CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Usu: >> Oracle Optimization >> 5.16.2 Security Vulnerabilities

CVE-2022-29934

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

CVSS Score

7.8

EPSS Score

0.0

Published

2022-04-29

CVE-2022-29936

USU Oracle Optimization before 5.17 allows authenticated quantum users to achieve remote code execution because of /v2/quantum/save-data-upload-big-file Java deserialization. NOTE: this is not an Oracle Corporation product.

CVSS Score

8.8

EPSS Score

0.018

Published

2022-04-29

Page 1

Vulnerabilities

Vulnerable Software

Usu: >> Oracle Optimization >> 5.16.2 Security Vulnerabilities

Products

Pricing

Contact Us