CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-29936

USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://github.com/orangecertcc/security-research/security/advisories/GHSA-rj5c-j274-vw7g
https://github.com/orangecertcc/security-research/security/advisories/GHSA-rj5c-j274-vw7g

Products affected by CVE-2022-29936

Usu » Oracle Optimization » Version: 5.16.2

cpe:2.3:a:usu:oracle_optimization:5.16.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29936

Products

Pricing

Contact Us