var-201704-1589
Vulnerability from variot

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. Apache Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Apache Log4j is a Java-based open source logging tool developed by the Apache Software Foundation. A code issue vulnerability exists in Apache Log4j 2.x versions prior to 2.8.2. An attacker could exploit this vulnerability to execute arbitrary code. Description:

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.

This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. (CVE-2017-5645)

  • A vulnerability was discovered in tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)

  • A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)

  • A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)

  • Solution:

Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). Bugs fixed (https://bugzilla.redhat.com/):

1441205 - CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used 1441223 - CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object 1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability 1459158 - CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism

  1. JIRA issues fixed (https://issues.jboss.org/):

JWS-657 - tomcat-native installs RHEL apr in addition to jbcs-httpd24-httpd-libs JWS-667 - Subject incorrectly removed from user session JWS-695 - tomcat7_t and tomcat8_t domains are in unconfined_domain JWS-709 - RPM missing selinux-policy dependency JWS-716 - Backport 60087 for Tomcat 8 JWS-717 - RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites JWS-721 - CORS filter Vary header missing JWS-725 - /usr/share/tomcat7 needs world execute permissions to function on openshift v2 JWS-741 - Configurations in conf.d are not applied JWS-760 - [ASF BZ 59961] Provide an option to enable/disable processing of Class-Path entry in a jar's manifest file

  1. (CVE-2017-7525)

Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.

The References section of this erratum contains a download link (you must log in to download the update). Description:

The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). (CVE-2017-5645)

  • A vulnerability was found in Jasypt that would allow an attacker to perform a timing attack on password hash comparison. (CVE-2014-9970)

  • It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644)

  • It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. (CVE-2017-2582)

  • It was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). JIRA issues fixed (https://issues.jboss.org/):

JBEAP-11487 - jboss-ec2-eap for EAP 7.0.8

  1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: rh-java-common-log4j security update Advisory ID: RHSA-2017:1417-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2017:1417 Issue date: 2017-06-08 CVE Names: CVE-2017-5645 =====================================================================

  1. Summary:

An update for rh-java-common-log4j is now available for Red Hat Software Collections.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch

  1. Description:

Log4j is a tool to help the programmer output log statements to a variety of output targets. (CVE-2017-5645)

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability

  1. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):

Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):

Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):

Source: rh-java-common-log4j-1.2.17-15.15.el6.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):

Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source: rh-java-common-log4j-1.2.17-15.15.el7.src.rpm

noarch: rh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm rh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2017-5645 https://access.redhat.com/security/updates/classification/#important

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFZOQMQXlSAg2UNWIIRAgwvAJ9zqVY6yvhkuO8Uqdtyu86+9P1VIgCgtBhf ceYEsokMPo3LCY/99DiysrI= =wZ5c -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201704-1589",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "jd edwards enterpriseone tools",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.4.7"
      },
      {
        "model": "bi publisher",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "log4j",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apache",
        "version": "2.0"
      },
      {
        "model": "enterprise linux server eus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.5"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "oncommand workflow automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "communications converged application server - service controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.1"
      },
      {
        "model": "in-memory performance-driven planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2"
      },
      {
        "model": "siebel ui framework",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.7"
      },
      {
        "model": "insurance rules palette",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.2"
      },
      {
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1"
      },
      {
        "model": "enterprise manager for peoplesoft",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2.1.1"
      },
      {
        "model": "financial services loan loss forecasting and provisioning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.5"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.5"
      },
      {
        "model": "retail integration bus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1.0"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.10"
      },
      {
        "model": "retail advanced inventory planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.0"
      },
      {
        "model": "insurance calculation engine",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.2.1"
      },
      {
        "model": "retail extract transform and load",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.8"
      },
      {
        "model": "bi publisher",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.1.7.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "model": "flexcube investor servicing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.0.4"
      },
      {
        "model": "communications webrtc session controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.1"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "model": "primavera gateway",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.12.7"
      },
      {
        "model": "snapcenter",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "insurance policy administration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.2"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.6"
      },
      {
        "model": "communications interactive session recorder",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.0"
      },
      {
        "model": "flexcube investor servicing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.3.0"
      },
      {
        "model": "retail integration bus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.0"
      },
      {
        "model": "jd edwards enterpriseone tools",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.1.0"
      },
      {
        "model": "communications messaging server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.2"
      },
      {
        "model": "communications pricing design center",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.0"
      },
      {
        "model": "bi publisher",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "financial services analytical applications infrastructure",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.3.3.0.0"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1"
      },
      {
        "model": "soa suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.3.0.0"
      },
      {
        "model": "in-memory performance-driven planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.4.7"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.6"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.8131"
      },
      {
        "model": "financial services lending and leasing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.5.0"
      },
      {
        "model": "flexcube investor servicing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.0.0"
      },
      {
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.0"
      },
      {
        "model": "communications online mediation controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.1"
      },
      {
        "model": "retail open commerce platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "5.3.0"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "instantis enterprisetrack",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.3"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "fusion middleware mapviewer",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.3"
      },
      {
        "model": "financial services loan loss forecasting and provisioning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.4"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.7"
      },
      {
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1.1.0.0"
      },
      {
        "model": "identity management suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.2.3.0"
      },
      {
        "model": "goldengate application adapters",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.3.2.1.1"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0.5"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.1"
      },
      {
        "model": "tape library acsls",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.4"
      },
      {
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.4.0"
      },
      {
        "model": "enterprise manager for oracle database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0.8"
      },
      {
        "model": "retail open commerce platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.0.1"
      },
      {
        "model": "communications network integrity",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.3.6"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "financial services behavior detection platform",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.0.0"
      },
      {
        "model": "enterprise linux server eus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "model": "enterprise manager for peoplesoft",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.1.1.1"
      },
      {
        "model": "financial services behavior detection platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.1.1"
      },
      {
        "model": "financial services analytical applications infrastructure",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.7.0.0"
      },
      {
        "model": "retail open commerce platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.0.0"
      },
      {
        "model": "primavera gateway",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.2.0"
      },
      {
        "model": "banking platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.6.0"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.4"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.6"
      },
      {
        "model": "siebel ui framework",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.9"
      },
      {
        "model": "financial services hedge management and ifrs valuations",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.5"
      },
      {
        "model": "jdeveloper",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.3.0.0"
      },
      {
        "model": "instantis enterprisetrack",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.1"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.3"
      },
      {
        "model": "application testing suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.3.0.1"
      },
      {
        "model": "financial services analytical applications infrastructure",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.0.0"
      },
      {
        "model": "autovue vuelink integration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "21.0.1"
      },
      {
        "model": "flexcube investor servicing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0"
      },
      {
        "model": "configuration manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.2.0.5"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.0"
      },
      {
        "model": "banking platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.6.1"
      },
      {
        "model": "insurance rules palette",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.1"
      },
      {
        "model": "retail extract transform and load",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "19.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.6"
      },
      {
        "model": "enterprise manager for oracle database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2.2"
      },
      {
        "model": "identity management suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.6"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.4"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0"
      },
      {
        "model": "retail advanced inventory planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "model": "flexcube investor servicing",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.4.0"
      },
      {
        "model": "communications instant messaging server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0.1.3.0"
      },
      {
        "model": "financial services hedge management and ifrs valuations",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.4"
      },
      {
        "model": "insurance policy administration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.1"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.4.7.4297"
      },
      {
        "model": "financial services lending and leasing",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.8.0"
      },
      {
        "model": "enterprise manager base platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2.0.0"
      },
      {
        "model": "insurance rules palette",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0"
      },
      {
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.3.0.0"
      },
      {
        "model": "identity manager connector",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.0"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.2"
      },
      {
        "model": "storage automation store",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "banking platform",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.6.2"
      },
      {
        "model": "financial services behavior detection platform",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.4.0.0"
      },
      {
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "model": "communications pricing design center",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1"
      },
      {
        "model": "soa suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "log4j",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apache",
        "version": "2.8.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.9"
      },
      {
        "model": "api gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.2.4.0"
      },
      {
        "model": "weblogic server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.3.6.0.0"
      },
      {
        "model": "insurance policy administration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.0"
      },
      {
        "model": "enterprise manager for mysql database",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2.2.0.0"
      },
      {
        "model": "primavera gateway",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "16.2.11"
      },
      {
        "model": "insurance calculation engine",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.1.1"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.0"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.7"
      },
      {
        "model": "rapid planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2"
      },
      {
        "model": "peoplesoft enterprise fin install",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "9.2"
      },
      {
        "model": "financial services lending and leasing",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.1.0"
      },
      {
        "model": "oncommand api services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "enterprise data quality",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.5"
      },
      {
        "model": "soa suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.2.0.0"
      },
      {
        "model": "primavera gateway",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "17.12.0"
      },
      {
        "model": "identity analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.1.5.8"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0"
      },
      {
        "model": "retail integration bus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "model": "autovue vuelink integration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "21.0.0"
      },
      {
        "model": "financial services profitability management",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.7.0.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.7"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.0.0"
      },
      {
        "model": "retail integration bus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.0.0"
      },
      {
        "model": "communications service broker",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.0"
      },
      {
        "model": "enterprise linux server eus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.6"
      },
      {
        "model": "timesten in-memory database",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.2.2.8.49"
      },
      {
        "model": "fuse",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "1.0"
      },
      {
        "model": "utilities work and asset management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "1.9.1.2.12"
      },
      {
        "model": "retail clearance optimization engine",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "14.0.5"
      },
      {
        "model": "siebel ui framework",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "18.8"
      },
      {
        "model": "enterprise manager for fusion middleware",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.0.5"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.4.0.0"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.5"
      },
      {
        "model": "retail service backbone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.10"
      },
      {
        "model": "retail extract transform and load",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.1"
      },
      {
        "model": "configuration manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1.2.0.2"
      },
      {
        "model": "utilities advanced spatial and operational analytics",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "2.7.0.1"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.8"
      },
      {
        "model": "financial services profitability management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.1.1"
      },
      {
        "model": "rapid planning",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.1"
      },
      {
        "model": "communications interactive session recorder",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "6.2"
      },
      {
        "model": "policy automation connector for siebel",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10.4.6"
      },
      {
        "model": "insurance rules palette",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.0"
      },
      {
        "model": "jdeveloper",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.1.9.0"
      },
      {
        "model": "policy automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.9"
      },
      {
        "model": "financial services profitability management",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.0.0"
      },
      {
        "model": "financial services regulatory reporting with agilereporter",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.9.2.0"
      },
      {
        "model": "enterprise manager for fusion middleware",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2.0.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.0"
      },
      {
        "model": "service level manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "insurance rules palette",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1"
      },
      {
        "model": "jdeveloper",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3.0"
      },
      {
        "model": "financial services analytical applications infrastructure",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.3.3.0.2"
      },
      {
        "model": "goldengate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.3.2.1.1"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0.0.0"
      },
      {
        "model": "bi publisher",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.1.1.9.0"
      },
      {
        "model": "retail predictive application server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "15.0.3"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "4.0.4.5235"
      },
      {
        "model": "communications network integrity",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "7.3.2"
      },
      {
        "model": "policy automation for mobile devices",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1"
      },
      {
        "model": "oncommand insight",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "insurance policy administration",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.0"
      },
      {
        "model": "fusion middleware mapviewer",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "12.2.1.3"
      },
      {
        "model": "retail extract transform and load",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.0"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "endeca information discovery studio",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "3.2.0"
      },
      {
        "model": "log4j",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apache",
        "version": "2.8.2"
      },
      {
        "model": "log4j",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apache",
        "version": "2.x"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.8.2",
                "versionStartIncluding": "2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "13.2.2.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.0.8131",
                "versionStartIncluding": "8.0.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.4.5235",
                "versionStartIncluding": "4.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.4.7.4297",
                "versionStartIncluding": "3.4.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.7.0.0",
                "versionStartIncluding": "8.0.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.4.0.0",
                "versionStartIncluding": "8.0.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0.7.0.0",
                "versionStartIncluding": "8.0.0.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.3.3.0.2",
                "versionStartIncluding": "7.3.3.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.3",
                "versionStartIncluding": "17.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16.2.11",
                "versionStartIncluding": "16.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.8.0",
                "versionStartIncluding": "14.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_network_integrity:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.3.6",
                "versionStartIncluding": "7.3.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12.7",
                "versionStartIncluding": "17.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.2",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2017-5645",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2017-5645",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-113848",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-5645",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-5645",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113848",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. Apache Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Apache Log4j is a Java-based open source logging tool developed by the Apache Software Foundation. A code issue vulnerability exists in Apache Log4j 2.x versions prior to 2.8.2. An attacker could exploit this vulnerability to execute arbitrary code. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a\nreplacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which\nare documented in the Release Notes document linked to in the References. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests\nwhen \"Sendfile\" was used. If sendfile processing completed quickly, it was\npossible for the Processor to be added to the processor cache twice. This\ncould lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s\nDefaultServlet implementation. A crafted HTTP request could cause undesired\nside effects, possibly including the removal or replacement of the custom\nerror page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted\napplication under a SecurityManager it was possible, under some\ncircumstances, for that application to retain references to the request or\nresponse objects and thereby access and/or modify information associated\nwith another web application. (CVE-2017-5648)\n\n4. Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). Bugs fixed (https://bugzilla.redhat.com/):\n\n1441205 - CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used\n1441223 - CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n1459158 - CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJWS-657 - tomcat-native installs RHEL apr in addition to jbcs-httpd24-httpd-libs\nJWS-667 - Subject incorrectly removed from user session\nJWS-695 - tomcat7_t and tomcat8_t domains are in unconfined_domain\nJWS-709 - RPM missing selinux-policy dependency\nJWS-716 - Backport 60087 for Tomcat 8\nJWS-717 - RFC 7230/3986 url requirement that prevents unencoded curly braces should be optional, since it breaks existing sites\nJWS-721 - CORS filter Vary header missing\nJWS-725 - /usr/share/tomcat7 needs world execute permissions to function on openshift v2\nJWS-741 - Configurations in conf.d are not applied\nJWS-760 - [ASF BZ 59961] Provide an option to enable/disable processing of Class-Path entry in a jar\u0027s manifest file\n\n7. \n(CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting\nCVE-2017-7525. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Description:\n\nThe eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss\nEnterprise Application Platform running on the Amazon Web Services (AWS)\nElastic Compute Cloud (EC2). (CVE-2017-5645)\n\n* A vulnerability was found in Jasypt that would allow an attacker to\nperform a timing attack on password hash comparison. (CVE-2014-9970)\n\n* It was found that an information disclosure flaw in Bouncy Castle could\nenable a local malicious application to gain access to user\u0027s private\ninformation. (CVE-2015-6644)\n\n* It was found that while parsing the SAML messages the StaxParserUtil\nclass of Picketlink replaces special strings for obtaining attribute values\nwith system property. This could allow an attacker to determine values of\nsystem properties at the attacked system by formatting the SAML request ID\nfield to be the chosen system property which could be obtained in the\n\"InResponseTo\" field in the response. (CVE-2017-2582)\n\n* It was found that when the security manager\u0027s reflective permissions,\nwhich allows it to access the private members of the class, are granted to\nHibernate Validator, a potential privilege escalation can occur. By\nallowing the calling code to access those private members without the\npermission an attacker may be able to validate an invalid instance and\naccess the private member value via ConstraintViolation#getInvalidValue(). JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-11487 - jboss-ec2-eap for EAP 7.0.8\n\n7. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: rh-java-common-log4j security update\nAdvisory ID:       RHSA-2017:1417-01\nProduct:           Red Hat Software Collections\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:1417\nIssue date:        2017-06-08\nCVE Names:         CVE-2017-5645 \n=====================================================================\n\n1. Summary:\n\nAn update for rh-java-common-log4j is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch\n\n3. Description:\n\nLog4j is a tool to help the programmer output log statements to a variety\nof output targets. (CVE-2017-5645)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1443635 - CVE-2017-5645 log4j: Socket receiver deserialization vulnerability\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el6.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el6.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el6.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-java-common-log4j-1.2.17-15.15.el7.src.rpm\n\nnoarch:\nrh-java-common-log4j-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-javadoc-1.2.17-15.15.el7.noarch.rpm\nrh-java-common-log4j-manual-1.2.17-15.15.el7.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-5645\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZOQMQXlSAg2UNWIIRAgwvAJ9zqVY6yvhkuO8Uqdtyu86+9P1VIgCgtBhf\nceYEsokMPo3LCY/99DiysrI=\n=wZ5c\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5645",
        "trust": 2.7
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2019/12/19/2",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1041294",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1040200",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "97702",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "143500",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144014",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144013",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144017",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "143499",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144019",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "142856",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145263",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144018",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "143670",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144597",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144596",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145262",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-852",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-92965",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-113848",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144359",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "id": "VAR-201704-1589",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T21:55:11.835000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LOG4J2-1863",
        "trust": 0.8,
        "url": "https://issues.apache.org/jira/browse/log4j2-1863"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-502",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5645"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:1417"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:1801"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2633"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2635"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2636"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2638"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2811"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/97702"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
      },
      {
        "trust": 1.1,
        "url": "https://issues.apache.org/jira/browse/log4j2-1863"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:1802"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2423"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2637"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2808"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2809"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2810"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2888"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:2889"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:3244"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:3399"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2017:3400"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2019:1545"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1040200"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1041294"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3cannounce.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3ccommits.druid.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3cissues.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3cissues.bookkeeper.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3ccommits.logging.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3ccommits.doris.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3cissues.geode.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5645"
      },
      {
        "trust": 0.8,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2017-5645"
      },
      {
        "trust": 0.8,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2017-5664"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5664"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2017-7525"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "trust": 0.2,
        "url": "https://issues.jboss.org/):"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2017-5647"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5647"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5648"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2017-5648"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3cissues.activemq.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3cannounce.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3cgithub.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3cissues.beam.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3cissues.bookkeeper.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3ccommits.doris.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3ccommits.druid.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3cissues.geode.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3ccommits.logging.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3cdev.logging.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3cdev.tika.apache.org%3e"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/3/html-single/3.1_release_notes/index.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=securitypatches\u0026version=3.1"
      },
      {
        "trust": 0.1,
        "url": "https://rhn.redhat.com/errata/rhsa-2017-1802.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/solutions/2435491"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-7536"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2015-6644"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7536"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9970"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6644"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2014-9970"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2582"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-2582"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-04-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "date": "2017-05-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "date": "2017-07-25T23:14:47",
        "db": "PACKETSTORM",
        "id": "143499"
      },
      {
        "date": "2017-09-05T23:44:00",
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "date": "2017-09-06T04:16:42",
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "date": "2017-09-05T23:23:00",
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "date": "2017-07-25T23:15:33",
        "db": "PACKETSTORM",
        "id": "143500"
      },
      {
        "date": "2017-09-06T04:16:30",
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "date": "2017-09-27T06:16:15",
        "db": "PACKETSTORM",
        "id": "144359"
      },
      {
        "date": "2017-06-08T14:39:46",
        "db": "PACKETSTORM",
        "id": "142856"
      },
      {
        "date": "2017-04-17T21:59:00.373000",
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113848"
      },
      {
        "date": "2017-05-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      },
      {
        "date": "2023-11-07T02:49:28.583000",
        "db": "NVD",
        "id": "CVE-2017-5645"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      }
    ],
    "trust": 0.5
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apache Log4j Vulnerable to unreliable data deserialization",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003152"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "arbitrary",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144019"
      },
      {
        "db": "PACKETSTORM",
        "id": "144013"
      },
      {
        "db": "PACKETSTORM",
        "id": "144017"
      },
      {
        "db": "PACKETSTORM",
        "id": "142856"
      }
    ],
    "trust": 0.5
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.