CVE-2018-8032

{"id": "CVE-2018-8032", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2018-08-02T13:29:00.363", "references": [{"url": "http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E", "source": "security@apache.org"}, {"url": "https://issues.apache.org/jira/browse/AXIS-2924", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujan2021.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services."}, {"lang": "es", "value": "Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto."}], "lastModified": "2023-11-07T03:01:22.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:axis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5114D26C-501B-4F51-B12C-D8A4537BEC80", "versionEndIncluding": "1.4", "versionStartIncluding": "1.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64"}, {"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_framework:9.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8454A130-2E9B-4528-A24D-1B3D0FFCC860"}, {"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10F17843-32EA-4C31-B65C-F424447BEF7B"}, {"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1"}, {"criteria": "cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E"}, {"criteria": "cpe:2.3:a:oracle:communications_asap_cartridges:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4CE3535-FC9D-4FB2-8739-19E7477B07FF"}, {"criteria": "cpe:2.3:a:oracle:communications_asap_cartridges:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58A06A98-0374-4B56-9045-D939F30BF479"}, {"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.3.4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "313F42E5-1BBB-4773-A153-B114C3FDF701"}, {"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.3.5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC75FE72-6C3F-428E-9C9A-60982455238B"}, {"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B370B017-2E3B-438B-86B9-EEF70E3A5D3A"}, {"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63C81E5E-3C53-4731-96C3-0F5767874B11"}, {"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5503EC-63B6-47EB-AE37-14DD317DDDD8"}, {"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A99F85F8-F374-48B0-9534-BB9C07AFE76E"}, {"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C57FD3A-0CC1-4BA9-879A-8C4A40234162"}, {"criteria": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "698FB6D0-B26F-4760-9B9B-1C65FBFF2126"}, {"criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB92D8A7-2ABD-4B70-A32C-4B6B866C5B8B"}, {"criteria": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B21E6EEF-2AB7-4E96-B092-1F49D11B4175"}, {"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB472856-38AB-4062-B752-E204B177DE72"}, {"criteria": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F015E20-7886-4713-B4EC-FE7894066D09"}, {"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DDF6809-53A7-4F7D-9FA8-B522BE8F7A21"}, {"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA86A15F-FAB8-4DF5-95AC-DA3D1CF7A720"}, {"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB43DFD4-D058-4001-BD19-488E059F4532"}, {"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "086E2E5C-44EB-4C07-B298-C04189533996"}, {"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B042935-BC42-4CA8-9379-7F0F894F9653"}, {"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B374F86-4EC8-4797-A8C3-5C1FF1DFC9F8"}, {"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5682DAEB-3810-4541-833A-568C868BCE0B"}, {"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01BC9AED-F81D-4344-AD97-EEF19B6EA8C7"}, {"criteria": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D03A8C9-35A5-4B75-9711-7A4A60457307"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36E39918-B2D6-43F0-A607-8FD8BFF6F340"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7582B307-3899-4BBB-B868-BC912A4D0109"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14480702-4398-4C28-82A6-E7329FB3B650"}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5BC32AA-78BE-468B-B92A-5A0FFFA970FA", "versionEndIncluding": "7.3.5", "versionStartIncluding": "7.3.3"}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6E8C634-FC3E-418F-8D7D-B71E1A3E2DBE", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:financial_services_compliance_regulatory_reporting:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DDD1A52-5794-4837-847C-E5F073330774", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6"}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "547D042E-51DE-430D-B4BA-F0698646BC80", "versionEndIncluding": "8.0.7", "versionStartIncluding": "8.0.2"}, {"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:11.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87416B3B-3B2B-486B-B931-19199EF07000"}, {"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:11.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1102B6BC-D99E-4AC0-9375-FB8517A4A71F"}, {"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:11.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D22386C-FEC4-4984-8E2A-8FE4796BEFBE"}, {"criteria": "cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B283B614-9E31-4148-8688-B0672B3A77B3"}, {"criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6762F207-93C7-4363-B2F9-7A7C6F8AF993"}, {"criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B74B912-152D-4F38-9FC1-741D6D0B27FC"}, {"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A3DC116-2844-47A1-BEC2-D0675DD97148"}, {"criteria": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94"}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4"}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4"}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F69B9A5-F21B-4904-9F27-95C0F7A628E3"}, {"criteria": "cpe:2.3:a:oracle:internet_directory:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68F2A706-3250-4026-9498-CB4B38B23CEC"}, {"criteria": "cpe:2.3:a:oracle:internet_directory:12.2.1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7360EC9B-814F-4FF5-AA9D-9E55A380B2C5"}, {"criteria": "cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E587602-BA7D-4087-BE29-ACE0B01BD590", "versionEndIncluding": "8.6.3", "versionStartIncluding": "8.6.0"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_human_resources:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "344A3A9E-3113-4096-B9F8-CA0AD705242B"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9"}, {"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DFB9704-6B99-4113-8537-E4AE0F791B86"}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:17.12.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F5647E5-B051-41A6-B186-3584C725908B"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", "versionEndIncluding": "17.12", "versionStartIncluding": "17.7"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D55A54FD-7DD1-49CD-BE81-0BE73990943C"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82EB08C0-2D46-4635-88DF-E54F6452D3A3"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F"}, {"criteria": "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19A0F1AF-F2E6-44E7-8E2D-190E103B72D3"}, {"criteria": "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D53690D-3390-4A27-988A-709CD89DD05B"}, {"criteria": "cpe:2.3:a:oracle:real-time_decision_server:3.2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD2288B1-FF5E-46BC-8551-4CC6B046A0D0"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE8CF045-09BB-4069-BCEC-496D5AE3B780"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D"}, {"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0ED83E3-E6BF-4EAA-AF8F-33485A88A218"}, {"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5265C91-FF5C-4451-A7C2-D388A65ACFA2"}, {"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2B933E8-DBC4-4443-B837-BA8BAF8CC249"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAC9E8DC-5139-4420-9BD6-0B5F2FA3150E", "versionEndIncluding": "21.0"}, {"criteria": "cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92A6A7BA-CCE6-426F-8434-7A578A245180"}, {"criteria": "cpe:2.3:a:oracle:tuxedo:12.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBC28867-E828-4ABC-BE7B-3E5C2E826879"}, {"criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}