Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBCENTER_SITES_OCT_2015_CPU.NASL
HistoryOct 23, 2015 - 12:00 a.m.

Oracle WebCenter Sites Multiple Vulnerabilities (October 2015 CPU)

2015-10-2300:00:00
This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.8%

JSON

The version Oracle WebCenter Sites installed on the remote host is missing security patches from the October 2015 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities :

  • A flaw exists in the bundled SpringSource Spring Framework that allows a remote attacker to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by an URL of a crafted .jar file. (CVE-2010-1622)

  • An unspecified flaw exists in the Security subcomponent that allows a remote attacker to impact integrity.
    (CVE-2015-4799)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(86577);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id("CVE-2010-1622", "CVE-2015-4799");
  script_bugtraq_id(40954);

  script_name(english:"Oracle WebCenter Sites Multiple Vulnerabilities (October 2015 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The website content management system installed on the remote host is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version Oracle WebCenter Sites installed on the remote host is
missing security patches from the October 2015 Critical Patch Update
(CPU). It is, therefore, affected by multiple vulnerabilities :

  - A flaw exists in the bundled SpringSource Spring
    Framework that allows a remote attacker to execute
    arbitrary code via an HTTP request containing
    class.classLoader.URLs[0]=jar: followed by an URL of a
    crafted .jar file. (CVE-2010-1622)

  - An unspecified flaw exists in the Security subcomponent
    that allows a remote attacker to impact integrity.
    (CVE-2015-4799)");
  # http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75a4a4fb");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2015 Oracle
Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-1622");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/10/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_webcenter_sites_installed.nbin");
  script_require_keys("SMB/WebCenter_Sites/Installed");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("smb_func.inc");
include("misc_func.inc");

port = kb_smb_transport();

get_kb_item_or_exit('SMB/WebCenter_Sites/Installed');

versions = get_kb_list('SMB/WebCenter_Sites/*/Version');
if (isnull(versions)) exit(1, 'Unable to obtain a version list for Oracle WebCenter Sites.');

report = '';

foreach key (keys(versions))
{
  fix = '';

  version = versions[key];
  revision = get_kb_item(key - '/Version' + '/Revision');
  path = get_kb_item(key - '/Version' + '/Path');

  if (isnull(version) || isnull(revision)) continue;

  # Patch 21494888 - 11.1.1.8.0 < Revision 172153
  if (version =~ "^11\.1\.1\.8\.0$" && revision < 172153)
    fix = '\n  Fixed revision : 172153' +
          '\n  Required patch : 21494888';

  # Patch 21494867 - 11.1.1.6.1 < Revision 172158
  if (version =~ "^11\.1\.1\.6\.1$" && revision < 172158)
    fix = '\n  Fixed revision : 172158' +
          '\n  Required patch : 21494867';

  # Patch 21834997 - 7.6.2 < Revision 179663
  if (version =~ "^7\.6\.2(\.|$)" && revision < 179663)
    fix = '\n  Fixed revision : 179663' +
          '\n  Required patch : 21834997';

  if (fix != '')
  {
    if (!isnull(path)) report += '\n  Path           : ' + path;
    report += '\n  Version        : ' + version +
              '\n  Revision       : ' + revision +
              fix + '\n';
  }
}

if (report != '')
{
  if (report_verbosity > 0) security_warning(port:port, extra:report);
  else security_warning(port);
}
else audit(AUDIT_INST_VER_NOT_VULN, "Oracle WebCenter Sites");
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware

Related

prion 2
nvd 2
cvelist 2
exploitpack 1
seebug 2
osv 1
securityvulns 3
cve 2
checkpoint_advisories 1
github 1
exploitdb 1
githubexploit 1
thn 1
cisa 1
securelist 1
avleonov 1
mmpc 1
mssecure 1
trellix 2
checkpoint_security 1
ibm 3
oracle 1
prion
prion
Security feature bypass
2015-10-21 21:59:00
Code injection
2010-06-21 16:30:00
nvd
nvd
CVE-2015-4799
2015-10-21 21:59:16
CVE-2010-1622
2010-06-21 16:30:01
cvelist
cvelist
CVE-2015-4799
2015-10-21 21:00:00
CVE-2010-1622
2010-06-21 16:00:00
exploitpack
exploitpack
Spring Framework - Arbitrary code Execution
2010-06-18 00:00:00
seebug
seebug
Spring Framework class.classLoaderη±»θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2010-06-21 00:00:00
Spring Framework arbitrary code execution
2014-07-01 00:00:00
osv
osv
Improper Control of Generation of Code ('Code Injection') in Spring Framework
2022-05-17 03:28:34
securityvulns
securityvulns
CVE-2010-1622: Spring Framework execution of arbitrary code
2010-06-20 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2010-06-20 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-11-02 00:00:00
cve
cve
CVE-2015-4799
2015-10-21 21:59:16
CVE-2010-1622
2010-06-21 16:30:01
checkpoint_advisories
checkpoint_advisories
VMware SpringSource Spring Framework class.classloader Remote Code Execution (CVE-2010-1622)
2011-06-07 00:00:00
github
github
Improper Control of Generation of Code ('Code Injection') in Spring Framework
2022-05-17 03:28:34
exploitdb
exploitdb
Spring Framework - Arbitrary code Execution
2010-06-18 00:00:00
githubexploit
githubexploit
Exploit for CVE-2022-22965
2022-04-05 09:35:41
thn
thn
Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security
2022-03-31 05:52:00
cisa
cisa
Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities
2022-04-01 00:00:00
securelist
securelist
Spring4Shell (CVE-2022-22965): details and mitigations
2022-04-04 15:30:36
avleonov
avleonov
Spring4Shell, Spring Cloud Function RCE and Spring Cloud Gateway Code Injection
2022-04-03 00:15:45
mmpc
mmpc
SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965
2022-04-05 01:11:24
mssecure
mssecure
SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965
2022-04-05 01:11:24
trellix
trellix
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
The Bug Report – April 2022 Edition
2022-05-04 00:00:00
checkpoint_security
checkpoint_security
Check Point Response to Spring Vulnerabilities CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, CVE-2022-22965 (Spring4Shell) and CVE-2022-22950
2022-03-30 21:41:02
ibm
ibm
Security Bulletin: IBM Security Directory Integrator is affected by multiple security vulnerabilities
2023-06-22 16:30:54
Security Bulletin: IBM Security Directory Suite is vulnerable to multiple issues
2023-06-06 18:05:17
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities
2019-02-18 14:10:01
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.8%

JSON
Related for ORACLE_WEBCENTER_SITES_OCT_2015_CPU.NASL
prion2nvd2cvelist2exploitpack1seebug2osv1securityvulns3cve2checkpoint_advisories1github1exploitdb1githubexploit1thn1cisa1securelist1avleonov1mmpc1mssecure1trellix2checkpoint_security1ibm3oracle1