U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2018-1000632

Change History

Modified Analysis by NIST 7/23/2020 10:19:21 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
          *cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
          *cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*
     *cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:redhat:satellite:6.6:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:satellite_capsule:6.6:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.1
OR
     *cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* versions from (including) 2.0.0 up to (excluding) 2.0.3
     *cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* versions from (including) 2.1.0 up to (excluding) 2.1.1
Changed CPE Configuration
OR
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from (including) 16.1.0.0 up to (including) 16.2.20.1
     *cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from (including) 17.1.0.0 up to (including) 17.12.17.1
     *cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from (including) 18.1.0.0 up to (including) 18.8.19.0
     *cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from (including) 19.12.0.0 up to (including) 19.12.6.0
     *cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:utilities_framework:2.2.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.2.0 up to (including) 4.3.0.6.0
     *cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:utilities_framework:4.4.0.2:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Removed CVSS V2
NIST (AV:N/AC:L/Au:N/C:N/I:P/A:P)

								
						
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

								
						
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Changed Reference Type
https://access.redhat.com/errata/RHSA-2019:1159 No Types Assigned
https://access.redhat.com/errata/RHSA-2019:1159 Third Party Advisory
Changed Reference Type
https://access.redhat.com/errata/RHSA-2019:1160 No Types Assigned
https://access.redhat.com/errata/RHSA-2019:1160 Third Party Advisory
Changed Reference Type
https://access.redhat.com/errata/RHSA-2019:1161 No Types Assigned
https://access.redhat.com/errata/RHSA-2019:1161 Third Party Advisory
Changed Reference Type
https://access.redhat.com/errata/RHSA-2019:1162 No Types Assigned
https://access.redhat.com/errata/RHSA-2019:1162 Third Party Advisory
Changed Reference Type
https://access.redhat.com/errata/RHSA-2019:3172 No Types Assigned
https://access.redhat.com/errata/RHSA-2019:3172 Third Party Advisory
Changed Reference Type
https://github.com/dom4j/dom4j/issues/48 Patch, Third Party Advisory
https://github.com/dom4j/dom4j/issues/48 Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/00571f362a7a2470fba50a31282c65637c40d2e21ebe6ee535a4ed74@%3Ccommits.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/00571f362a7a2470fba50a31282c65637c40d2e21ebe6ee535a4ed74@%3Ccommits.maven.apache.org%3E Mailing List, Patch, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/4a77652531d62299a30815cf5f233af183425db8e3c9a824a814e768@%3Cdev.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/4a77652531d62299a30815cf5f233af183425db8e3c9a824a814e768@%3Cdev.maven.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/5a020ecaa3c701f408f612f7ba2ee37a021644c4a39da2079ed3ddbc@%3Ccommits.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/5a020ecaa3c701f408f612f7ba2ee37a021644c4a39da2079ed3ddbc@%3Ccommits.maven.apache.org%3E Mailing List, Patch, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/7e9e78f0e4288fac6591992836d2a80d4df19161e54bd71ab4b8e458@%3Cdev.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/7e9e78f0e4288fac6591992836d2a80d4df19161e54bd71ab4b8e458@%3Cdev.maven.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/7f6e120e6ed473f4e00dde4c398fc6698eb383bd7857d20513e989ce@%3Cdev.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/7f6e120e6ed473f4e00dde4c398fc6698eb383bd7857d20513e989ce@%3Cdev.maven.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/9d4c1af6f702c3d6d6f229de57112ddccac8ce44446a01b7937ab9e0@%3Ccommits.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/9d4c1af6f702c3d6d6f229de57112ddccac8ce44446a01b7937ab9e0@%3Ccommits.maven.apache.org%3E Mailing List, Patch, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/d7d960b2778e35ec9b4d40c8efd468c7ce7163bcf6489b633491c89f@%3Cdev.maven.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/d7d960b2778e35ec9b4d40c8efd468c7ce7163bcf6489b633491c89f@%3Cdev.maven.apache.org%3E Mailing List, Third Party Advisory
Changed Reference Type
https://security.netapp.com/advisory/ntap-20190530-0001/ No Types Assigned
https://security.netapp.com/advisory/ntap-20190530-0001/ Third Party Advisory
Changed Reference Type
https://www.oracle.com/security-alerts/cpuapr2020.html No Types Assigned
https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
Changed Reference Type
https://www.oracle.com/security-alerts/cpujul2020.html No Types Assigned
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory