Communications_cloud_native_core_policy - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Communications_cloud_native_core_policy
(Oracle)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	125

Date	Id	Summary	Products	Score	Patch	Annotated
2022-01-27	CVE-2022-23181	The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.	Tomcat, Debian_linux, Agile_engineering_data_management, Communications_cloud_native_core_policy, Financial_services_crime_and_compliance_management_studio, Managed_file_transfer, Mysql_enterprise_monitor	7.0
2021-07-12	CVE-2021-30640	A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.	Tomcat, Debian_linux, Communications_cloud_native_core_policy, Communications_diameter_signaling_router, Communications_pricing_design_center, Hospitality_cruise_shipboard_property_management_system, Tekelec_platform_distribution	6.5
2021-05-27	CVE-2021-22118	In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.	Hci, Management_services_for_element_software, Commerce_guided_search, Communications_brm_\-_elastic_charging_engine, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_policy, Communications_cloud_native_core_security_edge_protection_proxy, Communications_cloud_native_core_service_communication_proxy, Communications_cloud_native_core_unified_data_repository, Communications_diameter_intelligence_hub, Communications_element_manager, Communications_interactive_session_recorder, Communications_network_integrity, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Documaker, Enterprise_data_quality, Financial_services_analytical_applications_infrastructure, Healthcare_data_repository, Insurance_policy_administration, Insurance_rules_palette, Mysql_enterprise_monitor, Retail_assortment_planning, Retail_customer_management_and_segmentation_foundation, Retail_financial_integration, Retail_integration_bus, Retail_merchandising_system, Retail_order_broker, Retail_predictive_application_server, Utilities_testing_accelerator, Spring_framework	7.8
2021-12-18	CVE-2021-45105	Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.	Log4j, Debian_linux, Cloud_manager, Agile_engineering_data_management, Agile_plm, Agile_plm_mcad_connector, Autovue_for_agile_product_lifecycle_management, Banking_deposits_and_lines_of_credit_servicing, Banking_enterprise_default_management, Banking_loans_servicing, Banking_party_management, Banking_payments, Banking_platform, Banking_trade_finance, Banking_treasury_management, Business_intelligence, Communications_asap, Communications_billing_and_revenue_management, Communications_cloud_native_core_console, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_cloud_native_core_network_repository_function, Communications_cloud_native_core_network_slice_selection_function, Communications_cloud_native_core_policy, Communications_cloud_native_core_security_edge_protection_proxy, Communications_cloud_native_core_service_communication_proxy, Communications_cloud_native_core_unified_data_repository, Communications_convergence, Communications_convergent_charging_controller, Communications_diameter_signaling_router, Communications_eagle_element_management_system, Communications_eagle_ftp_table_base_retrieval, Communications_element_manager, Communications_evolved_communications_application_server, Communications_interactive_session_recorder, Communications_ip_service_activator, Communications_messaging_server, Communications_network_charging_and_control, Communications_network_integrity, Communications_performance_intelligence_center, Communications_pricing_design_center, Communications_service_broker, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Communications_user_data_repository, Communications_webrtc_session_controller, Data_integrator, E\-Business_suite, Enterprise_manager_base_platform, Enterprise_manager_for_peoplesoft, Enterprise_manager_ops_center, Financial_services_analytical_applications_infrastructure, Financial_services_model_management_and_governance, Flexcube_universal_banking, Health_sciences_empirica_signal, Health_sciences_inform, Health_sciences_information_manager, Healthcare_data_repository, Healthcare_foundation, Healthcare_master_person_index, Healthcare_translational_research, Hospitality_suite8, Hospitality_token_proxy_service, Hyperion_bi\+, Hyperion_data_relationship_management, Hyperion_infrastructure_technology, Hyperion_planning, Hyperion_profitability_and_cost_management, Hyperion_tax_provision, Identity_management_suite, Identity_manager_connector, Instantis_enterprisetrack, Insurance_data_gateway, Insurance_insbridge_rating_and_underwriting, Jdeveloper, Managed_file_transfer, Management_cloud_engine, Mysql_enterprise_monitor, Payment_interface, Peoplesoft_enterprise_peopletools, Primavera_gateway, Primavera_p6_enterprise_project_portfolio_management, Primavera_unifier, Retail_back_office, Retail_central_office, Retail_customer_insights, Retail_data_extractor_for_merchandising, Retail_eftlink, Retail_financial_integration, Retail_integration_bus, Retail_invoice_matching, Retail_merchandising_system, Retail_order_broker, Retail_order_management_system, Retail_point\-Of\-Service, Retail_predictive_application_server, Retail_price_management, Retail_returns_management, Retail_service_backbone, Retail_store_inventory_management, Siebel_ui_framework, Sql_developer, Taleo_platform, Utilities_framework, Webcenter_portal, Webcenter_sites, Weblogic_server, 6bk1602\-0aa12\-0tp0_firmware, 6bk1602\-0aa22\-0tp0_firmware, 6bk1602\-0aa32\-0tp0_firmware, 6bk1602\-0aa42\-0tp0_firmware, 6bk1602\-0aa52\-0tp0_firmware, Email_security, Network_security_manager, Web_application_firewall	5.9
2021-11-10	CVE-2021-3572	A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.	Agile_plm, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_cloud_native_core_policy, Pip	5.7
2021-02-15	CVE-2020-28500	Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.	Lodash, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_trade_finance_process_management, Communications_cloud_native_core_policy, Communications_design_studio, Communications_services_gatekeeper, Communications_session_border_controller, Enterprise_communications_broker, Financial_services_crime_and_compliance_management_studio, Health_sciences_data_management_workbench, Jd_edwards_enterpriseone_tools, Peoplesoft_enterprise_peopletools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Sinec_ins	5.3
2021-02-15	CVE-2021-23337	Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.	Lodash, Active_iq_unified_manager, Cloud_manager, System_manager, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_trade_finance_process_management, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_policy, Communications_design_studio, Communications_services_gatekeeper, Communications_session_border_controller, Enterprise_communications_broker, Financial_services_crime_and_compliance_management_studio, Health_sciences_data_management_workbench, Jd_edwards_enterpriseone_tools, Peoplesoft_enterprise_peopletools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Sinec_ins	7.2
2020-12-17	CVE-2020-35490	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.	Debian_linux, Jackson\-Databind, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_platform, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_diameter_signaling_router, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_interactive_session_recorder, Communications_offline_mediation_controller, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Documaker, Insurance_policy_administration_j2ee, Retail_merchandising_system, Retail_xstore_point_of_service, Webcenter_portal	8.1
2020-12-17	CVE-2020-35491	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.	Debian_linux, Jackson\-Databind, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_platform, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_diameter_signaling_route, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_offline_mediation_controller, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Documaker, Insurance_policy_administration_j2ee, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_xstore_point_of_service, Sd\-Wan_edge, Webcenter_portal	8.1
2022-03-11	CVE-2022-0002	Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.	Atom_c3308, Atom_c3336, Atom_c3338, Atom_c3338r, Atom_c3436l, Atom_c3508, Atom_c3538, Atom_c3558, Atom_c3558r, Atom_c3558rc, Atom_c3708, Atom_c3750, Atom_c3758, Atom_c3758r, Atom_c3808, Atom_c3830, Atom_c3850, Atom_c3858, Atom_c3950, Atom_c3955, Atom_c3958, Atom_p5921b, Atom_p5931b, Atom_p5942b, Atom_p5962b, Atom_x5\-A3930, Atom_x5\-A3940, Atom_x5\-A3950, Atom_x5\-A3960, Atom_x5\-E3930, Atom_x5\-E3940, Atom_x5\-Z8300, Atom_x5\-Z8330, Atom_x5\-Z8350, Atom_x5\-Z8500, Atom_x5\-Z8550, Atom_x6200fe, Atom_x6211e, Atom_x6212re, Atom_x6413e, Atom_x6425e, Atom_x6425re, Atom_x6427fe, Atom_x7\-E3950, Atom_x7\-Z8700, Atom_x7\-Z8750, Celeron_5305u, Celeron_6305, Celeron_6305e, Celeron_6600he, Celeron_g5205u, Celeron_g5305u, Celeron_g5900, Celeron_g5900t, Celeron_g5905, Celeron_g5905t, Celeron_g5920, Celeron_g5925, Celeron_g6900, Celeron_g6900t, Celeron_j3355, Celeron_j3355e, Celeron_j3455, Celeron_j3455e, Celeron_j4005, Celeron_j4025, Celeron_j4105, Celeron_j4125, Celeron_j6413, Celeron_n3350, Celeron_n3350e, Celeron_n3450, Celeron_n4000, Celeron_n4020, Celeron_n4100, Celeron_n4120, Celeron_n4500, Celeron_n4504, Celeron_n5100, Celeron_n5105, Celeron_n6211, Core_i3\-1000g1, Core_i3\-1000g4, Core_i3\-1005g1, Core_i3\-10100, Core_i3\-10100f, Core_i3\-10100t, Core_i3\-10100te, Core_i3\-10105, Core_i3\-10105f, Core_i3\-10105t, Core_i3\-10110u, Core_i3\-10300, Core_i3\-10300t, Core_i3\-10305, Core_i3\-10305t, Core_i3\-10320, Core_i3\-10325, Core_i3\-11100he, Core_i3\-1110g4, Core_i3\-1115g4, Core_i3\-1115g4e, Core_i3\-1115gre, Core_i3\-1120g4, Core_i3\-1125g4, Core_i3\-12100, Core_i3\-12100f, Core_i3\-12100t, Core_i3\-1220p, Core_i3\-12300, Core_i3\-12300t, Core_i3\-L13g4, Core_i5\-10110y, Core_i5\-10200h, Core_i5\-10210u, Core_i5\-10210y, Core_i5\-10300h, Core_i5\-1030g4, Core_i5\-1030g7, Core_i5\-10310y, Core_i5\-1035g1, Core_i5\-1035g4, Core_i5\-1035g7, Core_i5\-10400, Core_i5\-10400f, Core_i5\-10400h, Core_i5\-10400t, Core_i5\-10500, Core_i5\-10500t, Core_i5\-10500te, Core_i5\-10505, Core_i5\-10600, Core_i5\-10600k, Core_i5\-10600kf, Core_i5\-10600t, Core_i5\-11260h, Core_i5\-11300h, Core_i5\-1130g7, Core_i5\-11320h, Core_i5\-1135g7, Core_i5\-11400, Core_i5\-11400f, Core_i5\-11400h, Core_i5\-11400t, Core_i5\-1140g7, Core_i5\-1145g7, Core_i5\-1145g7e, Core_i5\-1145gre, Core_i5\-11500, Core_i5\-11500h, Core_i5\-11500t, Core_i5\-1155g7, Core_i5\-11600, Core_i5\-11600k, Core_i5\-11600kf, Core_i5\-11600t, Core_i5\-12400, Core_i5\-12400f, Core_i5\-12400t, Core_i5\-1240p, Core_i5\-12450h, Core_i5\-12500, Core_i5\-12500h, Core_i5\-12500t, Core_i5\-1250p, Core_i5\-12600, Core_i5\-12600h, Core_i5\-12600k, Core_i5\-12600kf, Core_i5\-12600t, Core_i5\-8200y, Core_i5\-8210y, Core_i5\-8265u, Core_i5\-8310y, Core_i5\-8365u, Core_i5\-9300h, Core_i5\-9400, Core_i5\-9400f, Core_i5\-9400h, Core_i5\-9600k, Core_i5\-9600kf, Core_i5\-L16g7, Core_i7\-10510u, Core_i7\-10510y, Core_i7\-1060g7, Core_i7\-10610u, Core_i7\-1065g7, Core_i7\-10700, Core_i7\-10700e, Core_i7\-10700f, Core_i7\-10700k, Core_i7\-10700kf, Core_i7\-10700t, Core_i7\-10700te, Core_i7\-10710u, Core_i7\-10750h, Core_i7\-10810u, Core_i7\-10850h, Core_i7\-10870h, Core_i7\-10875h, Core_i7\-11370h, Core_i7\-11375h, Core_i7\-11390h, Core_i7\-1160g7, Core_i7\-1165g7, Core_i7\-11700, Core_i7\-11700f, Core_i7\-11700k, Core_i7\-11700kf, Core_i7\-11700t, Core_i7\-11800h, Core_i7\-1180g7, Core_i7\-11850h, Core_i7\-11850he, Core_i7\-1185g7, Core_i7\-1185g7e, Core_i7\-1185gre, Core_i7\-1195g7, Core_i7\-1260p, Core_i7\-12650h, Core_i7\-12700, Core_i7\-12700f, Core_i7\-12700h, Core_i7\-12700k, Core_i7\-12700kf, Core_i7\-12700t, Core_i7\-1270p, Core_i7\-12800h, Core_i7\-1280p, Core_i7\-7640x, Core_i7\-7740x, Core_i7\-7800x, Core_i7\-7820x, Core_i7\-8500y, Core_i7\-8565u, Core_i7\-8665u, Core_i7\-9700k, Core_i7\-9700kf, Core_i7\-9750hf, Core_i7\-9850h, Core_i9\-10850h, Core_i9\-10850k, Core_i9\-10885h, Core_i9\-10900, Core_i9\-10900e, Core_i9\-10900f, Core_i9\-10900k, Core_i9\-10900kf, Core_i9\-10900t, Core_i9\-10900te, Core_i9\-10900x, Core_i9\-10920x, Core_i9\-10940x, Core_i9\-10980hk, Core_i9\-11900, Core_i9\-11900f, Core_i9\-11900h, Core_i9\-11900k, Core_i9\-11900kf, Core_i9\-11900t, Core_i9\-11950h, Core_i9\-11980hk, Core_i9\-12900, Core_i9\-12900f, Core_i9\-12900h, Core_i9\-12900hk, Core_i9\-12900k, Core_i9\-12900kf, Core_i9\-12900t, Core_i9\-7900x, Core_i9\-7920x, Core_i9\-7940x, Core_i9\-7960x, Core_i9\-9800x, Core_i9\-9820x, Core_i9\-9880h, Core_i9\-9900k, Core_i9\-9900kf, Core_i9\-9900x, Core_i9\-9920x, Core_i9\-9940x, Core_i9\-9960x, Core_i9\-9980hk, Core_m3\-8100y, Pentium_gold_7505, Pentium_gold_g6400, Pentium_gold_g6400t, Pentium_gold_g6405, Pentium_gold_g6405t, Pentium_gold_g6405u, Pentium_gold_g6500, Pentium_gold_g6500t, Pentium_gold_g6505, Pentium_gold_g6505t, Pentium_gold_g6600, Pentium_gold_g6605, Pentium_gold_g7400, Pentium_gold_g7400t, Pentium_j4205, Pentium_j6425, Pentium_n4200, Pentium_n4200e, Pentium_n6415, Pentium_silver_j5005, Pentium_silver_j5040, Pentium_silver_n5000, Pentium_silver_n5030, Pentium_silver_n6000, Pentium_silver_n6005, Puma_7, Xeon_bronze_3204, Xeon_bronze_3206r, Xeon_d1700, Xeon_d2700, Xeon_e\-2278g, Xeon_e\-2278ge, Xeon_e\-2278gel, Xeon_e\-2286m, Xeon_e\-2288g, Xeon_e\-2314, Xeon_e\-2324g, Xeon_e\-2334, Xeon_e\-2336, Xeon_e\-2356g, Xeon_e\-2374g, Xeon_e\-2378, Xeon_e\-2378g, Xeon_e\-2386g, Xeon_e\-2388g, Xeon_gold_5215, Xeon_gold_5215l, Xeon_gold_5217, Xeon_gold_5218, Xeon_gold_5218b, Xeon_gold_5218n, Xeon_gold_5218r, Xeon_gold_5218t, Xeon_gold_5220, Xeon_gold_5220r, Xeon_gold_5220s, Xeon_gold_5220t, Xeon_gold_5222, Xeon_gold_5315y, Xeon_gold_5317, Xeon_gold_5318h, Xeon_gold_5318n, Xeon_gold_5318s, Xeon_gold_5318y, Xeon_gold_5320, Xeon_gold_5320h, Xeon_gold_5320t, Xeon_gold_6208u, Xeon_gold_6209u, Xeon_gold_6210u, Xeon_gold_6212u, Xeon_gold_6222v, Xeon_gold_6226, Xeon_gold_6226r, Xeon_gold_6230, Xeon_gold_6230n, Xeon_gold_6230r, Xeon_gold_6230t, Xeon_gold_6234, Xeon_gold_6238, Xeon_gold_6238l, Xeon_gold_6238r, Xeon_gold_6238t, Xeon_gold_6240, Xeon_gold_6240l, Xeon_gold_6240r, Xeon_gold_6240y, Xeon_gold_6242, Xeon_gold_6242r, Xeon_gold_6244, Xeon_gold_6246, Xeon_gold_6246r, Xeon_gold_6248, Xeon_gold_6248r, Xeon_gold_6250, Xeon_gold_6250l, Xeon_gold_6252, Xeon_gold_6252n, Xeon_gold_6254, Xeon_gold_6256, Xeon_gold_6258r, Xeon_gold_6262v, Xeon_gold_6312u, Xeon_gold_6314u, Xeon_gold_6326, Xeon_gold_6328h, Xeon_gold_6328hl, Xeon_gold_6330, Xeon_gold_6330h, Xeon_gold_6330n, Xeon_gold_6334, Xeon_gold_6336y, Xeon_gold_6338, Xeon_gold_6338n, Xeon_gold_6338t, Xeon_gold_6342, Xeon_gold_6346, Xeon_gold_6348, Xeon_gold_6348h, Xeon_gold_6354, Xeon_platinum_8253, Xeon_platinum_8256, Xeon_platinum_8260, Xeon_platinum_8260l, Xeon_platinum_8260y, Xeon_platinum_8268, Xeon_platinum_8270, Xeon_platinum_8276, Xeon_platinum_8276l, Xeon_platinum_8280, Xeon_platinum_8280l, Xeon_platinum_8351n, Xeon_platinum_8352m, Xeon_platinum_8352s, Xeon_platinum_8352v, Xeon_platinum_8352y, Xeon_platinum_8353h, Xeon_platinum_8354h, Xeon_platinum_8356h, Xeon_platinum_8358, Xeon_platinum_8358p, Xeon_platinum_8360h, Xeon_platinum_8360hl, Xeon_platinum_8360y, Xeon_platinum_8362, Xeon_platinum_8368, Xeon_platinum_8368q, Xeon_platinum_8376h, Xeon_platinum_8376hl, Xeon_platinum_8380, Xeon_platinum_8380h, Xeon_platinum_8380hl, Xeon_platinum_9221, Xeon_platinum_9222, Xeon_platinum_9242, Xeon_platinum_9282, Xeon_silver_4208, Xeon_silver_4209t, Xeon_silver_4210, Xeon_silver_4210r, Xeon_silver_4210t, Xeon_silver_4214, Xeon_silver_4214r, Xeon_silver_4214y, Xeon_silver_4215, Xeon_silver_4215r, Xeon_silver_4216, Xeon_silver_4309y, Xeon_silver_4310, Xeon_silver_4310t, Xeon_silver_4314, Xeon_silver_4316, Xeon_w\-10855, Xeon_w\-10855m, Xeon_w\-10885m, Xeon_w\-11155mle, Xeon_w\-11155mre, Xeon_w\-11555mle, Xeon_w\-11555mre, Xeon_w\-11855m, Xeon_w\-11865mld, Xeon_w\-11865mre, Xeon_w\-11955m, Xeon_w\-1250, Xeon_w\-1250p, Xeon_w\-1270, Xeon_w\-1270p, Xeon_w\-1290, Xeon_w\-1290e, Xeon_w\-1290p, Xeon_w\-1290t, Xeon_w\-1290te, Xeon_w\-1300, Xeon_w\-1350, Xeon_w\-1350p, Xeon_w\-1370, Xeon_w\-1370p, Xeon_w\-1390, Xeon_w\-1390p, Xeon_w\-1390t, Xeon_w\-2223, Xeon_w\-2225, Xeon_w\-2235, Xeon_w\-2245, Xeon_w\-2255, Xeon_w\-2265, Xeon_w\-2275, Xeon_w\-2295, Xeon_w\-3223, Xeon_w\-3225, Xeon_w\-3235, Xeon_w\-3245, Xeon_w\-3245m, Xeon_w\-3265, Xeon_w\-3265m, Xeon_w\-3275, Xeon_w\-3275m, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy	6.5