Oracle Enterprise Manager Ops Center (Jan 2019 CPU)

2019-11-21T00:00:00
ID ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL
Type nessus
Reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2020-03-02T00:00:00

Description

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:

  • An unspecified vulnerability in the subcomponent Networking (jQuery) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. A successful attacks requires human interaction and can result in unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data. (CVE-2015-9251)

  • An unspecified vulnerability in the subcomponent Networking (OpenSSL) of the Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTPS to compromise Enterprise Manager Ops Center. A successful attack of this vulnerability could result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Ops Center. (CVE-2018-0732)

  • An unspecified vulnerability in the subcomponent Networking (cURL) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. A successful attack requires human interaction from a person other than the attacker and can result in takeover of Enterprise Manager Ops Center. (CVE-2018-1000300)

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(131184);
  script_version("1.2");
  script_cvs_date("Date: 2019/11/22");

  script_cve_id(
    "CVE-2015-9251",
    "CVE-2017-3735",
    "CVE-2017-3736",
    "CVE-2017-3738",
    "CVE-2018-0732",
    "CVE-2018-0733",
    "CVE-2018-0737",
    "CVE-2018-0739",
    "CVE-2018-1000120",
    "CVE-2018-1000121",
    "CVE-2018-1000122",
    "CVE-2018-1000300",
    "CVE-2018-1000301"
  );

  script_name(english:"Oracle Enterprise Manager Ops Center (Jan 2019 CPU)");
  script_summary(english:"Checks for the patch ID.");

  script_set_attribute(attribute:"synopsis", value:
"An enterprise management application installed on the remote host is
affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle Enterprise Manager Cloud Control installed on
the remote host is affected by multiple vulnerabilities in
Enterprise Manager Base Platform component:

  - An unspecified vulnerability in the subcomponent Networking
    (jQuery) of Enterprise Manager Ops Center. Supported versions
    that are affected are 12.2.2 and 12.3.3. An easy to exploit
    vulnerability could allow an unauthenticated attacker with
    network access via HTTP to compromise Enterprise Manager Ops
    Center. A successful attacks requires human interaction and
    can result in unauthorized update, insert or delete access
    to some of Enterprise Manager Ops Center accessible data.
    (CVE-2015-9251)

  - An unspecified vulnerability in the subcomponent Networking
    (OpenSSL) of the Enterprise Manager Ops Center. Supported
    versions that are affected are 12.2.2 and 12.3.3. An easy
    to exploit vulnerability could allow an unauthenticated
    attacker with network access via HTTPS to compromise
    Enterprise Manager Ops Center. A successful attack of this
    vulnerability could result in unauthorized ability to cause
    a hang or frequently repeatable crash (complete DOS) of
    Enterprise Manager Ops Center. (CVE-2018-0732)

  - An unspecified vulnerability in the subcomponent Networking
    (cURL) of Enterprise Manager Ops Center. Supported versions
    that are affected are 12.2.2 and 12.3.3. Difficult to exploit
    vulnerability allows unauthenticated attacker with network
    access via HTTP to compromise Enterprise Manager Ops Center.
    A successful attack requires human interaction from a person
    other than the attacker and can result in takeover of
    Enterprise Manager Ops Center. (CVE-2018-1000300)");
  # https://www.oracle.com/security-alerts/cpujan2019.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?69d7e6bf");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the January 2019
Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1000300");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:enterprise_manager_ops_center");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_enterprise_manager_ops_center_installed.nbin");
  script_require_keys("installed_sw/Oracle Enterprise Manager Ops Center");

  exit(0);
}

include('global_settings.inc');
include('misc_func.inc');
include('install_func.inc');

get_kb_item_or_exit('Host/local_checks_enabled');
app_name = 'Oracle Enterprise Manager Ops Center';

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
version = install['version'];
version_full = install['Full Patch Version'];
path = install['path'];
patch_version = install['Patch Version'];


patchid = NULL;
fix = NULL;

if (version_full =~ "^12\.2\.2\.")
{
  patchid = '29215911';
  fix = '1133';
} 
else if (version_full =~ "^12\.3\.3\.")
{
  patchid = '29215911';
  fix = '1817';
}

if (isnull(patchid))
  audit(AUDIT_HOST_NOT, 'affected');

if (ver_compare(ver:patch_version, fix:fix, strict:FALSE) != -1)
  audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_full, path);

report = 
  '\n Path                : ' + path + 
  '\n Version             : ' + version + 
  '\n Ops Agent Version   : ' + version_full + 
  '\n Current Patch       : ' + patch_version + 
  '\n Fixed Patch Version : ' + fix +
  '\n Fix                 : ' + patchid;

security_report_v4(extra:report, severity:SECURITY_HOLE, port:0);