Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_RDBMS_CPU_OCT_2021.NASL
HistoryOct 21, 2021 - 12:00 a.m.

Oracle Database Server Multiple Vulnerabilities (October 2021 CPU)

2021-10-2100:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
144
JSON

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory.

  • Vulnerability in the Zero Downtime DB Migration to Cloud component of Oracle Database Server. The supported version that is affected is 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where Zero Downtime DB Migration to Cloud executes to compromise Zero Downtime DB Migration to Cloud. While the vulnerability is in Zero Downtime DB Migration to Cloud, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Zero Downtime DB Migration to Cloud. (CVE-2021-35599)

  • Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java VM. (CVE-2021-35619)

  • Vulnerability in the Oracle LogMiner component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Oracle LogMiner. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle LogMiner accessible data as well as unauthorized read access to a subset of Oracle LogMiner accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle LogMiner. (CVE-2021-2332)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(154332);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2020-27824",
    "CVE-2021-2332",
    "CVE-2021-25122",
    "CVE-2021-26272",
    "CVE-2021-29425",
    "CVE-2021-29921",
    "CVE-2021-35551",
    "CVE-2021-35557",
    "CVE-2021-35558",
    "CVE-2021-35576",
    "CVE-2021-35599",
    "CVE-2021-35619"
  );
  script_xref(name:"IAVA", value:"2021-A-0263-S");
  script_xref(name:"IAVA", value:"2021-A-0483");

  script_name(english:"Oracle Database Server Multiple Vulnerabilities (October 2021 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as
referenced in the October 2021 CPU advisory.

  - Vulnerability in the Zero Downtime DB Migration to Cloud component of Oracle Database Server. The
    supported version that is affected is 21c. Easily exploitable vulnerability allows high privileged
    attacker having Local Logon privilege with logon to the infrastructure where Zero Downtime DB Migration to
    Cloud executes to compromise Zero Downtime DB Migration to Cloud. While the vulnerability is in Zero
    Downtime DB Migration to Cloud, attacks may significantly impact additional products. Successful attacks
    of this vulnerability can result in takeover of Zero Downtime DB Migration to Cloud. (CVE-2021-35599)

  - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are
    12.1.0.2, 12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having
    Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks
    require human interaction from a person other than the attacker. Successful attacks of this vulnerability
    can result in takeover of Java VM. (CVE-2021-35619)

  - Vulnerability in the Oracle LogMiner component of Oracle Database Server. Supported versions that are
    affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker
    having DBA privilege with network access via Oracle Net to compromise Oracle LogMiner. Successful attacks
    of this vulnerability can result in unauthorized creation, deletion or modification access to critical
    data or all Oracle LogMiner accessible data as well as unauthorized read access to a subset of Oracle
    LogMiner accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete
    DOS) of Oracle LogMiner. (CVE-2021-2332)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2021.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2021 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-29921");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/10/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/21");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_rdbms_query_patch_info.nbin", "oracle_rdbms_patch_info.nbin");

  exit(0);
}

include('vcf_extras_oracle.inc');

var app_info = vcf::oracle_rdbms::get_app_info();

var constraints = [
  # RDBMS:

  # Note there are no Combo or OJVM patches for 21.x. OJVM fixes are released as part of the RU patches.
  # See note next to 21.x patches for Oct 21': http://www.nessus.org/u?d4ca86db
  {'min_version': '21.0', 'fixed_version': '21.4.0.0.211019', 'missing_patch':'33239276', 'os':'unix', 'component':'db'},

  {'min_version': '19.0', 'fixed_version': '19.11.2.0.211019', 'missing_patch':'33153989', 'os':'unix', 'component':'db'},
  {'min_version': '19.0', 'fixed_version': '19.13.0.0.211019', 'missing_patch':'33155330', 'os':'win', 'component':'db'},
  {'min_version': '19.12', 'fixed_version': '19.12.1.0.211019', 'missing_patch':'33210889', 'os':'unix', 'component':'db'},
  {'min_version': '19.13', 'fixed_version': '19.13.0.0.211019', 'missing_patch':'33192793', 'os':'unix', 'component':'db'}, 
 
  {'min_version': '12.2.0.1.0', 'fixed_version': '12.2.0.1.211019', 'missing_patch':'33261817', 'os':'unix', 'component':'db'},
  {'min_version': '12.2.0.1.0', 'fixed_version': '12.2.0.1.211019', 'missing_patch':'33174380', 'os':'win', 'component':'db'},

  {'min_version': '12.1.0.2.0', 'fixed_version': '12.1.0.2.211019', 'missing_patch':'33248411, 33128590', 'os':'unix', 'component':'db'},
  {'min_version': '12.1.0.2.0', 'fixed_version': '12.1.0.2.211019', 'missing_patch':'33174365', 'os':'win', 'component':'db'},
  
  # OJVM:
  {'min_version': '19.0',  'fixed_version': '19.13.0.0.211019', 'missing_patch':'33192694', 'os':'unix', 'component':'ojvm'},
  {'min_version': '19.0',  'fixed_version': '19.13.0.0.211019', 'missing_patch':'33192694', 'os':'win', 'component':'ojvm'},

  {'min_version': '12.2.0.1.0',  'fixed_version': '12.2.0.1.211019', 'missing_patch':'33192662', 'os':'unix', 'component':'ojvm'},
  {'min_version': '12.2.0.1.0',  'fixed_version': '12.2.0.1.211019', 'missing_patch':'33248852', 'os':'win', 'component':'ojvm'},

  {'min_version': '12.1.0.2.0',  'fixed_version': '12.1.0.2.211019', 'missing_patch':'33192628', 'os':'unix', 'component':'ojvm'},
  {'min_version': '12.1.0.2.0',  'fixed_version': '12.1.0.2.211019', 'missing_patch':'33248785', 'os':'win', 'component':'ojvm'}
];

vcf::oracle_rdbms::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_HOLE
);
VendorProductVersionCPE
oracledatabase_servercpe:/a:oracle:database_server

Related

cnvd 7
cve 12
prion 12
ibm 53
zdt 2
ubuntucve 6
redhatcve 5
veracode 5
debiancve 5
packetstorm 2
osv 14
alpinelinux 2
github 3
nessus 20
openvas 27
mageia 1
suse 2
ubuntu 3
photon 2
cisa 1
f5 2
broadcom 1
attackerkb 1
cgr 1
amazon 2
debian 1
fedora 2
atlassian 5
cnvd
cnvd
Oracle Database Server has an unspecified vulnerability (CNVD-2021-84599)
2021-10-20 00:00:00
Oracle Database Server Input Validation Error Vulnerability (CNVD-2021-101532)
2021-10-20 00:00:00
Oracle Database Server has an unspecified vulnerability (CNVD-2021-101529)
2021-10-20 00:00:00
cve
cve
CVE-2021-35558
2021-10-20 11:16:00
CVE-2021-35551
2021-10-20 11:16:00
CVE-2021-35599
2021-10-20 11:17:00
prion
prion
Design/Logic Flaw
2021-10-20 11:17:00
Design/Logic Flaw
2021-10-20 11:16:00
Design/Logic Flaw
2021-10-20 11:17:00
ibm
ibm
Security Bulletin: IBM Emptoris Supplier Lifecycle Management vulnerable to unspecified vulnerability due to Oracle Database Server (CVE-2021-35576)
2022-04-20 05:11:13
Security Bulletin: IBM Emptoris Strategic Supply Management Platform is vulnerable to unspecified vulnerability due to Oracle Database Server (CVE-2021-35576)
2022-04-19 05:54:25
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Management (CVE-2021-35557)
2022-02-28 13:25:52
zdt
zdt
Oracle Unified Audit Policy Bypass Vulnerability
2023-01-03 00:00:00
Oracle Database Vault Metadata Exposure Vulnerability
2023-01-05 00:00:00
ubuntucve
ubuntucve
CVE-2021-26272
2021-01-26 00:00:00
CVE-2020-27824
2020-12-10 00:00:00
CVE-2021-25122
2021-03-01 00:00:00
redhatcve
redhatcve
CVE-2021-26272
2022-05-20 22:50:58
CVE-2020-27824
2020-12-08 22:48:15
CVE-2021-25122
2021-03-02 10:32:54
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-01-27 05:34:12
Arbitrary Code Execution
2021-05-24 09:29:59
Denial Of Service (DoS)
2020-12-23 16:51:38
debiancve
debiancve
CVE-2021-26272
2021-01-26 21:15:00
CVE-2020-27824
2021-05-13 14:15:00
CVE-2021-29921
2021-05-06 13:15:00
packetstorm
packetstorm
Oracle Unified Audit Policy Bypass
2023-01-02 00:00:00
Oracle Database Vault Metadata Exposure
2023-01-05 00:00:00
osv
osv
Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4
2021-10-13 15:34:09
CVE-2021-26272
2021-01-26 21:15:12
python3.8 vulnerability
2021-10-04 12:04:34
alpinelinux
alpinelinux
CVE-2020-27824
2021-05-13 14:15:00
CVE-2021-29921
2021-05-06 13:15:00
github
github
Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4
2021-10-13 15:34:09
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2021-06-16 17:45:29
Path Traversal and Improper Input Validation in Apache Commons IO
2021-04-26 16:04:00
nessus
nessus
Photon OS 4.0: Python3 PHSA-2021-4.0-0028
2021-05-21 00:00:00
Ubuntu 20.04 LTS : Python vulnerability (USN-4973-2)
2021-10-04 00:00:00
openSUSE 15 Security Update : python39 (openSUSE-SU-2021:2940-1)
2021-09-04 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0386)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4973-1)
2021-06-02 00:00:00
Python < 3.9.5 Authentication Bypass Vulnerability - Mac OS X
2021-06-23 00:00:00
mageia
mageia
Updated python3 packages fix security vulnerabilities
2021-07-27 23:21:53
suse
suse
Security update for python39 (important)
2021-09-03 00:00:00
Security update for apache-commons-io (moderate)
2021-04-23 00:00:00
ubuntu
ubuntu
Python vulnerability
2021-10-04 00:00:00
Python vulnerability
2021-06-01 00:00:00
Apache Commons IO vulnerability
2021-09-29 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0028
2021-05-20 00:00:00
Critical Photon OS Security Update - PHSA-2021-4.0-0028
2021-05-19 00:00:00
cisa
cisa
Apache Releases Security Advisory for Tomcat
2021-03-02 00:00:00
f5
f5
K00174195 : Apache Tomcat vulnerability CVE-2021-25122
2021-03-16 00:00:00
K46604804 : Python vulnerability CVE-2021-29921
2021-06-07 00:00:00
broadcom
broadcom
Apache Commons IO Vulnerability (CVE-2021-29425)
2023-12-18 00:00:00
attackerkb
attackerkb
CVE-2021-29425
2021-04-13 00:00:00
cgr
cgr
CVE-2021-25122 vulnerabilities
2024-04-25 03:20:40
amazon
amazon
Medium: apache-commons-io
2023-05-25 17:41:00
Important: tomcat8
2021-03-23 23:07:00
debian
debian
[SECURITY] [DLA 2741-1] commons-io security update
2021-08-12 20:18:44
fedora
fedora
[SECURITY] Fedora 33 Update: openjpeg2-2.3.1-9.fc33
2020-12-16 01:43:59
[SECURITY] Fedora 33 Update: mingw-openjpeg2-2.3.1-10.fc33
2020-12-16 01:43:59
atlassian
atlassian
Tomcat PersistenceManager vulnerabilities - CVE-2021-25329 and CVE-2021-25122
2021-03-11 19:39:59
Jira Server and Data Center affected by Tomcat CVE-2021-25329 and CVE-2021-25122
2021-04-22 21:11:00
8.5 and 8.13 LTS releases should bundle Tomcat 8.5.63 or higher
2021-04-12 15:50:10
JSON
Related for ORACLE_RDBMS_CPU_OCT_2021.NASL
cnvd7cve12prion12ibm53zdt2ubuntucve6redhatcve5veracode5debiancve5packetstorm2osv14alpinelinux2github3nessus20openvas27mageia1suse2ubuntu3photon2cisa1f52broadcom1attackerkb1cgr1amazon2debian1fedora2atlassian5