Computer vulnerabilities of Oracle Communications

Eclipse Jetty: privilege escalation via Temporary Directory Race
An attacker can bypass restrictions via Temporary Directory Race of Eclipse Jetty, in order to escalate his privileges...
cpujan2021, CVE-2020-27216, NTAP-20201123-0005, VIGILANCE-VUL-33678

Spring Security: read-write access via Signature Wrapping
An attacker can bypass access restrictions via Signature Wrapping of Spring Security, in order to read or alter data...
cpujan2021, cpuoct2020, CVE-2020-5407, VIGILANCE-VUL-33643

Apache Camel: code execution via RabbitMQ Java Deserialization
An attacker can use a vulnerability via RabbitMQ Java Deserialization of Apache Camel, in order to run code...
cpuoct2020, CVE-2020-11972, VIGILANCE-VUL-33642

Apache Camel: information disclosure via JMX Rebind Flaw
An attacker can bypass access restrictions to data via JMX Rebind Flaw of Apache Camel, in order to obtain sensitive information...
cpuoct2020, CVE-2020-11971, VIGILANCE-VUL-33641

Apache Camel: code execution via Netty Java Deserialization
An attacker can use a vulnerability via Netty Java Deserialization of Apache Camel, in order to run code...
cpuoct2020, CVE-2020-11973, VIGILANCE-VUL-33640

Tika OneNote Parser: denial of service via System.exit
An attacker can trigger a fatal error via System.exit of Tika OneNote Parser, in order to trigger a denial of service...
cpuoct2020, CVE-2020-9489, VIGILANCE-VUL-33639

Spring Security: information disclosure via CBC Null Initialization Vector
An attacker can bypass access restrictions to data via CBC Null Initialization Vector of Spring Security, in order to obtain sensitive information...
6344075, 6367943, cpujan2021, cpuoct2020, CVE-2020-5408, VIGILANCE-VUL-33518

Terracotta Quartz Scheduler: external XML entity injection via initDocumentParser
An attacker can transmit malicious XML data via initDocumentParser() to Terracotta Quartz Scheduler, in order to read a file, scan sites, or trigger a denial of service...
6344075, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-13990, VIGILANCE-VUL-33516

Apache CXF: information disclosure via InstrumentationManager Extension Bus
An attacker can bypass access restrictions to data via InstrumentationManager Extension Bus of Apache CXF, in order to obtain sensitive information...
6344071, cpuoct2020, CVE-2020-1954, RHSA-2020:4244-01, RHSA-2020:4245-01, RHSA-2020:4246-01, RHSA-2020:4247-01, RHSA-2020:4929-01, RHSA-2020:4930-01, RHSA-2020:4931-01, RHSA-2020:4932-01, VIGILANCE-VUL-33515

Apache CXF: information disclosure via OpenId Connect JWK Keys
An attacker can bypass access restrictions to data via OpenId Connect JWK Keys of Apache CXF, in order to obtain sensitive information...
6344071, cpujul2020, cpuoct2020, CVE-2019-12423, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, VIGILANCE-VUL-33511

Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Communications:

https://www.oracle.com/industries/communications/