Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBCENTER_PORTAL_CPU_APR_2023.NASL
HistoryApr 20, 2023 - 12:00 a.m.

Oracle WebCenter Portal Multiple Vulnerabilities (April 2023 CPU)

2023-04-2000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the April 2023 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities:

  • Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework (Netty)). Supported versions that are affected are 12.2.1.4.0. Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a stack overflow error can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. (CVE-2022-41881)

  • Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework (XStream)). Supported versions that are affected are 12.2.1.4.0. Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. (CVE-2022-40151)

  • Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework (jackson-databind)). Supported versions that are affected are 12.2.1.4.0. In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 (CVE-2022-42003)

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(174540);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/21");

  script_cve_id(
    "CVE-2022-36033",
    "CVE-2022-40151",
    "CVE-2022-41881",
    "CVE-2022-42003"
  );
  script_xref(name:"IAVA", value:"2023-A-0210");

  script_name(english:"Oracle WebCenter Portal Multiple Vulnerabilities (April 2023 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"An application server installed on the remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the April 2023
Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities:

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework 
    (Netty)).  Supported versions that are affected are 12.2.1.4.0. Netty project is an event-driven 
    asynchronous network application framework. In versions prior to 4.1.86.Final, a stack overflow error can be 
    raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in 
    version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder. (CVE-2022-41881)

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework 
    (XStream)).  Supported versions that are affected are 12.2.1.4.0. Those using Xstream to seralize 
    XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, 
    an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial
    of service attack. (CVE-2022-40151)

  - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework 
    (jackson-databind)). Supported versions that are affected are 12.2.1.4.0. In FasterXML jackson-databind before 
    2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid 
    deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 
    2.13.4.1 and 2.12.17.1 (CVE-2022-42003)

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported 
version number.");
  # https://www.oracle.com/docs/tech/security-alerts/cpuapr2023cvrf.xml
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5e8adfc4");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2023.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2023 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-36033");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/04/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:webcenter_portal");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_webcenter_portal_installed.nbin");
  script_require_keys("installed_sw/Oracle WebCenter Portal");

  exit(0);
}

include('vcf_extras_oracle_webcenter_portal.inc');

var app_info = vcf::oracle_webcenter_portal::get_app_info();

var constraints = [
  {'min_version' : '12.2.1.4', 'fixed_version' : '12.2.1.4.230404'}
];

vcf::oracle_webcenter_portal::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_WARNING
);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oraclewebcenter_portalcpe:/a:oracle:webcenter_portal

Related

nessus 34
ibm 76
cve 4
redhatcve 4
osv 12
amazon 2
openvas 9
debiancve 4
github 4
veracode 4
prion 4
ubuntucve 4
wolfi 1
cgr 2
cbl_mariner 1
atlassian 4
f5 1
broadcom 1
redhat 20
freebsd 2
gentoo 1
mageia 1
debian 4
nessus
nessus
Oracle Coherence (Apr 2023 CPU)
2023-04-20 00:00:00
Oracle Business Process Management Suite (Apr 2023 CPU)
2023-04-19 00:00:00
Amazon Linux 2 : xstream (ALAS-2024-2464)
2024-02-19 00:00:00
ibm
ibm
Security Bulletin: DataPower Operations Dashboard vulnerable to multiple CVEs
2023-04-12 18:29:00
Security Bulletin: IBM Workload Scheduler potentially affected by jsoup XSS attacks (CVE-2022-36033)
2023-01-30 17:56:52
Security Bulletin: Vulnerabilities in XStream library affects IBM Engineering Test Management (ETM) (CVE-2022-40151)
2023-09-29 11:47:50
cve
cve
CVE-2022-40151
2022-09-16 10:15:00
CVE-2022-41881
2022-12-12 18:15:00
CVE-2022-36033
2022-08-29 17:15:00
redhatcve
redhatcve
CVE-2022-40151
2022-10-13 15:30:53
CVE-2022-36033
2022-09-15 10:13:18
CVE-2022-41881
2022-12-14 14:05:02
osv
osv
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
2022-12-30 16:58:39
CVE-2022-40151
2022-09-16 10:15:09
CVE-2022-41881
2022-12-12 18:15:12
amazon
amazon
Medium: xstream
2024-02-15 03:52:00
Medium: jsoup
2024-02-15 03:52:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:4011-1)
2022-11-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1673-1)
2023-03-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3995-1)
2022-11-16 00:00:00
debiancve
debiancve
CVE-2022-40151
2022-09-16 10:15:00
CVE-2022-36033
2022-08-29 17:15:00
CVE-2022-41881
2022-12-12 18:15:00
github
github
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
2022-12-30 16:58:39
jsoup may not sanitize code injection XSS attempts if SafeList.preserveRelativeLinks is enabled
2022-09-01 22:14:57
HAProxyMessageDecoder Stack Exhaustion DoS
2022-12-12 21:24:29
veracode
veracode
Denial Of Service (DoS)
2022-09-19 05:03:00
Denial Of Service (DoS)
2022-12-13 01:15:13
Cross-site Scripting (XSS)
2022-08-30 07:07:33
prion
prion
Input validation
2022-09-16 10:15:00
Cross site scripting
2022-08-29 17:15:00
Design/Logic Flaw
2022-12-12 18:15:00
ubuntucve
ubuntucve
CVE-2022-40151
2022-09-16 00:00:00
CVE-2022-36033
2022-08-29 00:00:00
CVE-2022-41881
2022-12-12 00:00:00
wolfi
wolfi
CVE-2022-36033 vulnerabilities
2024-05-10 03:06:50
cgr
cgr
CVE-2022-41881 vulnerabilities
2024-05-10 03:09:19
CVE-2022-36033 vulnerabilities
2024-05-10 03:09:19
cbl_mariner
cbl_mariner
CVE-2022-36033 affecting package jsoup 1.11.3-3
2024-05-10 03:06:50
atlassian
atlassian
DoS (Denial of Service) com.fasterxml.jackson.core:jackson-databind in Jira Software Data Center and Server
2023-11-12 13:45:23
FasterXML Vulnerability in Bamboo Data Center and Server
2023-10-06 17:45:19
FasterXML Vulnerability in Jira Service Management Data Center and Server
2023-10-09 01:44:35
f5
f5
K000135852 : FasterXML jackson-databind vulnerability CVE-2022-42003
2023-08-15 00:00:00
broadcom
broadcom
CVE-2022-42003 - In FasterXML jackson-databind before 2.14.0-rc1, ressource exhaustion
2023-05-03 00:00:00
redhat
redhat
(RHSA-2023:0713) Important: Red Hat Data Grid 8.4.1 security update
2023-02-09 11:33:55
(RHSA-2023:3374) Moderate: Migration Toolkit for Runtimes security update
2023-05-31 10:49:43
(RHSA-2023:0577) Moderate: Red Hat build of Eclipse Vert.x 4.3.7 security update
2023-02-16 12:55:24
freebsd
freebsd
security/keycloak -- Multiple possible DoS attacks
2022-09-07 00:00:00
cassandra3 -- multiple vulnerabilities
2023-01-11 00:00:00
gentoo
gentoo
FasterXML jackson-databind: Multiple vulnerabilities
2022-10-31 00:00:00
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2024-03-16 19:28:17
debian
debian
[SECURITY] [DLA 3207-1] jackson-databind security update
2022-11-27 18:54:15
[SECURITY] [DSA 5283-1] jackson-databind security update
2022-11-17 11:33:20
[SECURITY] [DSA 5316-1] netty security update
2023-01-11 22:54:15
JSON
Related for ORACLE_WEBCENTER_PORTAL_CPU_APR_2023.NASL
nessus34ibm76cve4redhatcve4osv12amazon2openvas9debiancve4github4veracode4prion4ubuntucve4wolfi1cgr2cbl_mariner1atlassian4f51broadcom1redhat20freebsd2gentoo1mageia1debian4