initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
22 Dec 2023, 16:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:data_center:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:server:*:*:* cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:server:*:*:* |
|
References | () https://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.html - Third Party Advisory | |
References | () https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3E - Third Party Advisory | |
References | () https://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3E - Issue Tracking | |
References | () https://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3E - Issue Tracking | |
References | () https://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3E - Issue Tracking | |
References | () https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3E - Patch | |
References | () https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3E - Patch | |
References | () https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3E - Issue Tracking | |
References | () https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3E - Issue Tracking | |
First Time |
Atlassian
Atlassian jira Service Management |
07 Nov 2023, 03:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 Oct 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Mar 2023, 15:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20221028-0002/ - Third Party Advisory | |
References | (MISC) https://github.com/quartz-scheduler/quartz/issues/467 - Issue Tracking, Third Party Advisory | |
First Time |
Netapp active Iq Unified Manager
Netapp Netapp cloud Secure Agent |
28 Oct 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Apr 2022, 18:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:apache_batik_mapviewer:12.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_order_broker:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:12.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:google_guava_mapviewer:18c:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_product_manufacturing:2.7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:apache_batik_mapviewer:18c:*:*:*:*:*:*:* cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:apache_batik_mapviewer:19c:*:*:*:*:*:*:* cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:18c:*:*:*:*:*:*:* cpe:2.3:a:oracle:terracotta_quartz_scheduler_mapviewer:19c:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_originations:2.7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:google_guava_mapviewer:12.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:google_guava_mapviewer:19c:*:*:*:*:*:*:* cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_ip_service_activator:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_investor_servicing:14.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_product_manufacturing:2.8.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_investor_servicing:14.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* cpe:2.3:a:oracle:banking_enterprise_originations:2.8.0:*:*:*:*:*:*:* cpe:2.3:a:apache:tomee:7.1.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a@%3Ccommits.tomee.apache.org%3E - Mailing List, Third Party Advisory | |
References | (N/A) https://www.oracle.com//security-alerts/cpujul2021.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf@%3Ccommits.tomee.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujan2021.html - Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf@%3Ccommits.tomee.apache.org%3E - Mailing List, Patch, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82@%3Cdev.tomee.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2020.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa@%3Ccommits.tomee.apache.org%3E - Mailing List, Third Party Advisory | |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Third Party Advisory | |
First Time |
Oracle flexcube Investor Servicing
Oracle flexcube Private Banking Oracle terracotta Quartz Scheduler Mapviewer Oracle Oracle retail Integration Bus Oracle retail Central Office Oracle enterprise Manager Base Platform Oracle hyperion Infrastructure Technology Oracle apache Batik Mapviewer Oracle banking Enterprise Originations Oracle enterprise Manager Ops Center Oracle banking Payments Oracle communications Ip Service Activator Oracle retail Point-of-service Oracle retail Returns Management Oracle banking Enterprise Product Manufacturing Oracle jd Edwards Enterpriseone Orchestrator Oracle google Guava Mapviewer Oracle fusion Middleware Mapviewer Oracle webcenter Sites Oracle retail Order Broker Oracle communications Session Route Manager Oracle primavera Unifier Apache Oracle retail Back Office Apache tomee Oracle customer Management And Segmentation Foundation Oracle documaker Oracle retail Xstore Point Of Service |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jan 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-07-26 19:15
Updated : 2023-12-22 16:35
NVD link : CVE-2019-13990
Mitre link : CVE-2019-13990
CVE.ORG link : CVE-2019-13990
JSON object : View
Products Affected
oracle
- retail_back_office
- jd_edwards_enterpriseone_orchestrator
- enterprise_manager_ops_center
- retail_central_office
- flexcube_investor_servicing
- primavera_unifier
- fusion_middleware_mapviewer
- flexcube_private_banking
- communications_session_route_manager
- hyperion_infrastructure_technology
- google_guava_mapviewer
- terracotta_quartz_scheduler_mapviewer
- documaker
- retail_xstore_point_of_service
- banking_payments
- banking_enterprise_originations
- communications_ip_service_activator
- retail_point-of-service
- retail_order_broker
- enterprise_manager_base_platform
- retail_integration_bus
- banking_enterprise_product_manufacturing
- retail_returns_management
- webcenter_sites
- apache_batik_mapviewer
- customer_management_and_segmentation_foundation
softwareag
- quartz
netapp
- active_iq_unified_manager
- cloud_secure_agent
atlassian
- jira_service_management
apache
- tomee
CWE
CWE-611
Improper Restriction of XML External Entity Reference