CVE-2020-26185

Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:database:21c:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:security_service:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*

History

29 Nov 2022, 02:48

Type Values Removed Values Added
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
CPE cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:security_service:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database:21c:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*

25 Jul 2022, 18:15

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

08 Jun 2022, 19:44

Type Values Removed Values Added
CPE cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
References (CONFIRM) https://www.dell.com/support/article/en-us/sln322935/dsa-2020-245-dell-bsafe-micro-edition-suite-multiple-vulnerabilities?lang=en - (CONFIRM) https://www.dell.com/support/article/en-us/sln322935/dsa-2020-245-dell-bsafe-micro-edition-suite-multiple-vulnerabilities?lang=en - Patch, Vendor Advisory
CWE CWE-125
CVSS v2 : unknown
v3 : unknown
v2 : 5.0
v3 : 7.5

01 Jun 2022, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-01 15:15

Updated : 2024-02-04 22:29


NVD link : CVE-2020-26185

Mitre link : CVE-2020-26185

CVE.ORG link : CVE-2020-26185


JSON object : View

Products Affected

oracle

  • weblogic_server_proxy_plug-in
  • database
  • http_server
  • security_service

dell

  • bsafe_micro-edition-suite
CWE
CWE-125

Out-of-bounds Read

CWE-20

Improper Input Validation