Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBLOGIC_SERVER_CPU_APR_2024.NASL
HistoryApr 17, 2024 - 12:00 a.m.

Oracle WebLogic Server (April 2024 CPU)

2024-04-1700:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
88
oracle weblogic server
april 2024 cpu
vulnerabilities
unauthorized access
takeover
network access
http
cve-2021-23369
cve-2023-2976
cve-2023-44487

8 High

AI Score

Confidence

High

JSON

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory:

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples (handlebars)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows \ unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. (CVE-2021-23369)

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty Jars (Bouncy Castle Java Library)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2023-2976)

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). The supported version that is affected is 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP/2 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2023-44487)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(193425);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/29");

  script_cve_id(
    "CVE-2021-23369",
    "CVE-2021-23383",
    "CVE-2022-23491",
    "CVE-2023-2976",
    "CVE-2023-5072",
    "CVE-2023-33201",
    "CVE-2023-33202",
    "CVE-2023-44487",
    "CVE-2023-52428",
    "CVE-2024-21006",
    "CVE-2024-21007",
    "CVE-2024-23635",
    "CVE-2024-25710",
    "CVE-2024-26308"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/10/31");
  script_xref(name:"IAVA", value:"2024-A-0237");
  script_xref(name:"CEA-ID", value:"CEA-2024-0004");

  script_name(english:"Oracle WebLogic Server (April 2024 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple
vulnerabilities as referenced in the April 2024 CPU advisory:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples (handlebars)). 
    Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows \
    unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of 
    this vulnerability can result in takeover of Oracle WebLogic Server. (CVE-2021-23369)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty 
    Jars (Bouncy Castle Java Library)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily 
    exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise 
    Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset 
    of Oracle WebLogic Server accessible data. (CVE-2023-2976)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). The 
    supported version that is affected is 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker 
    with network access via HTTP/2 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can 
    result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic 
    Server. (CVE-2023-44487)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuapr2024csaf.json");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2024.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2024 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-23369");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-23383");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:weblogic_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_weblogic_server_installed.nbin", "os_fingerprint.nasl");
  script_require_keys("installed_sw/Oracle WebLogic Server");

  exit(0);
}

include('vcf.inc');
include('vcf_extras_oracle.inc');

var app_info = vcf::oracle_weblogic::get_app_info();

var constraints = [
  { 'min_version' : '12.2.1.4.0', 'fixed_version' : '12.2.1.4.240325', 'fixed_display' : '36440005' },
  { 'min_version' : '14.1.1.0.0', 'fixed_version' : '14.1.1.0.240328', 'fixed_display' : '36454290' }
];

vcf::oracle_weblogic::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_HOLE,
    flags:{'xss':TRUE}
);
VendorProductVersionCPE
oracleweblogic_servercpe:/a:oracle:weblogic_server
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware

References

Related

redhat 13
ibm 45
openvas 11
nessus 25
cvelist 11
cve 11
ubuntucve 6
osv 16
debiancve 7
prion 9
veracode 8
cgr 5
redhatcve 7
github 9
wolfi 5
nodejs 1
atlassian 1
amazon 3
f5 1
redos 1
fedora 2
mageia 1
debian 1
redhat
redhat
(RHSA-2024:1509) Moderate: Red Hat Data Grid 8.4.7 security update
2024-03-26 11:13:37
(RHSA-2024:1948) Important: Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2)
2024-04-22 13:28:12
(RHSA-2024:1797) Important: Red Hat build of Quarkus 2.13.9.SP2 release and security update
2024-04-22 10:57:23
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Apache Commons Compress may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2024-26308 & CVE-2024-25710)
2024-04-30 07:32:22
Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)
2024-04-24 09:06:29
Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for March 2023.
2024-04-24 11:55:20
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0726-1)
2024-03-01 00:00:00
Tenable Nessus Network Monitor 5.11.0 - 6.1.1 Multiple Vulnerabilities (TNS-2022-28)
2022-12-20 00:00:00
Tenable Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-30 00:00:00
nessus
nessus
HandlebarsJS < 4.7.7 Multiple Vulnerabilities
2023-10-24 00:00:00
RHEL 6 : nodejs-handlebars (Unpatched Vulnerability)
2024-05-11 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:0726-1)
2024-03-01 00:00:00
cvelist
cvelist
CVE-2024-21006
2024-04-16 21:25:59
CVE-2024-21007
2024-04-16 21:26:00
CVE-2024-23635 AntiSamy malicious input can provoke XSS when preserving comments
2024-02-02 16:32:50
cve
cve
CVE-2024-21007
2024-04-16 22:15:14
CVE-2024-23635
2024-02-02 17:15:11
CVE-2024-21006
2024-04-16 22:15:14
ubuntucve
ubuntucve
CVE-2024-23635
2024-02-02 00:00:00
CVE-2023-33202
2023-11-23 00:00:00
CVE-2021-23383
2021-05-04 00:00:00
osv
osv
CVE-2024-23635
2024-02-02 17:15:11
Malicious input can provoke XSS when preserving comments
2024-02-02 18:10:04
Bouncy Castle Denial of Service (DoS)
2023-11-23 18:30:33
debiancve
debiancve
CVE-2024-23635
2024-02-02 17:15:11
CVE-2023-33202
2023-11-23 16:15:07
CVE-2021-23369
2021-04-12 14:15:00
prion
prion
Design/Logic Flaw
2024-02-02 17:15:00
Code injection
2024-02-19 09:15:00
Code injection
2024-02-11 05:15:00
veracode
veracode
Cross Site Scripting (XSS)
2024-02-05 08:42:03
Denial Of Service (DoS)
2024-02-20 06:39:51
Denial Of Service (DoS)
2023-11-27 07:58:36
cgr
cgr
CVE-2024-26308 vulnerabilities
2024-05-19 03:07:16
CVE-2023-52428 vulnerabilities
2024-05-19 03:07:16
CVE-2023-33202 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2023-33202
2023-11-23 20:49:53
CVE-2024-26308
2024-02-19 20:50:29
CVE-2021-23369
2021-04-12 21:16:02
github
github
Malicious input can provoke XSS when preserving comments
2024-02-02 18:10:04
Bouncy Castle Denial of Service (DoS)
2023-11-23 18:30:33
Denial of Service in Connect2id Nimbus JOSE+JWT
2024-02-11 06:30:27
wolfi
wolfi
CVE-2023-52428 vulnerabilities
2024-05-20 21:07:17
CVE-2023-33202 vulnerabilities
2024-05-20 21:07:17
CVE-2024-26308 vulnerabilities
2024-05-20 21:07:17
nodejs
nodejs
Remote code execution when compiling templates
2021-05-06 16:14:21
atlassian
atlassian
Bitbucket Data Center is affected by CVE-2024-25710
2024-04-03 08:56:14
amazon
amazon
Important: apache-commons-compress
2024-03-13 20:26:00
Important: ca-certificates
2023-02-17 00:12:00
Important: ca-certificates
2023-02-17 00:02:00
f5
f5
K000132764 : SSL Certificates in Mozilla vulnerability CVE-2022-23491
2023-02-27 00:00:00
redos
redos
ROS-20230619-03
2023-06-19 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: mingw-python-certifi-2022.12.7-1.fc36
2023-03-30 01:16:08
[SECURITY] Fedora 37 Update: mingw-python-certifi-2022.12.7-1.fc37
2023-03-30 01:21:30
mageia
mageia
Updated python-certifi packages fix security vulnerability
2023-04-15 22:03:44
debian
debian
[SECURITY] [DLA 3514-1] bouncycastle security update
2023-08-02 11:24:28

8 High

AI Score

Confidence

High

JSON
Related for ORACLE_WEBLOGIC_SERVER_CPU_APR_2024.NASL
redhat13ibm45openvas11nessus25cvelist11cve11ubuntucve6osv16debiancve7prion9veracode8cgr5redhatcve7github9wolfi5nodejs1atlassian1amazon3f51redos1fedora2mageia1debian1