The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the Oct 2022 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilites:
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Framework (dojo)). The supported version that is affected is 3.0.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Convergence. Successful attacks of this vulnerability can result in takeover of Oracle Communications Convergence. (CVE-2021-23450)
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework (jackson-databind)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebCenter Portal. (CVE-2020-36518)
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework (Apache Santuario XML Security For Java)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Portal accessible data. (CVE-2021-40690)
Note that Nessus has not attempted to exploit this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(166335);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/24");
script_cve_id(
"CVE-2020-36518",
"CVE-2021-23450",
"CVE-2021-40690",
"CVE-2021-43859",
"CVE-2022-23437",
"CVE-2022-24729",
"CVE-2022-24823",
"CVE-2022-30126"
);
script_xref(name:"IAVA", value:"2022-A-0431");
script_xref(name:"IAVA", value:"2023-A-0558");
script_name(english:"Oracle WebCenter Portal Multiple Vulnerabilities (Oct 2022 CPU)");
script_set_attribute(attribute:"synopsis", value:
"An application server installed on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the Oct 2022
Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilites:
- Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component:
Framework (dojo)). The supported version that is affected is 3.0.3.0. Easily exploitable vulnerability allows
unauthenticated attacker with network access via HTTP to compromise Oracle Communications Convergence. Successful
attacks of this vulnerability can result in takeover of Oracle Communications Convergence. (CVE-2021-23450)
- Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework
(jackson-databind)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable
vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal.
Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of Oracle WebCenter Portal. (CVE-2020-36518)
- Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework
(Apache Santuario XML Security For Java)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0.
Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle
WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized access to critical data or
complete access to all Oracle WebCenter Portal accessible data. (CVE-2021-40690)
Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported
version number.");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuoct2022cvrf.xml");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2022.html");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2022 Oracle Critical Patch Update advisory.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-23450");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/10/18");
script_set_attribute(attribute:"patch_publication_date", value:"2022/10/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:webcenter_portal");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oracle_webcenter_portal_installed.nbin");
script_require_keys("installed_sw/Oracle WebCenter Portal");
exit(0);
}
include('vcf_extras_oracle_webcenter_portal.inc');
var app_info = vcf::oracle_webcenter_portal::get_app_info();
var constraints = [
{'min_version' : '12.2.1.3', 'fixed_version' : '12.2.1.3.220901'},
{'min_version' : '12.2.1.4', 'fixed_version' : '12.2.1.4.220902'}
];
vcf::oracle_webcenter_portal::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | fusion_middleware | cpe:/a:oracle:fusion_middleware | |
oracle | webcenter_portal | cpe:/a:oracle:webcenter_portal |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30126
www.oracle.com/docs/tech/security-alerts/cpuoct2022cvrf.xml
www.oracle.com/security-alerts/cpuoct2022.html