apache axis CVE-2019-0227 in Apache and Oracle Products
Published on May 1, 2019

product logo product logo
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.

NVD


Products Associated with CVE-2019-0227

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-0227 are published in these products:

Apache Axis
 
Oracle Agile Product Lifecycle Management Framework
 
Oracle Application Testing Suite
 
Oracle Communications Order Service Management
 
Oracle Endeca Information Discovery Studio
 
Oracle Enterprise Manager Base Platform
 
Oracle Enterprise Manager Fusion Middleware
 
Oracle Financial Services Analytical Applications Infrastructure
 
Oracle Financial Services Funds Transfer Pricing
 
Oracle Hospitality Guest Access
 
Oracle Instantis Enterprisetrack
 
Oracle Knowledge
 
Oracle Peoplesoft Enterprise Human Capital Management Human Resources
 
Oracle Peoplesoft Enterprise Peopletools
 
Oracle Policy Automation Connector Siebel
 
Oracle Primavera Unifier
 
Oracle Retail Order Broker
 
Oracle Retail Xstore Point Of Service
 
Oracle Secure Global Desktop
 
Oracle Tuxedo
 
Oracle Webcenter Portal
 
Oracle Agile Engineering Data Management
 
Oracle Big Data Discovery
 
Oracle Communications Asap Cartridges
 
Oracle Communications Design Studio
 
Oracle Communications Element Manager
 
Oracle Flexcube Private Banking
 
Oracle Communications Session Report Manager
 
Oracle Communications Session Route Manager
 
Oracle Financial Services Compliance Regulatory Reporting
 
Oracle Communications Network Integrity
 
Oracle Rapid Planning
 
Oracle Primavera Gateway
 
Oracle Real Time Decision Server
 
Oracle Flexcube Core Banking
 
Oracle Siebel Ui Framework
 
Oracle Internet Directory
 
Oracle Agile Product Lifecycle Management
 

Affected Versions

Apache Axis 1.4 Version Apache Axis 1.4 is affected by CVE-2019-0227

Exploit Probability

EPSS
90.69%
Percentile
99.61%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.