In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware spring framework |
||
oracle flexcube private banking 12.1.0 |
||
oracle flexcube private banking 12.0.0 |
||
oracle weblogic server 12.1.3.0.0 |
||
oracle insurance rules palette 10.2.0 |
||
oracle weblogic server 10.3.6.0.0 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle endeca information discovery integrator 3.2.0 |
||
oracle retail predictive application server 14.1 |
||
oracle retail order broker 15.0 |
||
oracle retail order broker 16.0 |
||
oracle retail integration bus 14.1.3 |
||
oracle retail returns management 14.1 |
||
oracle insurance policy administration 10.2 |
||
oracle enterprise data quality 12.2.1.3.0 |
||
oracle communications unified inventory management 7.3.4 |
||
oracle communications unified inventory management 7.3.5 |
||
oracle retail invoice matching 14.0 |
||
oracle retail invoice matching 14.1 |
||
oracle fusion middleware 12.2.1.3.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle fusion middleware 12.2.1.4.0 |
||
oracle financial services analytical applications infrastructure |
||
oracle weblogic server 14.1.1.0.0 |
||
oracle hyperion infrastructure technology 11.1.2.4 |
||
oracle retail bulk data integration 16.0.3.0 |
||
oracle retail assortment planning 16.0.3.0 |
||
oracle retail merchandising system 16.0.3 |
||
oracle goldengate application adapters 19.1.0.0.0 |
||
oracle primavera gateway |
||
oracle retail service backbone 15.0.3 |
||
oracle retail service backbone 16.0.3 |
||
oracle retail financial integration 15.0.3 |
||
oracle retail financial integration 16.0.3 |
||
oracle retail financial integration 14.1.3 |
||
oracle retail service backbone 14.1.3 |
||
oracle retail integration bus 15.0.3 |
||
oracle retail integration bus 16.0.3 |
||
oracle insurance rules palette 10.2.4 |
||
oracle insurance rules palette 11.0.2 |
||
oracle commerce guided search 11.3.2 |
||
oracle retail xstore point of service 16.0.6 |
||
oracle retail xstore point of service 17.0.4 |
||
oracle retail xstore point of service 18.0.3 |
||
oracle retail xstore point of service 19.0.2 |
||
oracle insurance rules palette |
||
oracle insurance policy administration |
||
oracle insurance policy administration 11.0.2 |
||
oracle retail xstore point of service 15.0.4 |
||
oracle mysql enterprise monitor |
||
oracle mysql enterprise monitor 8.0.23 |
||
oracle insurance policy administration 10.2.4 |
||
oracle healthcare master person index 4.0.2.5 |
||
oracle primavera p6 enterprise project portfolio management |
||
oracle communications session report manager |
||
oracle communications brm 12.0.0.3 |
||
oracle communications brm 11.3.0.9 |
||
oracle storagetek tape analytics sw tool 2.3 |
||
oracle retail customer engagement |
||
oracle retail customer management and segmentation foundation |
||
oracle enterprise data quality 12.2.1.4.0 |
||
oracle communications design studio 7.3.4 |
||
oracle communications design studio 7.3.5 |
||
oracle communications design studio 7.4.0 |
||
oracle storagetek acsls 8.5.1 |
||
netapp snap creator framework - |
||
netapp snapcenter - |
||
netapp oncommand insight - |