// For flags

CVE-2018-8032

 

Severity Score

6.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-03-09 CVE Reserved
  • 2018-08-02 CVE Published
  • 2020-03-30 First Exploit
  • 2024-06-22 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
Axis
Search vendor "Apache" for product "Axis"
>= 1.0 <= 1.4
Search vendor "Apache" for product "Axis" and version " >= 1.0 <= 1.4"
-
Affected
Oracle
Search vendor "Oracle"
Agile Engineering Data Management
Search vendor "Oracle" for product "Agile Engineering Data Management"
6.2.1.0
Search vendor "Oracle" for product "Agile Engineering Data Management" and version "6.2.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Agile Product Lifecycle Management Framework
Search vendor "Oracle" for product "Agile Product Lifecycle Management Framework"
9.3.3
Search vendor "Oracle" for product "Agile Product Lifecycle Management Framework" and version "9.3.3"
-
Affected
Oracle
Search vendor "Oracle"
Application Testing Suite
Search vendor "Oracle" for product "Application Testing Suite"
13.2.0.1
Search vendor "Oracle" for product "Application Testing Suite" and version "13.2.0.1"
-
Affected
Oracle
Search vendor "Oracle"
Application Testing Suite
Search vendor "Oracle" for product "Application Testing Suite"
13.3.0.1
Search vendor "Oracle" for product "Application Testing Suite" and version "13.3.0.1"
-
Affected
Oracle
Search vendor "Oracle"
Big Data Discovery
Search vendor "Oracle" for product "Big Data Discovery"
1.6
Search vendor "Oracle" for product "Big Data Discovery" and version "1.6"
-
Affected
Oracle
Search vendor "Oracle"
Communications Asap Cartridges
Search vendor "Oracle" for product "Communications Asap Cartridges"
7.2
Search vendor "Oracle" for product "Communications Asap Cartridges" and version "7.2"
-
Affected
Oracle
Search vendor "Oracle"
Communications Asap Cartridges
Search vendor "Oracle" for product "Communications Asap Cartridges"
7.3
Search vendor "Oracle" for product "Communications Asap Cartridges" and version "7.3"
-
Affected
Oracle
Search vendor "Oracle"
Communications Design Studio
Search vendor "Oracle" for product "Communications Design Studio"
7.3.4.3.0
Search vendor "Oracle" for product "Communications Design Studio" and version "7.3.4.3.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Design Studio
Search vendor "Oracle" for product "Communications Design Studio"
7.3.5.5.0
Search vendor "Oracle" for product "Communications Design Studio" and version "7.3.5.5.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Design Studio
Search vendor "Oracle" for product "Communications Design Studio"
7.4.0.4.0
Search vendor "Oracle" for product "Communications Design Studio" and version "7.4.0.4.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Design Studio
Search vendor "Oracle" for product "Communications Design Studio"
7.4.1.1.0
Search vendor "Oracle" for product "Communications Design Studio" and version "7.4.1.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Element Manager
Search vendor "Oracle" for product "Communications Element Manager"
8.0.0
Search vendor "Oracle" for product "Communications Element Manager" and version "8.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Element Manager
Search vendor "Oracle" for product "Communications Element Manager"
8.1.0
Search vendor "Oracle" for product "Communications Element Manager" and version "8.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Element Manager
Search vendor "Oracle" for product "Communications Element Manager"
8.1.1
Search vendor "Oracle" for product "Communications Element Manager" and version "8.1.1"
-
Affected
Oracle
Search vendor "Oracle"
Communications Element Manager
Search vendor "Oracle" for product "Communications Element Manager"
8.2.0
Search vendor "Oracle" for product "Communications Element Manager" and version "8.2.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Network Integrity
Search vendor "Oracle" for product "Communications Network Integrity"
7.3.5
Search vendor "Oracle" for product "Communications Network Integrity" and version "7.3.5"
-
Affected
Oracle
Search vendor "Oracle"
Communications Network Integrity
Search vendor "Oracle" for product "Communications Network Integrity"
7.3.6
Search vendor "Oracle" for product "Communications Network Integrity" and version "7.3.6"
-
Affected
Oracle
Search vendor "Oracle"
Communications Order And Service Management
Search vendor "Oracle" for product "Communications Order And Service Management"
7.3.0.0.0
Search vendor "Oracle" for product "Communications Order And Service Management" and version "7.3.0.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Order And Service Management
Search vendor "Oracle" for product "Communications Order And Service Management"
7.4
Search vendor "Oracle" for product "Communications Order And Service Management" and version "7.4"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Report Manager
Search vendor "Oracle" for product "Communications Session Report Manager"
8.0.0
Search vendor "Oracle" for product "Communications Session Report Manager" and version "8.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Report Manager
Search vendor "Oracle" for product "Communications Session Report Manager"
8.1.0
Search vendor "Oracle" for product "Communications Session Report Manager" and version "8.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Report Manager
Search vendor "Oracle" for product "Communications Session Report Manager"
8.1.1
Search vendor "Oracle" for product "Communications Session Report Manager" and version "8.1.1"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Report Manager
Search vendor "Oracle" for product "Communications Session Report Manager"
8.2.0
Search vendor "Oracle" for product "Communications Session Report Manager" and version "8.2.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Route Manager
Search vendor "Oracle" for product "Communications Session Route Manager"
8.0.0
Search vendor "Oracle" for product "Communications Session Route Manager" and version "8.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Route Manager
Search vendor "Oracle" for product "Communications Session Route Manager"
8.1.0
Search vendor "Oracle" for product "Communications Session Route Manager" and version "8.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Route Manager
Search vendor "Oracle" for product "Communications Session Route Manager"
8.1.1
Search vendor "Oracle" for product "Communications Session Route Manager" and version "8.1.1"
-
Affected
Oracle
Search vendor "Oracle"
Communications Session Route Manager
Search vendor "Oracle" for product "Communications Session Route Manager"
8.2.0
Search vendor "Oracle" for product "Communications Session Route Manager" and version "8.2.0"
-
Affected
Oracle
Search vendor "Oracle"
Endeca Information Discovery Studio
Search vendor "Oracle" for product "Endeca Information Discovery Studio"
3.2.0
Search vendor "Oracle" for product "Endeca Information Discovery Studio" and version "3.2.0"
-
Affected
Oracle
Search vendor "Oracle"
Enterprise Manager Base Platform
Search vendor "Oracle" for product "Enterprise Manager Base Platform"
12.1.0.5
Search vendor "Oracle" for product "Enterprise Manager Base Platform" and version "12.1.0.5"
-
Affected
Oracle
Search vendor "Oracle"
Enterprise Manager Base Platform
Search vendor "Oracle" for product "Enterprise Manager Base Platform"
13.3.0.0
Search vendor "Oracle" for product "Enterprise Manager Base Platform" and version "13.3.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Enterprise Manager For Fusion Middleware
Search vendor "Oracle" for product "Enterprise Manager For Fusion Middleware"
12.1.0.5
Search vendor "Oracle" for product "Enterprise Manager For Fusion Middleware" and version "12.1.0.5"
-
Affected
Oracle
Search vendor "Oracle"
Financial Services Analytical Applications Infrastructure
Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure"
>= 7.3.3 <= 7.3.5
Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure" and version " >= 7.3.3 <= 7.3.5"
-
Affected
Oracle
Search vendor "Oracle"
Financial Services Analytical Applications Infrastructure
Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure"
>= 8.0.0 <= 8.0.8
Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure" and version " >= 8.0.0 <= 8.0.8"
-
Affected
Oracle
Search vendor "Oracle"
Financial Services Compliance Regulatory Reporting
Search vendor "Oracle" for product "Financial Services Compliance Regulatory Reporting"
>= 8.0.6 <= 8.0.8
Search vendor "Oracle" for product "Financial Services Compliance Regulatory Reporting" and version " >= 8.0.6 <= 8.0.8"
-
Affected
Oracle
Search vendor "Oracle"
Financial Services Funds Transfer Pricing
Search vendor "Oracle" for product "Financial Services Funds Transfer Pricing"
>= 8.0.2 <= 8.0.7
Search vendor "Oracle" for product "Financial Services Funds Transfer Pricing" and version " >= 8.0.2 <= 8.0.7"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Core Banking
Search vendor "Oracle" for product "Flexcube Core Banking"
11.7.0
Search vendor "Oracle" for product "Flexcube Core Banking" and version "11.7.0"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Core Banking
Search vendor "Oracle" for product "Flexcube Core Banking"
11.8.0
Search vendor "Oracle" for product "Flexcube Core Banking" and version "11.8.0"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Core Banking
Search vendor "Oracle" for product "Flexcube Core Banking"
11.9.0
Search vendor "Oracle" for product "Flexcube Core Banking" and version "11.9.0"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Core Banking
Search vendor "Oracle" for product "Flexcube Core Banking"
11.10.0
Search vendor "Oracle" for product "Flexcube Core Banking" and version "11.10.0"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Private Banking
Search vendor "Oracle" for product "Flexcube Private Banking"
12.0.0
Search vendor "Oracle" for product "Flexcube Private Banking" and version "12.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Flexcube Private Banking
Search vendor "Oracle" for product "Flexcube Private Banking"
12.1.0
Search vendor "Oracle" for product "Flexcube Private Banking" and version "12.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Hospitality Guest Access
Search vendor "Oracle" for product "Hospitality Guest Access"
4.2.0
Search vendor "Oracle" for product "Hospitality Guest Access" and version "4.2.0"
-
Affected
Oracle
Search vendor "Oracle"
Hospitality Guest Access
Search vendor "Oracle" for product "Hospitality Guest Access"
4.2.1
Search vendor "Oracle" for product "Hospitality Guest Access" and version "4.2.1"
-
Affected
Oracle
Search vendor "Oracle"
Instantis Enterprisetrack
Search vendor "Oracle" for product "Instantis Enterprisetrack"
17.1
Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.1"
-
Affected
Oracle
Search vendor "Oracle"
Instantis Enterprisetrack
Search vendor "Oracle" for product "Instantis Enterprisetrack"
17.2
Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.2"
-
Affected
Oracle
Search vendor "Oracle"
Instantis Enterprisetrack
Search vendor "Oracle" for product "Instantis Enterprisetrack"
17.3
Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.3"
-
Affected
Oracle
Search vendor "Oracle"
Internet Directory
Search vendor "Oracle" for product "Internet Directory"
12.2.1.3.0
Search vendor "Oracle" for product "Internet Directory" and version "12.2.1.3.0"
-
Affected
Oracle
Search vendor "Oracle"
Internet Directory
Search vendor "Oracle" for product "Internet Directory"
12.2.1.4.0
Search vendor "Oracle" for product "Internet Directory" and version "12.2.1.4.0"
-
Affected
Oracle
Search vendor "Oracle"
Knowledge
Search vendor "Oracle" for product "Knowledge"
>= 8.6.0 <= 8.6.3
Search vendor "Oracle" for product "Knowledge" and version " >= 8.6.0 <= 8.6.3"
-
Affected
Oracle
Search vendor "Oracle"
Peoplesoft Enterprise Human Capital Management Human Resources
Search vendor "Oracle" for product "Peoplesoft Enterprise Human Capital Management Human Resources"
9.2
Search vendor "Oracle" for product "Peoplesoft Enterprise Human Capital Management Human Resources" and version "9.2"
-
Affected
Oracle
Search vendor "Oracle"
Peoplesoft Enterprise Peopletools
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"
8.56
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.56"
-
Affected
Oracle
Search vendor "Oracle"
Peoplesoft Enterprise Peopletools
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"
8.57
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.57"
-
Affected
Oracle
Search vendor "Oracle"
Peoplesoft Enterprise Peopletools
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"
8.58
Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.58"
-
Affected
Oracle
Search vendor "Oracle"
Policy Automation Connector For Siebel
Search vendor "Oracle" for product "Policy Automation Connector For Siebel"
10.4.6
Search vendor "Oracle" for product "Policy Automation Connector For Siebel" and version "10.4.6"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Gateway
Search vendor "Oracle" for product "Primavera Gateway"
16.2.11
Search vendor "Oracle" for product "Primavera Gateway" and version "16.2.11"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Gateway
Search vendor "Oracle" for product "Primavera Gateway"
17.12.6
Search vendor "Oracle" for product "Primavera Gateway" and version "17.12.6"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Unifier
Search vendor "Oracle" for product "Primavera Unifier"
>= 17.7 <= 17.12
Search vendor "Oracle" for product "Primavera Unifier" and version " >= 17.7 <= 17.12"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Unifier
Search vendor "Oracle" for product "Primavera Unifier"
16.1
Search vendor "Oracle" for product "Primavera Unifier" and version "16.1"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Unifier
Search vendor "Oracle" for product "Primavera Unifier"
16.2
Search vendor "Oracle" for product "Primavera Unifier" and version "16.2"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Unifier
Search vendor "Oracle" for product "Primavera Unifier"
18.8
Search vendor "Oracle" for product "Primavera Unifier" and version "18.8"
-
Affected
Oracle
Search vendor "Oracle"
Primavera Unifier
Search vendor "Oracle" for product "Primavera Unifier"
19.12
Search vendor "Oracle" for product "Primavera Unifier" and version "19.12"
-
Affected
Oracle
Search vendor "Oracle"
Rapid Planning
Search vendor "Oracle" for product "Rapid Planning"
12.1
Search vendor "Oracle" for product "Rapid Planning" and version "12.1"
-
Affected
Oracle
Search vendor "Oracle"
Rapid Planning
Search vendor "Oracle" for product "Rapid Planning"
12.2
Search vendor "Oracle" for product "Rapid Planning" and version "12.2"
-
Affected
Oracle
Search vendor "Oracle"
Real-time Decision Server
Search vendor "Oracle" for product "Real-time Decision Server"
3.2.1.0
Search vendor "Oracle" for product "Real-time Decision Server" and version "3.2.1.0"
-
Affected
Oracle
Search vendor "Oracle"
Retail Order Broker
Search vendor "Oracle" for product "Retail Order Broker"
15.0
Search vendor "Oracle" for product "Retail Order Broker" and version "15.0"
-
Affected
Oracle
Search vendor "Oracle"
Retail Order Broker
Search vendor "Oracle" for product "Retail Order Broker"
16.0
Search vendor "Oracle" for product "Retail Order Broker" and version "16.0"
-
Affected
Oracle
Search vendor "Oracle"
Retail Order Broker
Search vendor "Oracle" for product "Retail Order Broker"
18.0
Search vendor "Oracle" for product "Retail Order Broker" and version "18.0"
-
Affected
Oracle
Search vendor "Oracle"
Retail Xstore Point Of Service
Search vendor "Oracle" for product "Retail Xstore Point Of Service"
7.1
Search vendor "Oracle" for product "Retail Xstore Point Of Service" and version "7.1"
-
Affected
Oracle
Search vendor "Oracle"
Secure Global Desktop
Search vendor "Oracle" for product "Secure Global Desktop"
5.4
Search vendor "Oracle" for product "Secure Global Desktop" and version "5.4"
-
Affected
Oracle
Search vendor "Oracle"
Secure Global Desktop
Search vendor "Oracle" for product "Secure Global Desktop"
5.5
Search vendor "Oracle" for product "Secure Global Desktop" and version "5.5"
-
Affected
Oracle
Search vendor "Oracle"
Siebel Ui Framework
Search vendor "Oracle" for product "Siebel Ui Framework"
<= 21.0
Search vendor "Oracle" for product "Siebel Ui Framework" and version " <= 21.0"
-
Affected
Oracle
Search vendor "Oracle"
Tuxedo
Search vendor "Oracle" for product "Tuxedo"
12.1.1.0.0
Search vendor "Oracle" for product "Tuxedo" and version "12.1.1.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Tuxedo
Search vendor "Oracle" for product "Tuxedo"
12.1.3
Search vendor "Oracle" for product "Tuxedo" and version "12.1.3"
-
Affected
Oracle
Search vendor "Oracle"
Webcenter Portal
Search vendor "Oracle" for product "Webcenter Portal"
12.2.1.3.0
Search vendor "Oracle" for product "Webcenter Portal" and version "12.2.1.3.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected