A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HApache Axis
APPApache1.4Oracle Agile Engineering Data Management
APPOracle6.2.1.0Oracle Agile Product Lifecycle Management
APPOracle9.3.3Oracle Application Testing Suite
APPOracle13.2.0.113.3.0.1Oracle Big Data Discovery
APPOracle1.6Oracle Communications Asap Cartridges
APPOracle7.27.3Oracle Communications Design Studio
APPOracle7.3.4.3.07.3.5.5.07.4.0.4.07.4.1.1.0Oracle Communications Element Manager
APPOracle8.0.08.1.08.1.18.2.0Oracle Communications Network Integrity
APPOracle7.3.57.3.6Oracle Communications Order And Service Management
APPOracle7.3.0.0.07.4Oracle Communications Session Report Manager
APPOracle8.0.08.1.08.1.18.2.0Oracle Communications Session Route Manager
APPOracle8.0.08.1.08.1.18.2.0Oracle Endeca Information Discovery Studio
APPOracle3.2.0Oracle Enterprise Manager Base Platform
APPOracle12.1.0.513.3.0.0Oracle Enterprise Manager For Fusion Middleware
APPOracle12.1.0.5Oracle Financial Services Analytical Applications Infrastructure
APPOracle7.3.3 – 7.3.58.0.0 – 8.0.8Oracle Financial Services Compliance Regulatory Reporting
APPOracle8.0.6 – 8.0.8Oracle Financial Services Funds Transfer Pricing
APPOracle8.0.2 – 8.0.7Oracle Flexcube Core Banking
APPOracle11.10.011.7.011.8.011.9.0Oracle Flexcube Private Banking
APPOracle12.0.012.1.0Oracle Hospitality Guest Access
APPOracle4.2.04.2.1Oracle Instantis Enterprisetrack
APPOracle17.117.217.3Oracle Internet Directory
APPOracle12.2.1.3.012.2.1.4.0Oracle Knowledge
APPOracle8.6.0 – 8.6.3Oracle Peoplesoft Enterprise Human Capital Management Human Resources
APPOracle7.3.57.3.69.2Oracle Peoplesoft Enterprise Peopletools
APPOracle8.568.578.58Oracle Policy Automation Connector For Siebel
APPOracle10.4.6Oracle Primavera Gateway
APPOracle16.2.1117.12.6Oracle Primavera Unifier
APPOracle16.116.218.819.1217.7 – 17.12Oracle Rapid Planning
APPOracle12.112.2
Related vulnerabilities
Pominięcie uwierzytelnienia w Oracle PeopleSoft PeopleTools (RCE/Takeover)
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionalit...
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could ...
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a ...