CVE-2019-0227
Description
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
90.687
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1.7 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.2.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Analytics 12.0.1 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.56 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.57 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.58 | Windows |
| Multiple vulnerabilities are affected in Oracle Communications Order and Service Management 7.3 | Windows |
| Multiple vulnerabilities are affected in Oracle Communications Order and Service Management 7.4 | Windows |
| Vulnerabilities CVE-2019-0227 are affected in Oracle Agile PLM Framework 9.3.3 | Windows |
| Multiple vulnerabilities are affected in Oracle BI Publisher 12.2.1.3.0 | Windows |
| Multiple vulnerabilities are affected in Oracle BI Publisher 12.2.1.4.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Verify Directory Integrator 7.2.0 | Windows |
| Vulnerabilities CVE-2012-5784,CVE-2014-3596,CVE-2019-0227,CVE-2018-8032,CVE-2023-40743 are affected in Apache - axis 1.4 | Windows |
| Vulnerabilities CVE-2012-5784,CVE-2014-3596,CVE-2019-0227,CVE-2018-8032,CVE-2023-40743 are affected in Axis - axis 1.4 | Windows |
| Vulnerabilities CVE-2012-5784,CVE-2014-3596,CVE-2019-0227,CVE-2018-8032,CVE-2023-40743 are affected in Apache - axis for Linux 1.4 | Linux |
| Vulnerabilities CVE-2012-5784,CVE-2014-3596,CVE-2019-0227,CVE-2018-8032,CVE-2023-40743 are affected in Axis - axis for Linux 1.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234