CVE-2019-0233 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
apache	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Vendor	Product	Version
apache	struts	2.0.0 ≤ 𝑥 ≤ 2.5.20
oracle	communications_policy_management	12.5.0
oracle	financial_services_data_integration_hub	8.0.3
oracle	financial_services_data_integration_hub	8.0.6
oracle	financial_services_market_risk_measurement_and_management	8.0.6
oracle	mysql_enterprise_monitor	𝑥 ≤ 8.0.23

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

libstruts1.2-java

focal	dne
bionic	dne
xenial	dne
trusty	dne

Common Weakness Enumeration

CWE-281 - Improper Preservation of Permissions
The software does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

References

https://cwiki.apache.org/confluence/display/ww/s2-060

https://launchpad.support.sap.com/#/notes/2982840

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com/security-alerts/cpujan2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html

https://cwiki.apache.org/confluence/display/ww/s2-060

https://launchpad.support.sap.com/#/notes/2982840

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com/security-alerts/cpujan2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html