Oracle Micros Relate Crm Software
By the Year
In 2023 there have been 0 vulnerabilities in Oracle Micros Relate Crm Software . Micros Relate Crm Software did not have any published security vulnerabilities last year.
It may take a day or so for new Micros Relate Crm Software vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oracle Micros Relate Crm Software Security Vulnerabilities
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29
7.5 - High
- December 23, 2019
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.
The URL pattern of "" (the empty string)
5.9 - Medium
- February 28, 2018
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4
6.5 - Medium
- February 23, 2018
Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Oracle? Click the Watch button to subscribe.