Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe

Filtered by product Financial Services Data Integration Hub

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-17530	2 Apache, Oracle	8 Struts, Business Intelligence, Communications Diameter Intelligence Hub and 5 more	2022-06-03	7.5 HIGH	9.8 CRITICAL
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
CVE-2019-0230	2 Apache, Oracle	3 Struts, Financial Services Data Integration Hub, Financial Services Market Risk Measurement And Management	2021-10-20	7.5 HIGH	9.8 CRITICAL
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.