CVE-2021-29425
Published Apr 13, 2021
Last updated a year ago
Overview
- Description
- In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
- Source
- security@apache.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.8
- Impact score
- 2.5
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:commons_io:2.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55B8E817-8D9D-433E-99D8-4E412F006400"
},
{
"criteria": "cpe:2.3:a:apache:commons_io:2.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "911E607E-5A34-44DC-B9E0-01D3571DD014"
},
{
"criteria": "cpe:2.3:a:apache:commons_io:2.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5AB5A45-486F-4B37-9E5B-4EEB81F4F78A"
},
{
"criteria": "cpe:2.3:a:apache:commons_io:2.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DAD478C-FBF7-4FAE-8939-2FD625F8D71C"
},
{
"criteria": "cpe:2.3:a:apache:commons_io:2.6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FA21029-762D-4E84-A80A-DB417CA8BD00"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DEAFEDC-2D0F-4A5F-99A0-BD41DD6DC017"
},
{
"criteria": "cpe:2.3:a:oracle:access_manager:12.2.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A287FA5D-D7D9-40B4-8DB2-1D7CE1808408"
},
{
"criteria": "cpe:2.3:a:oracle:access_manager:12.2.1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20EB3430-0FF2-4668-BB20-A5611ACC73F6"
},
{
"criteria": "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64"
},
{
"criteria": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"
},
{
"criteria": "cpe:2.3:a:oracle:application_performance_management:13.4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F84E5662-0289-4ED5-A112-BC506508216C"
},
{
"criteria": "cpe:2.3:a:oracle:application_performance_management:13.5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD312681-73A4-4B21-BDE8-50DED7E3E0CF"
},
{
"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:18.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "869D51B3-FB50-4BD6-8A0C-D0984267525F"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:18.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08B8F413-2000-493B-82B1-BEFE343BB8C4"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "042269E6-D3B4-4867-86FA-9301FACA9FF2"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF34B11F-3DE1-4C22-8EB1-AEE5CE5E4172"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86F03B63-F922-45CD-A7D1-326DB0042875"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CBFC93F-8B39-45A2-981C-59B187169BD4"
},
{
"criteria": "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0843465C-F940-4FFC-998D-9A2668B75EA0"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:17.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "560F20E6-AEA1-4CE5-A393-C9B2CF334C5C"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBE7BF09-B89C-4590-821E-6C0587E096B5"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18127694-109C-4E7E-AE79-0BA351849291"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC"
},
{
"criteria": "cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D6895A6-511A-4DC6-9F9B-58E05B86BDB1"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E60C0966-BF0D-4D18-B09B-5D0BB96DBFF3"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0FCD3BC-33D8-49D1-844B-6B9DE0CA4997"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "473749BD-267E-480F-8E7F-C762702DB66E"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74C7E2F1-17FC-4322-A5C3-F7EB612BA4F5"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "320D36DA-D99F-4149-B582-3F4AB2F41A1B"
},
{
"criteria": "cpe:2.3:a:oracle:banking_enterprise_default_managment:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05E4EB25-7B7A-4A10-A535-8C7CA4D6FEB6",
"versionEndIncluding": "2.4.0",
"versionStartIncluding": "2.3.0"
},
{
"criteria": "cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C542DC5E-6657-4178-9C69-46FD3C187D56"
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D0F559E-0790-461B-ACED-5B00F4D40893",
"versionEndIncluding": "2.4.1",
"versionStartIncluding": "2.3.0"
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "132CE62A-FBFC-4001-81EC-35D81F73AF48"
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "282150FF-C945-4A3E-8A80-E8757A8907EA"
},
{
"criteria": "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "645AA3D1-C8B5-4CD2-8ACE-31541FA267F0"
},
{
"criteria": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0DBC938-A782-433F-8BF1-CA250C332AA7",
"versionEndExcluding": "21.1.2"
},
{
"criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79"
},
{
"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "787E2C1B-9BAD-4018-8495-E9BE75628BB8"
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A9E4125-B744-4A9D-BFE6-5D82939958FD"
},
{
"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "261212BD-125A-487F-97E8-A9587935DFE8"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E463039-5E48-4AA0-A42B-081053FA0111"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB1BC31C-6016-42A8-9517-2FBBC92620CC"
},
{
"criteria": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D2ACE8A-6D85-4401-88D8-46B678BA0063"
},
{
"criteria": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0535B116-57D6-4448-86A2-09BCE50894B8"
},
{
"criteria": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DF939F5-C0E1-40A4-95A2-0CE7A03AB4EE"
},
{
"criteria": "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6512DC4C-C331-4F6B-9DC9-D9DA5B8945DA",
"versionEndIncluding": "7.4.2",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B54457C-8305-4F82-BE1E-DBA030A8E676"
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5B4A191-44AE-4C35-9164-19237D2CF013",
"versionEndIncluding": "8.1.0",
"versionStartIncluding": "8.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A543B4F8-149A-48AB-B388-AB7FA2ECAC18",
"versionEndIncluding": "8.2.3",
"versionStartIncluding": "8.2.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46E23F2E-6733-45AF-9BD9-1A600BD278C8"
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86"
},
{
"criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A23B00C1-878A-4B55-B87B-EFFFA6A5E622"
},
{
"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21CC9E01-616E-411B-B0C7-DE6E599D3319"
},
{
"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F015E20-7886-4713-B4EC-FE7894066D09"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B388677-D3A7-4304-8FDF-3C5ED51C8BA2"
},
{
"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A28F42F0-FBDA-4574-AD30-7A04F27FEA3E"
},
{
"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "129CA55C-C770-4D42-BD17-9011F3AC93C4"
},
{
"criteria": "cpe:2.3:a:oracle:communications_service_broker:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6235EAE-47DD-4292-9941-6FF8D0A83843"
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BE83BC6-5A6F-40A1-AAC7-314A575D8E07"
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517"
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9A4E206-56C7-4578-AC9C-088B0C8D9CFE"
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EA4D3C5-6A7C-4421-88EF-445A96DBCE0C",
"versionEndIncluding": "8.1.1",
"versionStartIncluding": "8.0.7"
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E8FD060-E9A8-499C-87B0-AF7BBED7771F",
"versionEndIncluding": "8.1.1",
"versionStartIncluding": "8.0.8"
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB8A1479-591A-4858-9B18-3B595694A965",
"versionEndIncluding": "11.8.0",
"versionStartIncluding": "11.6.0"
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEFE7E72-D419-4040-81AB-B4934C13909F"
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B283B614-9E31-4148-8688-B0672B3A77B3"
},
{
"criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA86EF7E-6162-4244-9C88-7AF5CAB787E0"
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6C9A32B-B776-4704-818D-977B4B20D677"
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6989178B-A3D5-4441-A56C-6C639D4759DF"
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16AEA21E-0B11-44A5-8BFB-550521D8E0D5",
"versionEndIncluding": "3.0.4",
"versionStartIncluding": "3.0.1"
},
{
"criteria": "cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66C673C4-A825-46C0-816B-103E1C058D03"
},
{
"criteria": "cpe:2.3:a:oracle:helidon:1.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34CB181A-803A-4C8D-BB6A-8B7CE65C5A7E"
},
{
"criteria": "cpe:2.3:a:oracle:helidon:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AA1985E-D3D4-4053-A538-22C428D160CC"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F89EC4B-6D34-40F0-B7C6-C03D03F81C13"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00C9E689-ED91-4A9D-B9C0-5BF4EC131409"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC2370B5-F41B-45F6-AC9F-9C7B258AA717"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF958C28-4289-4433-8CD9-B6551F01926F"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57E9FC66-F6A0-4FB0-8D92-2C9B9E3F2184"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3E25293-CB03-44CE-A8ED-04B3A0487A6A"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F9721E3-EE25-4C8A-9E0A-E60D465E0A97"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B47C49C-3662-4FCB-82E8-7484F7151858"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7A6C04D-43B3-4B83-A185-7CBD838C97E4"
},
{
"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2B51896-E4DA-4FDA-979F-481FFB3E588A"
},
{
"criteria": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71CB79ED-A93E-4CBD-BCDD-82C5A00B373B",
"versionEndExcluding": "2.12.42"
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7"
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2"
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F"
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06"
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2"
},
{
"criteria": "cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CADD7026-EF85-40A5-8563-7A34C6941B1F"
},
{
"criteria": "cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58F019E8-F68D-41B5-9480-0A81616F2E7C"
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AC56890-3225-4A0F-B48A-1FB761810062",
"versionEndExcluding": "21.2"
},
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:21.3:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37DDB2B3-1C16-44D6-BEE2-9D34637230F0"
},
{
"criteria": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48C9BD8E-7214-4B44-B549-6F11B3EA8A04"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A921C710-1C59-429F-B985-67C0DBFD695E",
"versionEndIncluding": "16.0.3",
"versionStartIncluding": "16.0.1"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40AABFD3-1D0D-4C6B-BA9A-9DA70241B51C"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EEF867A-587A-45E1-B2F6-0B903903F0F9"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFDF4CB0-4680-449A-8576-915721D59500"
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD311C33-A309-44D5-BBFB-539D72C7F8C4"
},
{
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8383028-B719-41FD-9B6A-71F8EB4C5F8D"
},
{
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D"
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7BD0D41-1BED-4C4F-95C8-8987C98908DA"
},
{
"criteria": "cpe:2.3:a:oracle:retail_pricing:19.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5D06393-D43A-4A5E-BED5-4DF2F4F38C74"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CE45891-A6A5-4699-90A6-6F49E60A7987",
"versionEndIncluding": "16.0.3",
"versionStartIncluding": "16.0.1"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "054F9E62-A6D6-4850-83AD-3628C74A4384"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E702EBED-DB39-4084-84B1-258BC5FE7545"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F7956BF-D5B6-484B-999C-36B45CD8B75B"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:19.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D14A54A-4B04-41DE-B731-844D8AC3BE23"
},
{
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DA6B655-A445-42E5-B6D9-70AB1C04774A"
},
{
"criteria": "cpe:2.3:a:oracle:retail_size_profile_optimization:16.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74ACC94B-4A9F-451D-B639-6008A108BDDC"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48EFC111-B01B-4C34-87E4-D6B2C40C0122"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "073FEA23-E46A-4C73-9D29-95CFF4F5A59D"
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1"
},
{
"criteria": "cpe:2.3:a:oracle:solaris_cluster:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87A83709-4D38-4844-8928-0C2D6F2033BD"
},
{
"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF"
},
{
"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5B4C338-11E1-4235-9D5A-960B2711AC39"
},
{
"criteria": "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C93F84E-9680-44EF-8656-D27440B51698"
},
{
"criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728"
},
{
"criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A502118-5B2B-47AE-82EC-1999BD841103"
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811"
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66"
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"vulnerable": true,
"matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1"
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
}
],
"operator": "OR"
}
]
}
]