Vulnerability Change Records for CVE-2016-1181

Change History

CVE Modified by JPCERT/CC 1/15/2020 3:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/security-alerts/cpujan2020.html [No Types Assigned]

CVE Modified by JPCERT/CC 10/16/2018 9:29:39 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html [No Types Assigned]

CVE Modified by JPCERT/CC 1/18/2018 1:18:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html [No Types Assigned]

CVE Modified by JPCERT/CC 7/23/2019 7:15:20 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html [No Types Assigned]

CVE Modified by JPCERT/CC 7/18/2018 9:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html [No Types Assigned]

Modified Analysis 2/05/2019 12:42:07 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions from (including) 1.1 up to (including) 1.3.10
Changed Reference Type
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096 VDB Entry, Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096 Third Party Advisory, VDB Entry, Vendor Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Patch, Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch
Changed Reference Type
http://www.securityfocus.com/bid/91068 No Types Assigned
http://www.securityfocus.com/bid/91068 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1036056 No Types Assigned
http://www.securitytracker.com/id/1036056 Third Party Advisory, VDB Entry
Changed Reference Type
https://security.netapp.com/advisory/ntap-20180629-0006/ No Types Assigned
https://security.netapp.com/advisory/ntap-20180629-0006/ Third Party Advisory
Changed Reference Type
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html No Types Assigned
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch

CVE Modified by JPCERT/CC 10/19/2017 9:29:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]

CVE Modified by JPCERT/CC 1/16/2019 2:29:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html [No Types Assigned]

CVE Modified by JPCERT/CC 8/08/2017 9:29:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [No Types Assigned]

CVE Modified by JPCERT/CC 11/28/2016 2:58:19 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/91068 [No Types Assigned]

Initial CVE Analysis 7/06/2016 10:38:33 AM

Action Type Old Value New Value

CVE Modified by JPCERT/CC 4/23/2019 3:29:29 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html [No Types Assigned]

CVE Modified by Source 10/25/2016 10:2:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

CVE Modified by JPCERT/CC 7/14/2020 11:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.oracle.com/security-alerts/cpujul2020.html [No Types Assigned]

CVE Modified by Source 7/21/2016 10:0:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

CVE Modified by Source 8/08/2016 9:59:52 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/91787

CVE Modified by JPCERT/CC 6/30/2018 9:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20180629-0006/ [No Types Assigned]

Modified Analysis 11/15/2016 7:34:37 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
Configuration 1
     OR
          *cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
Changed Reference Type
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html No Types Assigned
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory

Modified Analysis 7/06/2016 7:21:14 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NVD-CWE-noinfo
Changed Reference Type
http://jvn.jp/en/jp/JVN03188560/index.html No Types Assigned
http://jvn.jp/en/jp/JVN03188560/index.html Advisory
Changed Reference Type
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096 No Types Assigned
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096 Advisory

Reanalysis 2/13/2019 3:21:35 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions from (including) 1.1 up to (including) 1.3.10
OR
     *cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
     *cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*

CVE Modified by JPCERT/CC 8/31/2017 9:29:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036056 [No Types Assigned]