cve-2019-13990
Vulnerability from cvelistv5
Published
2019-07-26 00:00
Modified
2024-10-15 18:22
Severity ?
Summary
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
References
cve@mitre.orghttps://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.htmlThird Party Advisory
cve@mitre.orghttps://github.com/quartz-scheduler/quartz/issues/467Issue Tracking, Third Party Advisory
cve@mitre.orghttps://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3EThird Party Advisory
cve@mitre.orghttps://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3EIssue Tracking
cve@mitre.orghttps://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3EIssue Tracking
cve@mitre.orghttps://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3EIssue Tracking
cve@mitre.orghttps://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3EPatch
cve@mitre.orghttps://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3EPatch
cve@mitre.orghttps://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3EIssue Tracking
cve@mitre.orghttps://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3EIssue Tracking
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20221028-0002/Third Party Advisory
cve@mitre.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlThird Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuapr2020.htmlThird Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujul2020.htmlThird Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2020.htmlThird Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:05:44.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[tomee-dev] 20190830 Re: Quartz CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20190830 Quartz CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20190908 Re: Quartz CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-commits] 20190908 svn commit: r1866633 - /tomee/deps/trunk/quartz-openejb-shade/pom.xml",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20190923 Re: [VOTE] Release quartz-openejb-shade 2.2.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/quartz-scheduler/quartz/issues/467"
          },
          {
            "name": "[tomee-commits] 20200720 [jira] [Created] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-commits] 20200720 [jira] [Commented] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3E"
          },
          {
            "name": "[tomee-commits] 20200720 [jira] [Assigned] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221028-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2019-13990",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:36:32.053865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-611",
                "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T18:22:20.316Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-28T05:44:55.522130",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[tomee-dev] 20190830 Re: Quartz CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-dev] 20190830 Quartz CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-dev] 20190908 Re: Quartz CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-commits] 20190908 svn commit: r1866633 - /tomee/deps/trunk/quartz-openejb-shade/pom.xml",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-dev] 20190923 Re: [VOTE] Release quartz-openejb-shade 2.2.4",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "url": "https://github.com/quartz-scheduler/quartz/issues/467"
        },
        {
          "name": "[tomee-commits] 20200720 [jira] [Created] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-commits] 20200720 [jira] [Commented] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3E"
        },
        {
          "name": "[tomee-commits] 20200720 [jira] [Assigned] (TOMEE-2886) Update quartz-scheduler to mitigate CVE-2019-13990",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221028-0002/"
        },
        {
          "url": "https://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13990",
    "datePublished": "2019-07-26T00:00:00",
    "dateReserved": "2019-07-19T00:00:00",
    "dateUpdated": "2024-10-15T18:22:20.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-13990\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-07-26T19:15:11.730\",\"lastModified\":\"2024-10-15T19:35:09.210\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n initDocumentParser en el archivo xml/XMLSchedulingDataProcessor.java en Quartz Scheduler de Terracotta hasta la versi\u00f3n 2.3.0, permite ataques de tipo XXE por medio de una descripci\u00f3n del trabajo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:softwareag:quartz:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2\",\"matchCriteriaId\":\"45E3B3FD-2210-4419-86E7-0365320383F7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:apache_batik_mapviewer:12.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B8033B-C2A4-47A2-88F0-ED2BF8962518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:apache_batik_mapviewer:18c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B1124B6-CECC-4D4D-A8D5-F05928A545AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:apache_batik_mapviewer:19c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE19D2D-0789-4925-BC87-DC3A4C063FBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_originations:2.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB8ABFD-C72C-4CBB-8872-9440A19154D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_originations:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3054FEBB-484B-4927-9D1C-2024772E8B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_product_manufacturing:2.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AED3C78-7D65-4F02-820D-B51BCE4022F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_enterprise_product_manufacturing:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557A23A1-4762-4D29-A478-D1670C1847D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.4.0\",\"matchCriteriaId\":\"2FF46C9A-7768-4E52-A676-BEA6AE766AD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE48E0FE-5931-441C-B4FF-253BD9C48186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7A60DB-A287-4E61-8131-B6314007191B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"11B0C37E-D7C7-45F2-A8D8-5A3B1B191430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"727DF4F5-3D21-491E-96B9-EC973A6C9C18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.6.0\",\"versionEndIncluding\":\"12.6.4\",\"matchCriteriaId\":\"135D531C-A692-4BE3-AB8C-37BB0D35559A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66916DEB-ACE1-44E0-9535-10B3E03347AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BE77B2-6368-470E-B9E6-21664D9A818A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3250073F-325A-4AFC-892F-F2005E3854A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69266D2-72D0-4A6C-883D-2597FE30931B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_investor_servicing:14.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"524429D6-8AF1-4713-A9B8-678B50A3762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6762F207-93C7-4363-B2F9-7A7C6F8AF993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06E586B3-3434-4B08-8BE3-16C528642CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:google_guava_mapviewer:12.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CCA59D2-2853-44F3-9C5C-CC59B49A6B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:google_guava_mapviewer:18c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"779EB0EC-2905-48BC-B375-E6E78B26A169\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:google_guava_mapviewer:19c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E19C4DBE-2889-4C13-A0E9-30D0CD1BF714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DED59B62-C9BF-4C0E-B351-3884E8441655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.2.5.3\",\"matchCriteriaId\":\"B2A0A4A6-70D3-418B-80EA-04718C50C500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0735989-13BD-40B3-B954-AC0529C5B53D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58405263-E84C-4071-BB23-165D49034A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42064F46-3012-4FB1-89BA-F13C2E4CBB6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73E2EFA-0F43-4D92-8C7D-9E66811B76D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8CF045-09BB-4069-BCEC-496D5AE3B780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38E74E68-7F19-4EF3-AC00-3C249EAAA39E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB0BB58-04D3-409D-AECC-9633782F0E75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E13DF2AE-F315-4085-9172-6C8B21AF1C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDB925C6-2CBC-4D88-B9EA-F246F4F7A206\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DA6839-849D-4CEF-85F3-38FE75E07183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCE78490-A4BE-40BD-8C72-0A4526BBD4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AE3629-4A66-49E4-A33D-6D81CC94962F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB39A1A-AD29-45DD-9EB5-5E2053A01B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27C26705-6D1F-4D5E-B64D-B479108154FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:12.2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E75624C-68FA-465C-86B3-BCFB649C4782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:18c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B7DF2FA-F290-40F7-ABD1-AB50EEBC83B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:19c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D4E5C1-D4A6-464D-9DF3-A9DDD1912FBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D551CAB1-4312-44AA-BDA8-A030817E153A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"174A6D2E-E42E-4C92-A194-C6A820CD7EF4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomee:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E74771B8-99DA-434F-ADCF-258838674E18\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"E70C8416-E4F6-44BC-BDF9-BB1BAE7E185F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"1363F683-E350-4639-A973-A82BDD83A3A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"7BAB5016-8439-4E01-8911-8B472EF38E13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"F8EF8DCE-7266-49B1-AE2E-96079A2AD6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"029B8E7F-65EF-4984-A27B-8198D8EB18DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"55C7B96B-2A2F-47F9-BBBD-0E25F8AF8F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"160B6A9E-41DC-4999-B3CC-A16B3A16D2A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"FC59154D-036C-4F22-B5F1-891527A3EC6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"6AD2CA00-9D6C-4DAC-90E6-BE1D93555C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2FDF2DF4-B0EE-4179-AF98-B21EBB2E1D6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"AF85E227-F167-4CCB-A039-D96CC080B032\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"EDA3B2B5-C9EA-4D26-AEF4-F86792FB9ADC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"93DDAE6E-DB31-429A-B4EB-955E080A4545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"DF994E6C-6262-4230-BBC6-E464EBC1B0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"25DA87CA-362C-4558-AA42-265DA1F8C26D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"EF410408-CD38-408A-97C4-1103EF8AF68D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"037D6CB0-959B-468E-87DD-8B1110A14ED0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"1B885DB6-2DEA-4EB4-97BC-2BF30BC45544\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"C83E3571-CD54-40A2-AAC0-20F67954642B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"B69320FF-4E93-475C-B995-85CF1A03DBDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"FD430022-C74D-4340-88F9-21AB69485966\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"549E2860-25D9-468C-891D-AD9BEADA08B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"5C03D422-521C-48B2-B293-247232D1ED3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2B0DBCC1-2D1F-4DB3-A693-DA0FA18B9A5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"34515441-AE13-4492-A08E-6521D840F689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"6FABE527-FED5-4BA3-ABF0-C89AD1228ED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"6BE5E85B-7725-4DB9-8357-9097F777705D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"910A2B29-3502-499B-892F-F6AD473CA6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"2BAB1FDD-C213-48CB-B28B-802F0D1278A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"59D09ED0-E31D-4C6B-A217-A3C58C209782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"746CCD4F-5411-4249-8A71-A47AD598498A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"A055705E-4F63-4EB9-BABC-8888041D1E1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"AFA32156-893E-44A7-9F18-73586F2E21AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"631D10DC-9F03-4BEE-98DD-0759746825A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"AFAC053F-3A53-4AD8-9393-49A837A38A8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"FE355EB5-A0C4-471C-8E47-1898746D89C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"CC230B1E-AA5E-4E76-92E5-41130C56DD34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"B764FD56-DBFF-46EE-9108-CF88591DC7A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"3F369AD5-25DB-43E4-ADB5-22A774FC6F91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"454804E1-9C4C-41AA-ACB4-0150BB39669C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"79A73328-B3BF-4682-9B60-12A4039F9D1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2A75238E-A82C-4BE9-8300-2BE8B40C31CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"1E7B8908-7F72-495B-B562-81E789643A60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"55A04426-7D52-4F90-9623-109F201223AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"2CC10DC7-1B0B-41E6-B903-DC7E59F68517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"E7A19BC6-3F2B-4248-8255-BBA729F941C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"DC4936AD-0B95-4687-B0A8-290E76D3ED7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"33A3BC88-F6CC-4CDD-8842-2DC5C4706AC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"AE05DF9B-2F49-45E9-AB47-A5FA18B6847E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"29F7D306-FC7F-4748-BC1D-6280654B8409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"C82EA42D-1583-4B6D-840E-69B804BD2902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"22D1EEB6-D4D1-46FC-BB60-CF33EE970E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"F1992CBB-135C-4CD7-8D9B-037EEE0530BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"D8232A74-B1DA-48DD-9DF1-4D04F6091BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"F81B63AA-1086-448A-8D60-F5CF41BB1226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2B8BBC24-532A-46AB-9D7D-241C43082E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"F629DC1E-E044-4D84-8D60-B4E6C139EE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"4BDBC59C-C5C7-4848-8CCA-D4DF0354BFCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"D2E75D91-EC8E-4BAC-B989-403120F84BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"FEA2A29A-D2AA-4688-888D-02923EEBFF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"93EEA37B-7E96-455D-9131-2CDB77889080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"71D2DC08-B93D-474B-9332-793A47E0A792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"9263586C-D6A5-48F4-8F36-F672377AAFAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"01F142BF-C557-4D27-A263-0A77D3FBAA27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"BC250698-AA6D-46FC-923D-9A3EB0742697\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"755B605C-E032-435B-90C3-FEB1EEBD43E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"728DE946-60C8-433A-807B-45720C668B37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"F24C4029-A2D5-4B95-AE2B-10B035B28420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"52672DE1-9B0D-4689-93AD-FF4B8A59E5EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"D802B4FE-F56F-46C4-A84B-EB89931EC16E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"17E30F04-14EF-4F4D-8124-D0DD04E9EDF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"538503C1-F947-4BCF-836F-A609A601E064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"07105957-FEBE-4E02-88FB-A8DDAE67E8A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"E40B10B9-F8C3-4279-A9AC-2E25AEF46D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"C7D685CD-9CAD-42B5-B721-26203854F396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"269B2F72-56A3-4750-8665-7DE03DAE3DAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"C600291E-2EDC-4F61-9FC1-C2C34C20EA4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"C8D33E70-8A27-46A2-BB14-87181F8DA0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"F09CAEB7-4C1F-4B5B-9921-6DD06FF9EB9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"7E9F4E2A-E450-496C-B3E8-B0817BAD8817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"964CB4B7-1502-4E92-B7D2-D864C13E338B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"A9EFBC53-7C0B-408E-A745-0C83E9E38DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"18A70517-84A8-4866-9FE8-06D0608391E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"E504A879-B312-4E8F-ADF9-8C1623B023AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"9EE1449F-6F38-4677-9DB9-AF2D9A7C2AE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2BC5B994-25C4-4C00-8871-F3664878C83B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"4484C6ED-659F-47F5-BFE2-7E9794FA51C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"F4449121-125E-49D9-BF3E-2A6EA169B796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"C940817F-B265-4F42-AE19-DA2B49AC1D53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"099869F1-BC95-4828-A0F5-9BBADDC3F6F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"601B5811-B1B8-4FF0-984B-62F07366615A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"0D82DFCD-964E-406E-8329-E31A76FCFC64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"ED8B7E12-9139-4BCB-9A5A-C8B23A6F8628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"08F237B7-4C22-4A35-BC82-6B6E892B7EB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"0EC83F47-180C-481B-88A8-0E3C6654774C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"2A3EA15F-DEBB-44A2-8CEA-B137AE8089CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"428B70AC-35A2-4D4F-9670-43B601426DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"6314E670-88E8-4B09-9AF4-95E669A68A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"4486E929-E1A8-4731-BE7E-A8BCCE594ADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"D24437F8-2B3A-4A0D-8C6C-A8B9E90457DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"06843035-CE98-48C8-BCB1-02976D233077\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"B98060AC-32A2-4F5A-A490-3E23F883D5A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"9681965F-AD13-420C-8845-A544520042DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"C9D2A5F2-F91C-4DA3-9EB6-441D17A6AB9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"6F3F93E1-8BB2-40BD-B4A9-D4136B742F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"549B3ADB-BAEF-4E45-856C-4B07F9FBB12A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"941AD6CA-3F4E-43E5-AA68-95AB7C84F297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"4630E46A-817F-4238-989F-93C633A10058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"25D8E4A5-2AB6-42D4-B6D4-54484149BE75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"9BA9FF1F-8F8C-47DD-9E7B-8B48FB453A83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"D28343BD-5440-425E-AFEB-FC79EFB3C531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"F29E98F7-4768-48C8-9D1C-448006DF0FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"E8B3B4C6-4E76-4184-BE92-A6EF2B4CB8D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"1320F61E-A562-438E-A19D-90C816920B63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"35D28C45-8C74-4131-A2C5-1F1CE009BDED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"64D7B52D-46CA-4769-9631-9E3E45927003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"027F98AD-B508-4079-A1BD-EFDBDBA78331\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"D80A8C83-C8B1-4ADF-B45B-550E6BA45AEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"54EB831D-3D4C-4807-AF42-DFF7D9176773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"031A34D6-C522-4301-BE02-83D3BADC8C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:data_center:*:*:*\",\"matchCriteriaId\":\"109D37D3-3FC7-4443-974A-7D668ABE97D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:server:*:*:*\",\"matchCriteriaId\":\"30D20E35-0BAC-4D43-A619-10B6A4572CBB\"}]}]}],\"references\":[{\"url\":\"https://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/quartz-scheduler/quartz/issues/467\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221028-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.