Overview
- Description
- When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
- Source
- security@apache.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Known exploits
Data from CISA
- Vulnerability name
- Apache Tomcat Remote Code Execution Vulnerability
- Exploit added on
- Mar 25, 2022
- Exploit action due
- Apr 15, 2022
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- CWE-434
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7286E06-DA84-401D-8FB8-DEEF6A171C88",
"versionEndExcluding": "7.0.82",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C385FE9-F78C-49BC-AE87-5FE1A9BD7ED3",
"versionEndExcluding": "8.0.47",
"versionStartIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF72650E-5826-4ABB-9B7D-43C96DB3B9B7",
"versionEndExcluding": "8.5.23",
"versionStartIncluding": "8.5.0"
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "817D7E47-947E-4A2F-A8AB-1302D5DF6684",
"versionEndExcluding": "9.0.1",
"versionStartIncluding": "9.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D14ABF04-E460-4911-9C6C-B7BCEFE68E9D"
},
{
"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCF62B0C-A8BD-40E6-9E4E-E684F4E87ACD"
},
{
"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED43772F-D280-42F6-A292-7198284D6FE7"
},
{
"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"
},
{
"criteria": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "622B95F1-8FA4-4AA6-9B68-5FE4302BA150"
},
{
"criteria": "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B65CD29-C729-42AC-925E-014BA19581E2"
},
{
"criteria": "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E856B4A-6AE7-4317-921A-35B4D2048652"
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "815E0C5E-00DF-4AD2-AE97-A752B3DC1631"
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C3CFCCE-A8D4-4B78-9C37-88238580B5DA",
"versionEndIncluding": "7.3.5.3.0",
"versionStartIncluding": "7.3.3.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9380A86A-7A58-477F-A697-B6692E18B4B9",
"versionEndIncluding": "8.0.9.0.0",
"versionStartIncluding": "8.0.0.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "657387A7-DFD9-4CDC-968A-3F3970FDE224"
},
{
"criteria": "cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C5E9A12-BFE9-4963-A360-A34168A6BF6A"
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26CD44C0-F9DD-46F0-A4C1-2C2639217B4D"
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A3DC116-2844-47A1-BEC2-D0675DD97148"
},
{
"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94"
},
{
"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4"
},
{
"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4"
},
{
"criteria": "cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:*",
"vulnerable": true,
"matchCriteriaId": "5EB9E1EA-E136-4B09-9BBB-D7D48D993349"
},
{
"criteria": "cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98EE20FD-3D21-4E23-95B8-7BD13816EB95"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78933DD0-F774-4E60-BC66-D5A57919717A"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8ECA7A7E-8177-4FD4-B9B9-F4B1B6F43F98"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73C9A2AD-F384-44D5-AB33-86B7250760A5"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEB4EB87-5ABB-437D-BDAC-FB64F33929FA"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA3F5761-E2A0-4F67-BAE1-503877676BF3"
},
{
"criteria": "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1E3C86B-4483-430A-856D-7EAB7D388D2E"
},
{
"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF9C223C-BC90-4253-A009-53DEDEE9C1CC",
"versionEndIncluding": "3.3.6.3293"
},
{
"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52886BA2-204E-4F0E-B22F-CE5FDFCC98B5",
"versionEndIncluding": "3.4.4.4226",
"versionStartIncluding": "3.4.0"
},
{
"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6470AB3F-ADE2-4BA2-A6B9-E094C927CC77",
"versionEndIncluding": "4.0.0.5135",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8193A06-3F6B-4F5A-AA58-B1B0AB3A87A3"
},
{
"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE65A212-7385-4973-A9C8-FB9C2F9F745F"
},
{
"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56239DBD-E294-44A4-9DD3-CEEC58C1BC0C"
},
{
"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "517E0654-F1DE-43C4-90B5-FB90CA31734B"
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB363B97-8D71-4FC5-AF88-B6A0040E3D04"
},
{
"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92978070-A3FD-45E7-8A19-C6324116416B"
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74D44D74-4402-4569-B335-AFB5F80424ED"
},
{
"criteria": "cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ABB11E1-AD2A-47AA-A5AA-49D94B50CEC3"
},
{
"criteria": "cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA5B8931-D3B4-46A9-B1A0-9A6BBA365FC8"
},
{
"criteria": "cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD00C4A5-D05A-4C64-A50C-B8CE182FFB5E"
},
{
"criteria": "cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25AC9F0D-4476-41AC-A7AB-5DE52135D8D7"
},
{
"criteria": "cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4DF6FE2-35CB-43AB-95F4-40C909DEC69F"
},
{
"criteria": "cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5DCCBA87-C934-4B94-A5F2-B459FF9CBEC6"
},
{
"criteria": "cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D962EF0-D6E1-4B1F-9F50-0E30C3B5CF4A"
},
{
"criteria": "cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B3935CB-58D4-49A4-B3D4-D0DA0CD12F38"
},
{
"criteria": "cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "269BCEDB-57A1-4611-A009-29791E0EF9A4"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51D1FAEE-65FD-47EB-9F4D-505C72000F3A"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C45FF05-FB76-4782-891E-F4A8A4871A22"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C03ED7B-3826-4D6D-89C5-61DE12E27213"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8893CB1D-F18C-404D-BC06-CA2617BFAE58"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42227DD8-6671-4B38-9E42-4ACF78F09C97"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69962BD9-A102-4621-9461-018E87261657"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "788F2530-F011-4489-8029-B3468BAF7787"
},
{
"criteria": "cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D939BB4-9D34-43A4-A19C-1CC90DB748FD"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4E864D4-96C0-4FD5-993F-7E2472893FF6"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAA4DF85-9225-4422-BF10-D7DAE7DCE007"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77C2A2A4-285B-40A1-B9AD-42219D742DD4"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE8CF045-09BB-4069-BCEC-496D5AE3B780"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01FFED25-C781-45CA-8F3B-7A75D5F1E126"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA5092E0-0F34-4330-BE16-B0D5FF4C91E4"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBBC99BE-E550-482C-B759-6032E6593D09"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66CAA1FF-02B0-4479-8349-DEB19208A21C"
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C47CC5A-5A12-4058-9F60-A50E2D2040BE"
},
{
"criteria": "cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1CE1F19-1F07-4CBB-9930-F47394ED8054"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FABD1A02-06F9-48A7-A22D-10DCD24938E7"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06992F7E-3BCA-4489-AD12-534C50CE6E6D"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6D3F48B-E5F3-4412-815A-6C1E23E98674"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C19C5CC9-544A-4E4D-8F0A-579BB5270F07"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "891E192D-BA12-4D89-8D18-C93D2F26A369"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B956113-5B3B-436D-858B-8F29FB304364"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E8917F6-00E7-47EC-B86D-A3B11D5F0E0D"
},
{
"criteria": "cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFC5F424-119D-4C66-8251-E735EEFBC0BA"
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B31A871-77CF-455F-A28A-FBCE595D51DB"
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "892B1AB5-B0DC-4E57-B22F-0196A9F22CE7"
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E9002D8-133F-4AB2-8475-4B0A464D0021"
},
{
"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B529695B-B859-4A1B-9873-6C870201879F"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F26748F3-1952-43B2-8847-264257ECBF10"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "142391D3-E38C-4F0E-9BB1-034DC28FAF75"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "555925C7-3345-48F8-9FD9-0E6C1E83E960"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0953CAB4-B627-419D-9B8A-7C776A4FC18F"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E703304-0752-46F2-998B-A3D37C9E7A54"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "722969B5-36CD-4413-954B-347BB7E51FAE"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5BE74EA-FC65-4A23-B5AA-1FC97390ADAB"
},
{
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AAFAA67-42E9-4B4E-9DC7-A38275FD45CB"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7A0E714-AC23-49B5-A36C-D10FA4699561"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89B3354D-3929-4AEC-AAE0-7F573341FD6C"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55901EF7-B71C-40B3-B276-FDA6381F051F"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "385D40CC-5AA0-4DAB-A2E7-F3A3CFF95BA7"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7A714FB-050A-4040-BC57-C22FA4DD58D2"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A775321B-6DFB-4770-8F6D-D34D655438AF"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "835BB7D9-633C-4CB3-8E8F-CA6FD62E587A"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48FE41BA-1E3C-4626-930F-3F8FEE124A78"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40F284EF-05CF-4CF5-B7CA-F58AE01DA3B6"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C09892E8-D580-488A-A80E-B358D682A25A"
},
{
"criteria": "cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A58642E0-CA59-4DE6-A83C-F551FC621C32"
},
{
"criteria": "cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7072B3F-88AE-4432-879B-9D8208C67C74"
},
{
"criteria": "cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BB4709C-6373-43CC-918C-876A6569865A"
},
{
"criteria": "cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD848FE1-CFD7-490C-B008-DF3B30F3256F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3"
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5"
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1"
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08"
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"
},
{
"criteria": "cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*",
"vulnerable": true,
"matchCriteriaId": "5E1DE4F5-9094-4C73-AA1B-5C902F38DD24"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "077732DB-F5F3-4E9C-9AC0-8142AB85B32F"
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D"
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1ABA871-3271-48E2-A69C-5AD70AF94E53"
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "681173DF-537E-4A64-8FC7-75F439CCAD0D"
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E2F2F98-DB90-43F6-8F28-3656207B6188"
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server_text-only_advisories:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08E5BFFC-F3E0-43E6-BA40-81B2A8B7CC01"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46DD0CA2-3786-4E97-A60C-5043FDDBCB86"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55E4609A-C986-4041-A528-1B4B37E1F6F6"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92BDD126-A468-47D9-A468-6E229D75939D"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DAA8C42-870A-42B4-AE9F-7C67F4122ED3"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2148300C-ECBD-4ED5-A164-79629859DD43"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B908AEF5-67CE-42D4-961D-C0E7ADB78ADD"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F8EB695-5EA3-46D2-941E-D7F01AB99A48"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E1DB003-76B8-4D7B-A6ED-5064C3AE1C11"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9A24D0C-604D-4421-AFA6-5D541DA2E94D"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A2E3637-B6A6-4DA9-8B0A-E91F22130A45"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F81F859C-DA89-4D1E-91D3-A000AD646203"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "418488A5-2912-406C-9337-B8E85D0C2B57"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
}
],
"operator": "OR"
}
]
}
]