Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL
HistoryMay 15, 2019 - 12:00 a.m.

Oracle Enterprise Manager Ops Center (Apr 2019 CPU)

2019-05-1500:00:00
This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
JSON

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:

  • A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.
    (CVE-2016-1000031)

  • An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack.
    An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734)

  • A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect.
    This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.
    (CVE-2018-11763).

  • Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform. (CVE-2018-1258)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(125147);
  script_version("1.2");
  script_cvs_date("Date: 2019/05/17  9:44:17");

  script_cve_id(
    "CVE-2016-1000031",
    "CVE-2018-0161",
    "CVE-2018-0734",
    "CVE-2018-0735",
    "CVE-2018-5407",
    "CVE-2018-11763",
    "CVE-2017-9798",
    "CVE-2018-1258",
    "CVE-2018-11039",
    "CVE-2018-11040",
    "CVE-2018-1257",
    "CVE-2018-15756"
  );

  script_bugtraq_id(
    93604,
    100872,
    103573,
    104222,
    104260,
    105414,
    105703,
    105750,
    105758,
    105897,
    107984,
    107986
  );
  script_xref(name:"IAVA", value:"2019-A-0130");

  script_name(english:"Oracle Enterprise Manager Ops Center (Apr 2019 CPU)");
  script_summary(english:"Checks for the patch ID.");
  script_set_attribute(attribute:"synopsis", value:
"An enterprise management application installed on the remote host is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle Enterprise Manager Cloud Control installed on
the remote host is affected by multiple vulnerabilities in
Enterprise Manager Base Platform component:

  - A deserialization vulnerability in Apache Commons
    FileUpload allows for remote code execution.
    (CVE-2016-1000031)

  - An information disclosure vulnerability exists in OpenSSL
    due to the potential for a side-channel timing attack.
    An unauthenticated attacker can exploit this to disclose
    potentially sensitive information. (CVE-2018-0734)

  - A denial of service (DoS) vulnerability exists in Apache
    HTTP Server 2.4.17 to 2.4.34, due to a design error. An
    unauthenticated, remote attacker can exploit this issue
    by sending continuous, large SETTINGS frames to cause a
    client to occupy a connection, server thread and CPU
    time without any connection timeout coming to effect.
    This affects only HTTP/2 connections. A possible
    mitigation is to not enable the h2 protocol.
    (CVE-2018-11763).

  - Networking component of Enterprise Manager Base Platform
    (Spring Framework) is easily exploited and may allow an
    unauthenticated, remote attacker to takeover the
    Enterprise Manager Base Platform. (CVE-2018-1258)

");
  # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9166970d");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2019
Oracle Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1000031");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:enterprise_manager_ops_center");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_enterprise_manager_ops_center_installed.nbin");
  script_require_keys("installed_sw/Oracle Enterprise Manager Ops Center");

  exit(0);
}

include('global_settings.inc');
include('misc_func.inc');
include('install_func.inc');

get_kb_item_or_exit('Host/local_checks_enabled');
app_name = 'Oracle Enterprise Manager Ops Center';

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
version = install['version'];
version_full = install['Full Patch Version'];
path = install['path'];
patch_version = install['Patch Version'];


patchid = NULL;
fix = NULL;

if (version_full =~ "^12\.3\.3\.")
{
  patchid = '29623885';
  fix = '1819';
} 

if (isnull(patchid))
  audit(AUDIT_HOST_NOT, 'affected');

if (ver_compare(ver:patch_version, fix:fix, strict:FALSE) != -1)
  audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_full, path);

report = 
  '\n Path                : ' + path + 
  '\n Version             : ' + version + 
  '\n Ops Agent Version   : ' + version_full + 
  '\n Current Patch       : ' + patch_version + 
  '\n Fixed Patch Version : ' + fix +
  '\n Fix                 : ' + patchid;

security_report_v4(extra:report, severity:SECURITY_HOLE, port:0);
VendorProductVersionCPE
oracleenterprise_manager_ops_centercpe:/a:oracle:enterprise_manager_ops_center

Related

nessus 49
ibm 61
photon 3
cloudfoundry 1
openvas 29
ubuntu 1
debian 4
osv 7
oraclelinux 4
redhat 2
archlinux 4
ubuntucve 2
centos 1
f5 2
suse 4
freebsd 3
slackware 1
altlinux 1
mageia 1
aix 1
symantec 2
fedora 1
atlassian 4
prion 2
debiancve 2
cve 2
redhatcve 1
veracode 1
github 2
nodejsblog 1
nessus
nessus
Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)
2019-04-18 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : OpenSSL vulnerabilities (USN-3840-1)
2018-12-07 00:00:00
Photon OS 1.0: Openssl PHSA-2018-1.0-0199
2019-02-07 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Spectrum Protect Plus (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)
2020-02-22 00:05:46
Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)
2022-04-27 10:54:18
Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities
2019-03-29 11:00:02
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0199
2018-12-14 00:00:00
Moderate Photon OS Security Update - PHSA-2018-0199
2018-12-14 00:00:00
Important Photon OS Security Update - PHSA-2018-0113
2018-12-11 00:00:00
cloudfoundry
cloudfoundry
USN-3840-1: OpenSSL vulnerabilities | Cloud Foundry
2018-12-27 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3840-1)
2018-12-07 00:00:00
Debian: Security Advisory (DLA-2635-1)
2021-04-24 00:00:00
Debian: Security Advisory (DLA-1586-1)
2018-11-21 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2018-12-06 00:00:00
debian
debian
[SECURITY] [DLA 2635-1] libspring-java security update
2021-04-23 18:29:29
[SECURITY] [DLA 1586-1] openssl security update
2018-11-21 21:43:46
[SECURITY] [DSA 4348-1] openssl security update
2018-11-30 22:26:20
osv
osv
libspring-java - security update
2021-04-23 00:00:00
openssl - security update
2018-11-21 00:00:00
openssl - security update
2018-11-30 00:00:00
oraclelinux
oraclelinux
openssl security update
2019-08-19 00:00:00
openssl security and bug fix update
2019-08-13 00:00:00
openssl bug fix update
2021-04-06 00:00:00
redhat
redhat
(RHSA-2019:0483) Moderate: openssl security and bug fix update
2019-03-12 08:21:31
(RHSA-2019:3700) Low: openssl security, bug fix, and enhancement update
2019-11-05 20:52:19
archlinux
archlinux
[ASA-201812-6] lib32-openssl: private key recovery
2018-12-08 00:00:00
[ASA-201812-5] openssl: private key recovery
2018-12-08 00:00:00
[ASA-201812-7] lib32-openssl-1.0: private key recovery
2018-12-08 00:00:00
ubuntucve
ubuntucve
CVE-2018-0735
2018-10-29 00:00:00
CVE-2018-15756
2018-10-18 00:00:00
centos
centos
openssl security update
2019-03-19 14:32:25
f5
f5
K43741620 : OpenSSL vulnerabilities CVE-2018-0734 and CVE-2018-0735
2018-12-15 00:00:00
K25206238 : Apache Commons FileUpload vulnerability CVE-2016-1000031
2018-04-02 00:00:00
suse
suse
Security update for openssl-1_1 (moderate)
2018-11-24 18:11:36
Security update for openssl-1_0_0 (moderate)
2018-12-08 15:08:25
Security update for openssl (moderate)
2018-11-24 18:18:01
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities in 1.1 branch
2018-10-29 00:00:00
Axis2 -- Security vulnerability on dependency Apache Commons FileUpload
2016-11-14 00:00:00
node.js -- multiple vulnerabilities
2018-11-27 00:00:00
slackware
slackware
[slackware-security] openssl
2018-11-22 06:43:55
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.2q-alt1
2018-12-19 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2018-11-27 18:26:11
aix
aix
There are vulnerabilities in OpenSSL used by AIX.
2018-12-11 09:37:36
symantec
symantec
OpenSSL Vulnerabilities Oct 2018 - Jul 2019
2019-09-05 08:00:00
Spring Framework CVE-2018-15756 Denial-Of-Service Vulnerability
2018-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: openssl-1.1.1a-1.fc29
2019-01-18 02:14:55
atlassian
atlassian
Fisheye had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031
2019-02-14 22:03:17
Fisheye had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031
2019-02-14 22:03:17
Crucible had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031
2019-02-14 21:59:23
prion
prion
Remote code execution
2016-10-25 14:29:00
Denial of service
2018-10-18 22:29:00
debiancve
debiancve
CVE-2018-15756
2018-10-18 22:29:00
CVE-2016-1000031
2016-10-25 14:29:00
cve
cve
CVE-2018-15756
2018-10-18 22:29:00
CVE-2016-1000031
2016-10-25 14:29:00
redhatcve
redhatcve
CVE-2018-15756
2018-10-25 12:49:01
veracode
veracode
Denial Of Service (DoS)
2018-10-19 02:43:50
github
github
Denial of Service in Spring Framework
2020-06-15 19:34:50
Improper Access Control in commons-fileupload
2018-12-21 17:51:51
nodejsblog
nodejsblog
November 2018 Security Releases
2018-11-28 00:00:00
JSON
Related for ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL
nessus49ibm61photon3cloudfoundry1openvas29ubuntu1debian4osv7oraclelinux4redhat2archlinux4ubuntucve2centos1f52suse4freebsd3slackware1altlinux1mageia1aix1symantec2fedora1atlassian4prion2debiancve2cve2redhatcve1veracode1github2nodejsblog1