In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an malicious user to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache commons beanutils |
||
apache nifi 1.14.0 |
||
apache nifi 1.15.0 |
||
debian debian linux 8.0 |
||
opensuse leap 15.0 |
||
opensuse leap 15.1 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux eus 7.7 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server aus 7.7 |
||
redhat enterprise linux server tus 7.7 |
||
redhat enterprise linux workstation 7.0 |
||
redhat jboss enterprise application platform 7.2.0 |
||
oracle agile plm 9.3.3 |
||
oracle agile plm 9.3.5 |
||
oracle agile plm 9.3.6 |
||
oracle agile product lifecycle management integration pack 3.5 |
||
oracle agile product lifecycle management integration pack 3.6 |
||
oracle application testing suite 13.3.0.1 |
||
oracle banking platform 2.4.0 |
||
oracle banking platform 2.7.1 |
||
oracle banking platform 2.9.0 |
||
oracle blockchain platform |
||
oracle communications billing and revenue management 7.5 |
||
oracle communications billing and revenue management 12.0.0.3.0 |
||
oracle communications billing and revenue management elastic charging engine 11.3.0.9 |
||
oracle communications billing and revenue management elastic charging engine 12.0.0.3 |
||
oracle communications cloud native core console 1.4.0 |
||
oracle communications cloud native core policy 1.9.0 |
||
oracle communications cloud native core unified data repository 1.6.0 |
||
oracle communications convergence 3.0.2.2.0 |
||
oracle communications design studio 7.3.4 |
||
oracle communications design studio 7.3.5 |
||
oracle communications design studio 7.4.0 |
||
oracle communications evolved communications application server 7.1 |
||
oracle communications metasolv solution 6.3.0 |
||
oracle communications metasolv solution 6.3.1 |
||
oracle communications network integrity 7.3.6 |
||
oracle communications performance intelligence center 10.4.0.3 |
||
oracle communications pricing design center 12.0.0.3.0 |
||
oracle communications unified inventory management 7.3.4 |
||
oracle communications unified inventory management 7.3.5 |
||
oracle communications unified inventory management 7.4.0 |
||
oracle communications unified inventory management 7.4.1 |
||
oracle customer management and segmentation foundation 18.0 |
||
oracle enterprise manager for virtualization 13.4.0.0 |
||
oracle financial services revenue management and billing analytics 2.7 |
||
oracle financial services revenue management and billing analytics 2.8 |
||
oracle flexcube private banking 12.0.0 |
||
oracle flexcube private banking 12.1.0 |
||
oracle fusion middleware 11.1.1.9 |
||
oracle fusion middleware 12.2.1.3.0 |
||
oracle fusion middleware 12.2.1.4.0 |
||
oracle healthcare foundation 7.1.5 |
||
oracle healthcare foundation 7.2.2 |
||
oracle healthcare foundation 7.3.0 |
||
oracle healthcare foundation 7.3.1 |
||
oracle healthcare foundation 8.0.1 |
||
oracle hospitality opera 5 5.5 |
||
oracle hospitality opera 5 5.6 |
||
oracle hospitality reporting and analytics 9.1.0 |
||
oracle insurance data gateway 1.0.2.3 |
||
oracle jd edwards enterpriseone orchestrator |
||
oracle jd edwards enterpriseone orchestrator 9.2.5.3 |
||
oracle jd edwards enterpriseone tools |
||
oracle jd edwards enterpriseone tools 9.2.5.3 |
||
oracle peoplesoft enterprise peopletools 8.56 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle peoplesoft enterprise pt peopletools 8.56 |
||
oracle peoplesoft enterprise pt peopletools 8.57 |
||
oracle peoplesoft enterprise pt peopletools 8.58 |
||
oracle primavera gateway |
||
oracle real-time decisions solutions 3.2.0.0 |
||
oracle retail advanced inventory planning 14.1 |
||
oracle retail back office 14.1 |
||
oracle retail central office 14.1 |
||
oracle retail invoice matching 16.0.3 |
||
oracle retail merchandising system 5.0.3.1 |
||
oracle retail point-of-service 14.1 |
||
oracle retail predictive application server 16.0 |
||
oracle retail price management 14.0 |
||
oracle retail price management 14.0.1 |
||
oracle retail price management 15.0 |
||
oracle retail price management 16.0 |
||
oracle retail returns management 14.1 |
||
oracle retail xstore point of service 7.1 |
||
oracle retail xstore point of service 15.0 |
||
oracle retail xstore point of service 16.0 |
||
oracle retail xstore point of service 17.0 |
||
oracle retail xstore point of service 18.0 |
||
oracle service bus 11.1.1.9.0 |
||
oracle service bus 12.2.1.3.0 |
||
oracle service bus 12.2.1.4.0 |
||
oracle solaris cluster 4.4 |
||
oracle time and labor |
||
oracle utilities framework |
||
oracle utilities framework 4.2.0.2.0 |
||
oracle utilities framework 4.2.0.3.0 |
||
oracle utilities framework 4.4.0.0.0 |
||
oracle utilities framework 4.4.0.2.0 |
||
oracle utilities framework 4.4.0.3.0 |
||
oracle weblogic server 10.3.6.0.0 |