Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL
HistoryOct 22, 2021 - 12:00 a.m.

Oracle HTTP Server (Oct 2021 CPU)

2021-10-2200:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
60

7.5 High

AI Score

Confidence

High

JSON

The 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory.

  • Vulnerability in the Oracle WebLogic Server Proxy Plug-In product of Oracle Fusion Middleware (component:
    SSL Module (LibExpat)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server Proxy Plug-In. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server Proxy Plug-In. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). (CVE-2018-20843)

  • Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). (CVE-2021-35666)

  • Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (OpenSSL)). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle HTTP Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-1971)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(154340);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/28");

  script_cve_id(
    "CVE-2018-20843",
    "CVE-2020-1971",
    "CVE-2021-2480",
    "CVE-2021-35666"
  );
  script_xref(name:"IAVA", value:"2021-A-0480");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Oracle HTTP Server (Oct 2021 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 versions of HTTP Server installed on the remote host are affected by multiple
vulnerabilities as referenced in the October 2021 CPU advisory.

  - Vulnerability in the Oracle WebLogic Server Proxy Plug-In product of Oracle Fusion Middleware (component:
    SSL Module (LibExpat)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily
    exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise
    Oracle WebLogic Server Proxy Plug-In. Successful attacks of this vulnerability can result in unauthorized
    ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server Proxy
    Plug-In. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). (CVE-2018-20843)

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). The
    supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows
    unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful
    attacks of this vulnerability can result in unauthorized access to critical data or complete access to all
    Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). (CVE-2021-35666)

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module
    (OpenSSL)). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability
    allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful
    attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable
    crash (complete DOS) of Oracle HTTP Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector:
    (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-1971)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2021.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2021 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-35666");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/10/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_http_server_installed.nbin");
  script_require_keys("Oracle/OHS/Installed");

  exit(0);
}

include('oracle_http_server_patch_func.inc');

get_kb_item_or_exit('Oracle/OHS/Installed');
var install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');

var install = branch(install_list, key:TRUE, value:TRUE);

var patches = make_array();
patches['11.1.1.9'] = make_array('fix_ver', '11.1.1.9.210826', 'patch', '33311587');
patches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.210826', 'patch', '33283753');
patches['12.2.1.4'] = make_array('fix_ver', '12.2.1.4.210826', 'patch', '33283762');

oracle_http_server_check_vuln(
  install : install,
  min_patches : patches,
  severity : SECURITY_HOLE
);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oraclehttp_servercpe:/a:oracle:http_server

Related

prion 4
cnvd 2
cve 4
nessus 70
openvas 34
redhat 7
mageia 1
almalinux 1
f5 2
rocky 1
osv 8
cbl_mariner 2
ibm 28
veracode 2
redhatcve 2
fedora 4
debian 4
ubuntu 2
ubuntucve 1
debiancve 2
suse 4
cloudfoundry 1
alpinelinux 2
freebsd_advisory 1
gentoo 1
archlinux 1
altlinux 2
openssl 1
cloudlinux 1
freebsd 1
oraclelinux 1
photon 1
githubexploit 1
prion
prion
Design/Logic Flaw
2021-10-20 11:17:00
Input validation
2019-06-24 17:15:00
Design/Logic Flaw
2021-10-20 11:16:00
cnvd
cnvd
Oracle HTTP Server Unauthorized Access Vulnerability
2021-10-20 00:00:00
Oracle HTTP Server Unauthorized Access Vulnerability (CNVD-2021-102412)
2021-10-20 00:00:00
cve
cve
CVE-2021-35666
2021-10-20 11:17:00
CVE-2018-20843
2019-06-24 17:15:00
CVE-2021-2480
2021-10-20 11:16:00
nessus
nessus
EulerOS 2.0 SP5 : expat (EulerOS-SA-2019-1758)
2019-07-23 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Expat vulnerability (USN-4040-1)
2019-06-27 00:00:00
Fedora 30 : expat (2019-18868e1715)
2019-07-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2019-1841)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1834-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1835-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2020:4846) Moderate: mingw-expat security update
2020-11-03 12:41:03
(RHSA-2021:0491) Low: Red Hat JBoss Web Server 3.1 Service Pack 11 security update
2021-02-11 13:35:32
(RHSA-2021:0488) Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP6 security update
2021-02-11 13:24:10
mageia
mageia
Updated expat packages fix security vulnerability
2019-09-15 15:11:55
almalinux
almalinux
Moderate: mingw-expat security update
2020-11-03 12:41:03
f5
f5
K51011533 : Expat XML parser vulnerability CVE-2018-20843
2019-07-18 00:00:00
K42910051 : OpenSSL vulnerability CVE-2020-1971
2021-01-14 00:00:00
rocky
rocky
mingw-expat security update
2020-11-03 00:00:00
osv
osv
CVE-2018-20843
2019-06-24 17:15:09
expat - security update
2019-06-29 00:00:00
expat - security update
2019-06-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-20843 affecting package expat 2.2.6-4
2020-09-09 06:09:14
CVE-2020-1971 affecting package mysql 8.0.22-2
2021-08-25 19:57:27
ibm
ibm
Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities
2020-02-27 10:34:31
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2018-20843)
2020-03-25 11:34:06
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is required product for IBM Tivoli Netcool Configuration Manager (CVE-2018-20843)
2020-08-24 13:03:40
veracode
veracode
Denial Of Service (DoS)
2019-07-01 08:36:31
Denial Of Service (DoS)
2020-12-09 10:07:39
redhatcve
redhatcve
CVE-2018-20843
2020-04-04 05:18:28
CVE-2020-1971
2020-12-08 16:10:44
fedora
fedora
[SECURITY] Fedora 30 Update: expat-2.2.7-1.fc30
2019-07-10 00:51:48
[SECURITY] Fedora 29 Update: expat-2.2.7-1.fc29
2019-07-16 03:22:19
[SECURITY] Fedora 32 Update: openssl-1.1.1i-1.fc32
2020-12-21 01:36:23
debian
debian
[SECURITY] [DLA 1839-1] expat security update
2019-06-29 18:59:53
[SECURITY] [DSA 4472-1] expat security update
2019-06-28 09:30:19
[SECURITY] [DSA 4472-1] expat security update
2019-06-28 09:30:19
ubuntu
ubuntu
Expat vulnerability
2019-06-26 00:00:00
Expat vulnerability
2019-06-26 00:00:00
ubuntucve
ubuntucve
CVE-2018-20843
2019-06-24 00:00:00
debiancve
debiancve
CVE-2018-20843
2019-06-24 17:15:00
CVE-2020-1971
2020-12-08 16:15:00
suse
suse
Security update for expat (moderate)
2019-07-21 00:00:00
Security update for openssl-1_0_0 (important)
2020-12-17 00:00:00
Security update for openssl-1_1 (important)
2020-12-10 00:00:00
cloudfoundry
cloudfoundry
USN-4040-1: Expat vulnerability | Cloud Foundry
2019-08-28 00:00:00
alpinelinux
alpinelinux
CVE-2018-20843
2019-06-24 17:15:00
CVE-2020-1971
2020-12-08 16:15:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:33.openssl
2020-12-08 00:00:00
gentoo
gentoo
OpenSSL: Denial of service
2020-12-23 00:00:00
archlinux
archlinux
[ASA-202012-24] openssl: denial of service
2020-12-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1i-alt1
2020-12-09 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1i-alt1
2020-12-08 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2020-1971
2020-12-08 00:00:00
cloudlinux
cloudlinux
Fix CVE: CVE-2020-1971
2020-12-09 11:10:00
freebsd
freebsd
OpenSSL -- NULL pointer de-reference
2020-12-08 00:00:00
oraclelinux
oraclelinux
openssl security and bug fix update
2020-12-17 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2020-0175
2020-12-10 00:00:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Openssl
2020-12-09 21:32:15

7.5 High

AI Score

Confidence

High

JSON
Related for ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL
prion4cnvd2cve4nessus70openvas34redhat7mageia1almalinux1f52rocky1osv8cbl_mariner2ibm28veracode2redhatcve2fedora4debian4ubuntu2ubuntucve1debiancve2suse4cloudfoundry1alpinelinux2freebsd_advisory1gentoo1archlinux1altlinux2openssl1cloudlinux1freebsd1oraclelinux1photon1githubexploit1