Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBLOGIC_SERVER_CPU_OCT_2022.NASL
HistoryOct 20, 2022 - 12:00 a.m.

Oracle WebLogic Server (Oct 2022 CPU)

2022-10-2000:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24

7.2 High

AI Score

Confidence

High

JSON

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the October 2022 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including:

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty Jars (Bouncy Castle Java Library)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
    Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
    (CVE-2020-28052)

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty Jars (Apache Xerces-J)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2022-23437)

  • Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty Jars (Apache Groovy)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2020-17521) )

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(166313);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/04");

  script_cve_id(
    "CVE-2020-17521",
    "CVE-2020-28052",
    "CVE-2021-29425",
    "CVE-2022-21616",
    "CVE-2022-22971",
    "CVE-2022-23437"
  );
  script_xref(name:"IAVA", value:"2022-A-0431");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Oracle WebLogic Server (Oct 2022 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"An application server installed on the remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the October 2022
Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty
    Jars (Bouncy Castle Java Library)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
    Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle
    WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
    (CVE-2020-28052)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty
    Jars (Apache Xerces-J)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily
    exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic
    Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of
    this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS)
    of Oracle WebLogic Server. (CVE-2022-23437)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Centralized Thirdparty
    Jars (Apache Groovy)). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable
    vulnerability allows low privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes
    to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to
    critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2020-17521)
)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpuoct2022cvrf.xml");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2022.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2022 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-28052");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/10/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/10/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:weblogic_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_weblogic_server_installed.nbin", "os_fingerprint.nasl");
  script_require_ports("installed_sw/Oracle WebLogic Server", "installed_sw/Oracle Data Integrator Embedded Weblogic Server");

  exit(0);
}

include('vcf_extras_oracle.inc');

var app_info = vcf::oracle_weblogic::get_app_info();

var constraints = [
  { 'min_version' : '12.2.1.3.0', 'fixed_version' : '12.2.1.3.221013', 'fixed_display' : '34697822 or 34703053' },
  { 'min_version' : '12.2.1.4.0', 'fixed_version' : '12.2.1.4.220929', 'fixed_display' : '34653267 or 34689215' }
];

vcf::oracle_weblogic::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oracleweblogic_servercpe:/a:oracle:weblogic_server

Related

nessus 37
osv 10
freebsd 1
github 6
cve 6
prion 6
veracode 5
debiancve 5
suse 4
ubuntucve 5
openvas 17
redhatcve 5
ibm 59
archlinux 1
githubexploit 2
alpinelinux 1
cnvd 2
amazon 1
attackerkb 1
ubuntu 1
debian 1
broadcom 1
redhat 16
atlassian 2
rubygems 1
redos 3
nessus
nessus
Oracle WebLogic Server 14.1.1 < 14.1.1.0.221010 (Oct 2022 CPU)
2022-10-20 00:00:00
openSUSE Security Update : groovy (openSUSE-2020-2367)
2021-01-25 00:00:00
FreeBSD : bouncycastle15 -- bcrypt password checking vulnerability (70e71a24-0151-11ec-bf0c-080027eedc6a)
2021-08-23 00:00:00
osv
osv
Logic error in Legion of the Bouncy Castle BC Java
2021-04-30 16:14:15
CVE-2020-17521
2020-12-07 20:15:12
Information Disclosure in Apache Groovy
2020-12-09 19:03:03
freebsd
freebsd
bouncycastle15 -- bcrypt password checking vulnerability
2020-11-02 00:00:00
github
github
Logic error in Legion of the Bouncy Castle BC Java
2021-04-30 16:14:15
Allocation of Resources Without Limits or Throttling in Spring Framework
2022-05-13 00:00:29
Information Disclosure in Apache Groovy
2020-12-09 19:03:03
cve
cve
CVE-2022-22971
2022-05-12 20:15:00
CVE-2020-28052
2020-12-18 01:15:00
CVE-2022-21616
2022-10-18 21:15:00
prion
prion
Code injection
2020-12-07 20:15:00
Design/Logic Flaw
2020-12-18 01:15:00
Design/Logic Flaw
2022-10-18 21:15:00
veracode
veracode
Information Disclosure
2020-12-10 02:51:13
Insecure Password Matching
2020-12-18 08:45:52
Denial Of Service (DoS)
2022-05-13 07:20:06
debiancve
debiancve
CVE-2020-28052
2020-12-18 01:15:00
CVE-2020-17521
2020-12-07 20:15:00
CVE-2022-22971
2022-05-12 20:15:00
suse
suse
Security update for groovy (moderate)
2020-12-31 00:00:00
Security update for xerces-j2 (important)
2022-02-18 00:00:00
Security update for apache-commons-io (moderate)
2021-04-23 00:00:00
ubuntucve
ubuntucve
CVE-2020-17521
2020-12-07 00:00:00
CVE-2020-28052
2020-12-18 00:00:00
CVE-2022-22971
2022-05-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3917-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-5095-1)
2021-09-30 00:00:00
openSUSE: Security Advisory for apache-commons-io (openSUSE-SU-2021:0605-1)
2021-04-24 00:00:00
redhatcve
redhatcve
CVE-2020-28052
2021-01-05 14:33:33
CVE-2020-17521
2021-01-29 10:31:19
CVE-2022-22971
2022-05-18 17:34:35
ibm
ibm
Security Bulletin: CVE-2020-17521 Apache Groovy's provided extension methods to aid with creating temporary directories was using a now superseded Java JDK method call that is potentiallly not secure in some situations.
2021-09-01 20:04:01
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to a denial of service due to Vmware Tanzu Spring Framework (CVE-2022-22971)
2022-09-23 06:09:19
Security Bulletin: Watson Machine Learning Accelerator is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22971)
2022-07-13 02:41:51
archlinux
archlinux
[ASA-202103-14] groovy: privilege escalation
2021-03-25 00:00:00
githubexploit
githubexploit
Exploit for CVE-2020-28052
2020-12-19 22:22:45
Exploit for CVE-2020-28052
2021-01-04 17:13:39
alpinelinux
alpinelinux
CVE-2022-22971
2022-05-12 20:15:00
cnvd
cnvd
Spring Framework Denial of Service Vulnerability (CNVD-2022-68890)
2022-05-13 00:00:00
Apache Xerces Denial of Service Vulnerability
2022-01-26 00:00:00
amazon
amazon
Medium: apache-commons-io
2023-05-25 17:41:00
attackerkb
attackerkb
CVE-2021-29425
2021-04-13 00:00:00
ubuntu
ubuntu
Apache Commons IO vulnerability
2021-09-29 00:00:00
debian
debian
[SECURITY] [DLA 2741-1] commons-io security update
2021-08-12 20:18:44
broadcom
broadcom
Apache Commons IO Vulnerability (CVE-2021-29425)
2023-12-18 00:00:00
redhat
redhat
(RHSA-2021:1401) Moderate: Red Hat Fuse 7.8.1 patch release and security update
2021-04-27 08:43:12
(RHSA-2021:2465) Moderate: Red Hat build of Eclipse Vert.x 4.1.0 security update
2021-07-07 06:25:26
(RHSA-2023:1661) Important: Red Hat AMQ Broker 7.11.0 release and security update
2023-04-05 13:22:07
atlassian
atlassian
Jira Server/DC impacted by CVE-2022-22970 & CVE-2022-22971 via vulnerable version of Spring framework
2023-02-03 05:50:39
Synchrony Proxy: spring-beans 5.3.19 is vulnerable to CVE-2022-22970
2022-09-14 06:31:26
rubygems
rubygems
XML Injection in Xerces Java affects Nokogiri
2022-04-10 21:00:00
redos
redos
ROS-2-604
2021-09-08 00:00:00
ROS-2-626
2021-09-08 00:00:00
ROS-2-582
2021-09-08 00:00:00

7.2 High

AI Score

Confidence

High

JSON
Related for ORACLE_WEBLOGIC_SERVER_CPU_OCT_2022.NASL
nessus37osv10freebsd1github6cve6prion6veracode5debiancve5suse4ubuntucve5openvas17redhatcve5ibm59archlinux1githubexploit2alpinelinux1cnvd2amazon1attackerkb1ubuntu1debian1broadcom1redhat16atlassian2rubygems1redos3