Vulnerabilities > CVE-2021-27568 - Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

json-smart-project

oracle

CWE-754

NVD

Published: 2021-02-23

Updated: 2023-11-07

Summary

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Json-Smart_Project Json Smart Project Json Smart V1 - Json Smart Project Json Smart V1 1.3.1 Json Smart Project Json Smart V2 - Json Smart Project Json Smart V2 2.2 Json Smart Project Json Smart V2 2.2.1 Json Smart Project Json Smart V2 2.2.2 Json Smart Project Json Smart V2 2.3 Json Smart Project Json Smart V2 2.4	8
Application	Oracle Oracle Weblogic Server 12.2.1.3.0 Oracle Weblogic Server 12.2.1.4.0 Oracle Weblogic Server 14.1.1.0.0 Oracle Utilities Framework 4.4.0.0.0 Oracle Utilities Framework 4.4.0.2.0 Oracle Utilities Framework 4.4.0.3.0 Oracle Peoplesoft Enterprise Peopletools 8.58 Oracle Peoplesoft Enterprise Peopletools 8.59 Oracle Communications Cloud Native Core Policy 1.14.0 Oracle OSS Support Tools - Oracle OSS Support Tools 2.11.33 Oracle OSS Support Tools 2.12.41	12

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References