Vulnerabilities > Oracle > Communications Billing AND Revenue Management > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-01	CVE-2021-22890	Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. network high complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-290	3.7
2020-12-14	CVE-2020-8284	A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. network high complexity haxx fedoraproject debian netapp apple oracle fujitsu siemens splunk	3.7
2020-04-27	CVE-2020-9488	Improper Certificate Validation vulnerability in multiple products Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. network high complexity apache oracle debian qos CWE-295	3.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.