The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the October 2021 Critical Patch Update (CPU). It is, therefore, affected by a vulnerability in the Discussion Forums (XStream) component that is easily exploitable by a remote, low privileged attacker to compromise Oracle WebCenter Portalβs confidentiality, integrity and availability.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the applicationβs self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(154326);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2021-29505");
script_xref(name:"IAVA", value:"2021-A-0480");
script_name(english:"Oracle WebCenter Portal RCE (Oct 2021 CPU)");
script_set_attribute(attribute:"synopsis", value:
"An application server installed on the remote host is affected by a remote command execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the October 2021
Critical Patch Update (CPU). It is, therefore, affected by a vulnerability in the Discussion Forums (XStream) component
that is easily exploitable by a remote, low privileged attacker to compromise Oracle WebCenter Portal's confidentiality,
integrity and availability.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's
self-reported version number.");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixFMW");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2021 Oracle Critical Patch Update advisory.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-29505");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/28");
script_set_attribute(attribute:"patch_publication_date", value:"2021/10/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/10/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:webcenter_portal");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oracle_webcenter_portal_installed.nbin");
script_require_keys("installed_sw/Oracle WebCenter Portal");
exit(0);
}
include('vcf_extras_oracle_webcenter_portal.inc');
var app_info = vcf::oracle_webcenter_portal::get_app_info();
var constraints = [
{'min_version' : '12.2.1.3', 'fixed_version' : '12.2.1.3.210830'},
{'min_version' : '12.2.1.4', 'fixed_version' : '12.2.1.4.210830'}
];
vcf::oracle_webcenter_portal::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
Vendor | Product | Version |
---|---|---|
oracle | fusion_middleware | |
oracle | webcenter_portal |