",
"T050182",
"T050193",
"T050185",
"T050196",
"T050184",
"T050195",
"T050190",
"T050181",
"T050192",
"T050191",
"T050187",
"T050198",
"T050186",
"T050197",
"T050189",
"T050188"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-8916",
"product_status": {
"known_affected": [
"T050183",
"T050194",
"T050182",
"T050193",
"T050185",
"T050196",
"T050184",
"T050195",
"T050190",
"T050181",
"T050192",
"T050191",
"T050187",
"T050198",
"T050186",
"T050197",
"T050189",
"T050188"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-8916"
},
{
"cve": "CVE-2026-21924",
"product_status": {
"known_affected": [
"T050183",
"T050194",
"T050182",
"T050193",
"T050185",
"T050196",
"T050184",
"T050195",
"T050190",
"T050181",
"T050192",
"T050191",
"T050187",
"T050198",
"T050186",
"T050197",
"T050189",
"T050188"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21924"
}
]
}
WID-SEC-W-2026-0175
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00Summary
Oracle Supply Chain: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Supply Chain 9.3.6
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:9.3.6
|
9.3.6 | |
|
Oracle Supply Chain 6.2.4
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:6.2.4
|
6.2.4 | |
|
Oracle Supply Chain 21.1.0
Oracle / Supply Chain
|
cpe:/a:oracle:supply_chain:21.1.0
|
21.1.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0175 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0175.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0175 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0175"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Supply Chain vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixSCP"
}
],
"source_lang": "en-US",
"title": "Oracle Supply Chain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T09:10:33.965+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0175",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.3.6",
"product": {
"name": "Oracle Supply Chain 9.3.6",
"product_id": "T019052",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:9.3.6"
}
}
},
{
"category": "product_version",
"name": "21.1.0",
"product": {
"name": "Oracle Supply Chain 21.1.0",
"product_id": "T038411",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:21.1.0"
}
}
},
{
"category": "product_version",
"name": "6.2.4",
"product": {
"name": "Oracle Supply Chain 6.2.4",
"product_id": "T050158",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:6.2.4"
}
}
}
],
"category": "product_name",
"name": "Supply Chain"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31672",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-5115",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-54874",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54874"
},
{
"cve": "CVE-2026-21940",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21940"
},
{
"cve": "CVE-2026-21944",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21944"
},
{
"cve": "CVE-2026-21969",
"product_status": {
"known_affected": [
"T019052",
"T050158",
"T038411"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21969"
}
]
}
WID-SEC-W-2026-0177
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-03-18 23:00Summary
Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, und um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, und um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0177 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0177.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0177 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0177"
},
{
"category": "external",
"summary": "Atlassian Support Security Bulletin vom 2026-01-20",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html"
},
{
"category": "external",
"summary": "Deell Security Update",
"url": "https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - March 17 2026",
"url": "https://confluence.atlassian.com/security/security-bulletin-march-17-2026-1721271371.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-18T23:00:00.000+00:00",
"generator": {
"date": "2026-03-19T09:58:07.378+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0177",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-4913"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "5",
"summary": "doppelte Eintragung bereinigt"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.0.2",
"product_id": "T050227"
}
},
{
"category": "product_version",
"name": "Data Center 12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center 12.0.2",
"product_id": "T050227-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.0.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.13",
"product_id": "T050228"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.13",
"product_id": "T050228-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center \u003c9.6.21",
"product_id": "T050229"
}
},
{
"category": "product_version",
"name": "Data Center 9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center 9.6.21",
"product_id": "T050229-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__9.6.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c12.1.3 (LTS)",
"product_id": "T051830"
}
},
{
"category": "product_version",
"name": "12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo 12.1.3 (LTS)",
"product_id": "T051830-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.1.3_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c10.2.16 (LTS)",
"product_id": "T051831"
}
},
{
"category": "product_version",
"name": "10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo 10.2.16 (LTS)",
"product_id": "T051831-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.16_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c9.6.24 (LTS)",
"product_id": "T051832"
}
},
{
"category": "product_version",
"name": "9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo 9.6.24 (LTS)",
"product_id": "T051832-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.24_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.1.1",
"product_id": "T050230"
}
},
{
"category": "product_version",
"name": "Data Center 10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.1.1",
"product_id": "T050230-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.15",
"product_id": "T050231"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.15",
"product_id": "T050231-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.15"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c8.19.26",
"product_id": "T050232"
}
},
{
"category": "product_version",
"name": "Data Center 8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center 8.19.26",
"product_id": "T050232-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__8.19.26"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.5",
"product": {
"name": "Atlassian Bitbucket \u003c10.1.5",
"product_id": "T051833"
}
},
{
"category": "product_version",
"name": "10.1.5",
"product": {
"name": "Atlassian Bitbucket 10.1.5",
"product_id": "T051833-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.1.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket \u003c10.2.0 to 10.2.1",
"product_id": "T051834"
}
},
{
"category": "product_version",
"name": "10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket 10.2.0 to 10.2.1",
"product_id": "T051834-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.2.0_to_10.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.17 to 9.4.18",
"product_id": "T051835"
}
},
{
"category": "product_version",
"name": "9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket 9.4.17 to 9.4.18",
"product_id": "T051835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.17_to_9.4.18"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.2",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.2",
"product_id": "T050233"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.2",
"product": {
"name": "Atlassian Confluence Data Center 10.2.2",
"product_id": "T050233-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.13",
"product_id": "T050234"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.13",
"product": {
"name": "Atlassian Confluence Data Center 9.2.13",
"product_id": "T050234-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.13"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.0",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.0",
"product_id": "T050235"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.0",
"product": {
"name": "Atlassian Jira Data Center 11.3.0",
"product_id": "T050235-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c11.2.1",
"product": {
"name": "Atlassian Jira Data Center \u003c11.2.1",
"product_id": "T050236"
}
},
{
"category": "product_version",
"name": "Data Center 11.2.1",
"product": {
"name": "Atlassian Jira Data Center 11.2.1",
"product_id": "T050236-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.2.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.16",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.16",
"product_id": "T050237"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.16",
"product": {
"name": "Atlassian Jira Data Center 10.3.16",
"product_id": "T050237-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.12.26",
"product": {
"name": "Atlassian Jira \u003c9.12.26",
"product_id": "T050238"
}
},
{
"category": "product_version",
"name": "9.12.26",
"product": {
"name": "Atlassian Jira 9.12.26",
"product_id": "T050238-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:9.12.26"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12",
"product_id": "T050283"
}
},
{
"category": "product_version",
"name": "19.12",
"product": {
"name": "Dell Data Protection Advisor 19.12",
"product_id": "T050283-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2022-25883",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-25883"
},
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2024-21538",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-38286",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2025-12383",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-12383"
},
{
"cve": "CVE-2025-15284",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-27152",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27152"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49146",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52999",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53689",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53689"
},
{
"cve": "CVE-2025-54988",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-55752",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-64775",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-64775"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-9287",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9287"
},
{
"cve": "CVE-2025-9288",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9288"
},
{
"cve": "CVE-2026-21569",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21569"
}
]
}
WID-SEC-W-2026-0351
Vulnerability from csaf_certbund - Published: 2026-02-09 23:00 - Updated: 2026-02-09 23:00Summary
Dell NetWorker (Third Party Components): Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell NetWorker ausnutzen, um Angriffe zu starten, die die Integrität, Vertraulichkeit und Verfügbarkeit von Systemen beeinträchtigen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell NetWorker AUTHC <19.14
Dell / NetWorker
|
AUTHC <19.14 | ||
|
Dell NetWorker vCenter User Interface <19.14
Dell / NetWorker
|
vCenter User Interface <19.14 | ||
|
Dell NetWorker Management Web UI <19.14
Dell / NetWorker
|
Management Web UI <19.14 | ||
|
Dell NetWorker Management Console <19.14
Dell / NetWorker
|
Management Console <19.14 | ||
|
Dell NetWorker File-Level Recovery <19.14
Dell / NetWorker
|
File-Level Recovery <19.14 | ||
|
Dell NetWorker REST API <19.14
Dell / NetWorker
|
REST API <19.14 |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell NetWorker ausnutzen, um Angriffe zu starten, die die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit von Systemen beeintr\u00e4chtigen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0351 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0351.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0351 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0351"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-023 vom 2026-02-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000425429/dsa-2026-023-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-024 vom 2026-02-09",
"url": "https://www.dell.com/support/kbdoc/de-de/000425759/dsa-2026-024-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell NetWorker (Third Party Components): Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-09T23:00:00.000+00:00",
"generator": {
"date": "2026-02-10T10:02:33.638+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0351",
"initial_release_date": "2026-02-09T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "AUTHC \u003c19.14",
"product": {
"name": "Dell NetWorker AUTHC \u003c19.14",
"product_id": "T050629"
}
},
{
"category": "product_version",
"name": "AUTHC 19.14",
"product": {
"name": "Dell NetWorker AUTHC 19.14",
"product_id": "T050629-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:authc__19.14"
}
}
},
{
"category": "product_version_range",
"name": "Management Console \u003c19.14",
"product": {
"name": "Dell NetWorker Management Console \u003c19.14",
"product_id": "T050630"
}
},
{
"category": "product_version",
"name": "Management Console 19.14",
"product": {
"name": "Dell NetWorker Management Console 19.14",
"product_id": "T050630-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:management_console__19.14"
}
}
},
{
"category": "product_version_range",
"name": "Management Web UI \u003c19.14",
"product": {
"name": "Dell NetWorker Management Web UI \u003c19.14",
"product_id": "T050631"
}
},
{
"category": "product_version",
"name": "Management Web UI 19.14",
"product": {
"name": "Dell NetWorker Management Web UI 19.14",
"product_id": "T050631-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:management_web_ui__19.14"
}
}
},
{
"category": "product_version_range",
"name": "REST API \u003c19.14",
"product": {
"name": "Dell NetWorker REST API \u003c19.14",
"product_id": "T050632"
}
},
{
"category": "product_version",
"name": "REST API 19.14",
"product": {
"name": "Dell NetWorker REST API 19.14",
"product_id": "T050632-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:rest_api__19.14"
}
}
},
{
"category": "product_version_range",
"name": "File-Level Recovery \u003c19.14",
"product": {
"name": "Dell NetWorker File-Level Recovery \u003c19.14",
"product_id": "T050633"
}
},
{
"category": "product_version",
"name": "File-Level Recovery 19.14",
"product": {
"name": "Dell NetWorker File-Level Recovery 19.14",
"product_id": "T050633-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:file-level_recovery__19.14"
}
}
},
{
"category": "product_version_range",
"name": "vCenter User Interface \u003c19.14",
"product": {
"name": "Dell NetWorker vCenter User Interface \u003c19.14",
"product_id": "T050634"
}
},
{
"category": "product_version",
"name": "vCenter User Interface 19.14",
"product": {
"name": "Dell NetWorker vCenter User Interface 19.14",
"product_id": "T050634-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:vcenter_user_interface__19.14"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-5783",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2012-5783"
},
{
"cve": "CVE-2014-3577",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2014-3577"
},
{
"cve": "CVE-2015-5262",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2015-5262"
},
{
"cve": "CVE-2020-13956",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2023-35116",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2024-29736",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-29736"
},
{
"cve": "CVE-2024-32007",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-32007"
},
{
"cve": "CVE-2024-41172",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2024-41172"
},
{
"cve": "CVE-2025-11226",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-11226"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2025-22233",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22233"
},
{
"cve": "CVE-2025-22235",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-22235"
},
{
"cve": "CVE-2025-23184",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-27820",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-27820"
},
{
"cve": "CVE-2025-31650",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-31650"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-41234",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41234"
},
{
"cve": "CVE-2025-41242",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41242"
},
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41254",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-41254"
},
{
"cve": "CVE-2025-46392",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-46392"
},
{
"cve": "CVE-2025-48913",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48913"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-53864",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-7962",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-7962"
},
{
"cve": "CVE-2025-8713",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8713"
},
{
"cve": "CVE-2025-8714",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8714"
},
{
"cve": "CVE-2025-8715",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8715"
},
{
"cve": "CVE-2025-8885",
"product_status": {
"known_affected": [
"T050629",
"T050634",
"T050631",
"T050630",
"T050633",
"T050632"
]
},
"release_date": "2026-02-09T23:00:00.000+00:00",
"title": "CVE-2025-8885"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…