CVE-2019-0227
HIGH
7.5
CVSS Severity Score
Vulnerability Description
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
Affected Platforms (CPE)
📦
Apache
Axis
= 1.4📦
Oracle
Agile Engineering Data Management
= 6.2.1.0📦
Oracle
Agile Product Lifecycle Management
= 9.3.3📦
Oracle
Application Testing Suite
= 13.2.0.1📦
Oracle
Application Testing Suite
= 13.3.0.1📦
Oracle
Big Data Discovery
= 1.6📦
Oracle
Communications Asap Cartridges
= 7.2📦
Oracle
Communications Asap Cartridges
= 7.3📦
Oracle
Communications Design Studio
= 7.3.4.3.0📦
Oracle
Communications Design Studio
= 7.3.5.5.0📦
Oracle
Communications Design Studio
= 7.4.0.4.0📦
Oracle
Communications Design Studio
= 7.4.1.1.0📦
Oracle
Communications Element Manager
= 8.0.0📦
Oracle
Communications Element Manager
= 8.1.0📦
Oracle
Communications Element Manager
= 8.1.1📦
Oracle
Communications Element Manager
= 8.2.0📦
Oracle
Communications Network Integrity
= 7.3.5📦
Oracle
Communications Network Integrity
= 7.3.6📦
Oracle
Communications Order And Service Management
= 7.3.0.0.0📦
Oracle
Communications Order And Service Management
= 7.4📦
Oracle
Communications Session Report Manager
= 8.0.0📦
Oracle
Communications Session Report Manager
= 8.1.0📦
Oracle
Communications Session Report Manager
= 8.1.1📦
Oracle
Communications Session Report Manager
= 8.2.0📦
Oracle
Communications Session Route Manager
= 8.0.0📦
Oracle
Communications Session Route Manager
= 8.1.0📦
Oracle
Communications Session Route Manager
= 8.1.1📦
Oracle
Communications Session Route Manager
= 8.2.0📦
Oracle
Endeca Information Discovery Studio
= 3.2.0📦
Oracle
Enterprise Manager Base Platform
= 12.1.0.5📦
Oracle
Enterprise Manager Base Platform
= 13.3.0.0📦
Oracle
Enterprise Manager For Fusion Middleware
= 12.1.0.5📦
Oracle
Financial Services Analytical Applications Infrastructure
>= 7.3.3 and <= 7.3.5📦
Oracle
Financial Services Analytical Applications Infrastructure
>= 8.0.0 and <= 8.0.8📦
Oracle
Financial Services Compliance Regulatory Reporting
>= 8.0.6 and <= 8.0.8📦
Oracle
Financial Services Funds Transfer Pricing
>= 8.0.2 and <= 8.0.7📦
Oracle
Flexcube Core Banking
= 11.7.0📦
Oracle
Flexcube Core Banking
= 11.8.0📦
Oracle
Flexcube Core Banking
= 11.9.0📦
Oracle
Flexcube Core Banking
= 11.10.0📦
Oracle
Flexcube Private Banking
= 12.0.0📦
Oracle
Flexcube Private Banking
= 12.1.0📦
Oracle
Hospitality Guest Access
= 4.2.0📦
Oracle
Hospitality Guest Access
= 4.2.1📦
Oracle
Instantis Enterprisetrack
= 17.1📦
Oracle
Instantis Enterprisetrack
= 17.2📦
Oracle
Instantis Enterprisetrack
= 17.3📦
Oracle
Internet Directory
= 12.2.1.3.0📦
Oracle
Internet Directory
= 12.2.1.4.0📦
Oracle
Knowledge
>= 8.6.0 and <= 8.6.3📦
Oracle
Peoplesoft Enterprise Human Capital Management Human Resources
= 7.3.5📦
Oracle
Peoplesoft Enterprise Human Capital Management Human Resources
= 7.3.6📦
Oracle
Peoplesoft Enterprise Human Capital Management Human Resources
= 9.2📦
Oracle
Peoplesoft Enterprise Peopletools
= 8.56📦
Oracle
Peoplesoft Enterprise Peopletools
= 8.57📦
Oracle
Peoplesoft Enterprise Peopletools
= 8.58📦
Oracle
Policy Automation Connector For Siebel
= 10.4.6📦
Oracle
Primavera Gateway
= 16.2.11📦
Oracle
Primavera Gateway
= 17.12.6📦
Oracle
Primavera Unifier
>= 17.7 and <= 17.12📦
Oracle
Primavera Unifier
= 16.1📦
Oracle
Primavera Unifier
= 16.2📦
Oracle
Primavera Unifier
= 18.8📦
Oracle
Primavera Unifier
= 19.12📦
Oracle
Rapid Planning
= 12.1📦
Oracle
Rapid Planning
= 12.2📦
Oracle
Real Time Decision Server
= 3.2.1.0📦
Oracle
Retail Order Broker
= 15.0📦
Oracle
Retail Order Broker
= 16.0📦
Oracle
Retail Order Broker
= 18.0📦
Oracle
Retail Xstore Point Of Service
= 7.1📦
Oracle
Secure Global Desktop
= 5.4📦
Oracle
Secure Global Desktop
= 5.5📦
Oracle
Siebel Ui Framework
<= 21.0📦
Oracle
Tuxedo
= 12.1.1.0.0📦
Oracle
Tuxedo
= 12.1.3📦
Oracle