7 matches found
Oracle Demantra Database Credentials Leak
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...
Oracle Demantra Database Credentials Leak
This module exploits a database credentials leak found in Oracle Demantra 12.2.1 in combination with an authentication bypass. This way an unauthenticated user can retrieve the database name, username and password on any vulnerable machine. This module requires Metasploit:...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5880. Reason: This candidate is a duplicate of CVE-2013-5880. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2013-5880 instead of this candidate. All references and descriptions in this...
CVE-2014-5880
CVE-2014-5880 is a duplicate of CVE-2013-5880. Oracle Demantra 12.2.1 includes an authentication bypass: the loginCheck.jsp whitelisted URL can be accessed unauthenticated to reach restricted pages. A fix exists in 12.2.3. Public details cite Portcullis advisories and the associated CVE-2013-5880...
Oracle Demantra 12.2.1 Authentication Bypass
Vulnerability title: Authentication Bypass in Oracle Demantra CVE: CVE-2013-5880 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The authentication filter in Oracle Demantra is broken by design. For example the page:...
CVE-2013-5880
CVE-2013-5880 concerns Oracle Demantra Demand Management (Oracle Demantra, part of Oracle Supply Chain) with vulnerable versions including 12.2.1 and related 12.2.x lines. Connected documents confirm concrete details: authentication bypass and credential leakage scenarios affecting Demantra 12.2....
CVE-2013-5880
creationtimestamp| type| source ---|---|--- 2014-01-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39018 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/oracledemantrafileretrieval.rb 2018-05-29...