Vulnerabilities > CVE-2017-10151 - Unspecified vulnerability in Oracle Identity Manager

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

oracle

critical

nessus

NVD

Published: 2017-10-30

Updated: 2019-10-03

Summary

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager. While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Identity Manager 11.1.2.1.0 Oracle Identity Manager 11.1.1.7 Oracle Identity Manager 11.1.2.3 Oracle Identity Manager 12.2.1.3 Oracle Identity Manager 11.1.1.9 Oracle Identity Manager 11.1.2.2.0	6

Nessus

NASL family	Misc.
NASL id	ORACLE_IDENTITY_MANAGEMENT_CVE-2017-10151_LOCAL.NASL
description	The remote host is missing a security update for Oracle Identity Manager. It, therefore, has a default account enabled that allows an unauthenticated, remote attacker to execute arbitrary code.
last seen	2020-05-12
modified	2017-11-01
plugin id	104324
published	2017-11-01
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/104324
title	Oracle Identity Manager Default Account Local Check (CVE-2017-10151)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(104324); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/11"); script_cve_id("CVE-2017-10151"); script_name(english:"Oracle Identity Manager Default Account Local Check (CVE-2017-10151)"); script_summary(english:"Checks the version of OIM."); script_set_attribute(attribute:"synopsis", value: "An application installed on the remote host has a default account that allows remote code execution."); script_set_attribute(attribute:"description", value: "The remote host is missing a security update for Oracle Identity Manager. It, therefore, has a default account enabled that allows an unauthenticated, remote attacker to execute arbitrary code."); # http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?85d29654"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the Oracle advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-10151"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/30"); script_set_attribute(attribute:"patch_publication_date", value:"2017/11/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/11/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:identity_manager"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_identity_management_installed.nbin"); script_require_keys("installed_sw/Oracle Identity Manager"); exit(0); } include("global_settings.inc"); include("oracle_rdbms_cpu_func.inc"); include("misc_func.inc"); include("install_func.inc"); product = "Oracle Identity Manager"; install = get_single_install(app_name:product, exit_if_unknown_ver:TRUE); version = install['version']; path = install['path']; report = NULL; fixes = NULL; if (version =~ "^11\.1\.1\.7(\.\|$)") fixes = make_list("27037128"); else if (version =~ "^11\.1\.2\.3(\.\|$)") fixes = make_list("27037128", "27377675","27789871","28214994", "30338509"); else if (version =~ "^12\.2\.1\.3(\.\|$)") fixes = make_list("27037128","27250679","27704994"); else audit(AUDIT_INST_PATH_NOT_VULN, product, version, path); patched = FALSE; ohomes = make_list(path); patches = find_patches_in_ohomes(ohomes:ohomes); foreach patch (keys(patches[path])) { foreach fix (fixes) { if (patch == fix) { patched = TRUE; break; } } } if (patched) audit(AUDIT_INST_PATH_NOT_VULN, product, version + ' with patch ' + fix, path); report = '\n Path : ' + path + '\n Installed version : ' + version + '\n Required patch : ' + fixes[0] + '\n'; security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);

The Hacker News

id	THN:A765386E712A87F68195BFE8453B1EF6
last seen	2018-01-27
modified	2017-10-31
published	2017-10-30
reporter	Swati Khandelwal
source	https://thehackernews.com/2017/10/oracle-identity-manager.html
title	Highly Critical Flaw (CVSS Score 10) Lets Hackers Hijack Oracle Identity Manager

Vulnerabilities > CVE-2017-10151 - Unspecified vulnerability in Oracle Identity Manager

Summary

Vulnerable Configurations

Nessus

The Hacker News

Related news

References