Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_RDBMS_CPU_OCT_2020.NASL
HistoryOct 23, 2020 - 12:00 a.m.

Oracle Database Server Multiple Vulnerabilities (Oct 2020 CPU)

2020-10-2300:00:00
This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
404
JSON

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory.

  • Vulnerability in the Core RDBMS (bzip2) component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Core RDBMS (bzip2). Successful attacks of this vulnerability can result in takeover of Core RDBMS (bzip2).
    (CVE-2019-12900)

  • Vulnerability in the Core RDBMS (bzip2) component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Core RDBMS (bzip2). Successful attacks of this vulnerability can result in takeover of Core RDBMS (bzip2).
    (CVE-2020-14735)

  • Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in takeover of Oracle Text. (CVE-2020-14734)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(141829);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id(
    "CVE-2019-12900",
    "CVE-2020-9281",
    "CVE-2020-11023",
    "CVE-2020-13935",
    "CVE-2020-14734",
    "CVE-2020-14735",
    "CVE-2020-14736",
    "CVE-2020-14740",
    "CVE-2020-14741",
    "CVE-2020-14742",
    "CVE-2020-14743",
    "CVE-2020-14762",
    "CVE-2020-14763",
    "CVE-2020-14898",
    "CVE-2020-14899",
    "CVE-2020-14900",
    "CVE-2020-14901"
  );
  script_xref(name:"IAVA", value:"2020-A-0475");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Oracle Database Server Multiple Vulnerabilities (Oct 2020 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as
referenced in the October 2020 CPU advisory.

  - Vulnerability in the Core RDBMS (bzip2) component of Oracle Database Server. Supported versions that are 
  affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low 
  privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise 
  Core RDBMS (bzip2). Successful attacks of this vulnerability can result in takeover of Core RDBMS (bzip2).
  (CVE-2019-12900)
  
  - Vulnerability in the Core RDBMS (bzip2) component of Oracle Database Server. Supported versions that 
  are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low 
  privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise 
  Core RDBMS (bzip2). Successful attacks of this vulnerability can result in takeover of Core RDBMS (bzip2).
  (CVE-2020-14735)

  - Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected
  are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated 
  attacker with network access via Oracle Net to compromise Oracle Text. Successful attacks of this 
  vulnerability can result in takeover of Oracle Text. (CVE-2020-14734)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2020.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2020 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-12900");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/10/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_rdbms_query_patch_info.nbin", "oracle_rdbms_patch_info.nbin");

  exit(0);
}

include('vcf_extras_oracle.inc');

var app_info = vcf::oracle_rdbms::get_app_info();

var constraints = [
  # RDBMS:
  {'min_version': '19.9', 'fixed_version': '19.9.0.0.201020', 'missing_patch':'31771877', 'os':'unix', 'component':'db'},
  {'min_version': '19.0', 'fixed_version': '19.9.0.0.201020', 'missing_patch':'31719903', 'os':'win', 'component':'db'},
  {'min_version': '19.8', 'fixed_version': '19.8.1.0.201020', 'missing_patch':'31666885', 'os':'unix', 'component':'db'},
  {'min_version': '19.0', 'fixed_version': '19.7.2.0.201020', 'missing_patch':'31667176', 'os':'unix', 'component':'db'},

  {'min_version': '18.12', 'fixed_version': '18.12.0.0.201020', 'missing_patch':'31730250', 'os':'unix', 'component':'db'},
  {'min_version': '18.0', 'fixed_version': '18.12.0.0.201020', 'missing_patch':'31629682', 'os':'win', 'component':'db'},
  {'min_version': '18.11', 'fixed_version': '18.11.1.0.201020', 'missing_patch':'31666917', 'os':'unix', 'component':'db'},
  {'min_version': '18.0', 'fixed_version': '18.10.2.0.201020', 'missing_patch':'31667173', 'os':'unix', 'component':'db'},

  {'min_version': '12.2.0.1.0', 'fixed_version': '12.2.0.1.201020', 'missing_patch':'31741641, 31667168, 31666944', 'os':'unix', 'component':'db'},
  {'min_version': '12.2.0.1.0', 'fixed_version': '12.2.0.1.201020', 'missing_patch':'31654782', 'os':'win', 'component':'db'},

  {'min_version': '12.1.0.2.0', 'fixed_version': '12.1.0.2.201020', 'missing_patch':'31550110, 31511219', 'os':'unix', 'component':'db'},
  {'min_version': '12.1.0.2.0', 'fixed_version': '12.1.0.2.201020', 'missing_patch':'31658987', 'os':'win', 'component':'db'},

  {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.201020', 'missing_patch':'31537677, 31834759, 31537652', 'os':'unix', 'component':'db'},
  {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.201020', 'missing_patch':'31659823', 'os':'win', 'component':'db'},

# OJVM 
  {'min_version': '19.0',  'fixed_version': '19.9.0.0.201020', 'missing_patch':'31668882', 'os':'unix', 'component':'ojvm'},
  {'min_version': '19.0',  'fixed_version': '19.9.0.0.201020', 'missing_patch':'31668882', 'os':'win', 'component':'ojvm'},

  {'min_version': '18.0',  'fixed_version': '18.12.0.0.201020', 'missing_patch':'31668892', 'os':'unix', 'component':'ojvm'},
  {'min_version': '18.0',  'fixed_version': '18.12.0.0.201020', 'missing_patch':'31668892', 'os':'win', 'component':'ojvm'},

  {'min_version': '12.2.0.1.0',  'fixed_version': '12.2.0.1.201020', 'missing_patch':'31668898', 'os':'unix', 'component':'ojvm'},
  {'min_version': '12.2.0.1.0',  'fixed_version': '12.2.0.1.201020', 'missing_patch':'31740064', 'os':'win', 'component':'ojvm'},

  {'min_version': '12.1.0.2.0',  'fixed_version': '12.1.0.2.201020', 'missing_patch':'31668915', 'os':'unix', 'component':'ojvm'},
  {'min_version': '12.1.0.2.0',  'fixed_version': '12.1.0.2.201020', 'missing_patch':'31740134', 'os':'win', 'component':'ojvm'},

  {'min_version': '11.2.0.4',  'fixed_version': '11.2.0.4.201020', 'missing_patch':'31668908', 'os':'unix', 'component':'ojvm'},
  {'min_version': '11.2.0.4',  'fixed_version': '11.2.0.4.201020', 'missing_patch':'31740195', 'os':'win', 'component':'ojvm'}

];

vcf::oracle_rdbms::check_version_and_report(app_info:app_info, severity:SECURITY_HOLE, constraints:constraints);
VendorProductVersionCPE
oracledatabase_servercpe:/a:oracle:database_server

References

Related

ibm 13
cve 19
prion 18
veracode 5
ubuntucve 4
openvas 26
osv 13
redhatcve 4
github 3
nessus 48
kaspersky 2
redhat 8
githubexploit 1
debiancve 3
f5 3
tomcat 3
debian 2
alpinelinux 2
amazon 3
mageia 1
cbl_mariner 2
suse 4
packetstorm 1
zdt 1
ics 1
almalinux 1
oraclelinux 3
rocky 1
fortinet 1
fedora 3
ibm
ibm
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform
2021-01-22 08:32:26
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Program Management
2021-01-22 08:29:33
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management
2021-01-22 08:31:29
cve
cve
CVE-2020-14736
2020-10-21 15:15:00
CVE-2020-14740
2020-10-21 15:15:00
CVE-2020-14742
2020-10-21 15:15:00
prion
prion
Code injection
2020-10-21 15:15:00
Design/Logic Flaw
2020-10-21 15:15:00
Design/Logic Flaw
2020-10-21 15:15:00
veracode
veracode
Cross-site Scripting (XSS)
2020-03-09 03:15:29
Denial Of Service (DoS)
2020-07-15 08:18:40
Out-of-bounds Write
2019-06-25 02:31:58
ubuntucve
ubuntucve
CVE-2020-9281
2020-03-07 00:00:00
CVE-2020-13935
2020-07-14 00:00:00
CVE-2019-12900
2019-06-19 00:00:00
openvas
openvas
Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Windows
2020-03-19 00:00:00
Drupal 8.x CKEditor XSS Vulnerability (SA-CORE-2020-001) - Linux
2020-03-19 00:00:00
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2020-2401)
2020-11-04 00:00:00
osv
osv
BIT-drupal-2020-9281
2024-03-06 10:55:38
CVE-2020-9281
2020-03-07 01:15:15
CKEditor 4.0 vulnerability in the HTML Data Processor
2021-05-07 16:32:17
redhatcve
redhatcve
CVE-2020-9281
2022-05-21 00:07:07
CVE-2020-13935
2020-07-15 06:37:38
CVE-2019-12900
2019-06-27 07:51:22
github
github
CKEditor 4.0 vulnerability in the HTML Data Processor
2021-05-07 16:32:17
Infinite Loop in Apache Tomcat
2022-02-08 22:05:17
Potential XSS vulnerability in jQuery
2020-04-29 22:19:14
nessus
nessus
EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2020-2401)
2020-11-03 00:00:00
RHEL 5 / 7 : Red Hat JBoss Enterprise Application Platform 6.4 (RHSA-2020:3383)
2020-08-10 00:00:00
MySQL Enterprise Monitor 8.0.x < 8.0.22.1262 DoS (Oct 2020 CPU)
2020-10-23 00:00:00
kaspersky
kaspersky
KLA12084 DoS vulnerability in Apache Tomcat
2020-07-07 00:00:00
KLA12083 DoS vulnerabilities in Apache Tomcat
2020-07-05 00:00:00
redhat
redhat
(RHSA-2020:3383) Important: Red Hat JBoss Enterprise Application Platform 6.4 security update
2020-08-10 11:16:49
(RHSA-2020:3382) Important: Red Hat JBoss Enterprise Application Platform 6.4 security update
2020-08-10 11:16:43
(RHSA-2021:0860) Moderate: ipa security and bug fix update
2021-03-16 10:27:14
githubexploit
githubexploit
Exploit for Infinite Loop in Apache Tomcat
2020-11-02 14:48:55
debiancve
debiancve
CVE-2020-13935
2020-07-14 15:15:00
CVE-2019-12900
2019-06-19 23:15:00
CVE-2020-11023
2020-04-29 21:15:00
f5
f5
K45026834 : Apache Tomcat vulnerability CVE-2020-13935
2020-08-27 00:00:00
K68713584 : bzip2 vulnerability CVE-2019-12900
2019-11-13 00:00:00
K66544153 : jQuery vulnerability CVE-2020-11023
2020-08-03 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.105
2020-07-07 00:00:00
Fixed in Apache Tomcat 10.0.0-M7
2020-07-05 00:00:00
Fixed in Apache Tomcat 8.5.57
2020-07-05 00:00:00
debian
debian
[SECURITY] [DLA 1833-2] bzip2 regression update
2019-07-18 20:27:06
[SECURITY] [DLA 2286-1] tomcat8 security update
2020-07-22 16:39:36
alpinelinux
alpinelinux
CVE-2019-12900
2019-06-19 23:15:00
CVE-2020-11023
2020-04-29 21:15:00
amazon
amazon
Low: bzip2
2021-06-16 20:37:00
Medium: ipa
2021-04-20 17:55:00
Important: tomcat8
2020-07-27 23:58:00
mageia
mageia
Updated bzip2 packages fix security vulnerability
2019-11-30 16:06:06
cbl_mariner
cbl_mariner
CVE-2019-12900 affecting package python3 3.7.11-1
2022-07-14 20:59:57
CVE-2019-12900 affecting package bzip2 1.0.6-15
2020-09-09 06:09:14
suse
suse
Security update for bzip2 (important)
2019-07-21 00:00:00
Security update for bzip2 (important)
2019-08-15 00:00:00
Security update for tomcat (important)
2020-07-29 00:00:00
packetstorm
packetstorm
jQuery 1.0.3 Cross Site Scripting
2021-04-14 00:00:00
zdt
zdt
jQuery 1.0.3 - Cross-Site Scripting Vulnerability
2021-04-14 00:00:00
ics
ics
Sensormatic Electronics VideoEdge
2021-11-02 12:00:00
almalinux
almalinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
oraclelinux
oraclelinux
ipa security and bug fix update
2021-03-19 00:00:00
bootstrap security update
2021-08-09 00:00:00
idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-25 00:00:00
rocky
rocky
idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
fortinet
fortinet
FortiManager/FortiAnalyzer - XSS Vulnerability in Report Templates
2022-11-01 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: ckeditor-4.14.0-1.fc32
2020-03-29 00:17:51
[SECURITY] Fedora 31 Update: ckeditor-4.14.0-1.fc31
2020-03-29 01:37:32
[SECURITY] Fedora 30 Update: ckeditor-4.14.0-1.fc30
2020-03-29 01:59:48
JSON
Related for ORACLE_RDBMS_CPU_OCT_2020.NASL
ibm13cve19prion18veracode5ubuntucve4openvas26osv13redhatcve4github3nessus48kaspersky2redhat8githubexploit1debiancve3f53tomcat3debian2alpinelinux2amazon3mageia1cbl_mariner2suse4packetstorm1zdt1ics1almalinux1oraclelinux3rocky1fortinet1fedora3