Vulnerabilities > CVE-2017-10278 - Unspecified vulnerability in Oracle Tuxedo

047910
CVSS 7.0 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
LOW
network
high complexity
oracle
nessus

Summary

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data as well as unauthorized update, insert or delete access to some of Oracle Tuxedo accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Tuxedo. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L).

Vulnerable Configurations

Part Description Count
Application
Oracle
4

Nessus

NASL familyMisc.
NASL idORACLE_TUXEDO_CVE-2017-10269.NASL
descriptionThe version of Oracle Tuxedo installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities including unauthenticated remote code execution.
last seen2020-03-18
modified2017-11-27
plugin id104786
published2017-11-27
reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/104786
titleOracle Tuxedo Jolt Server Multiple Vulnerabilities (CVE-2017-10269)
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(104786);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/19");

  script_cve_id(
    "CVE-2017-10266",
    "CVE-2017-10267",
    "CVE-2017-10269",
    "CVE-2017-10272",
    "CVE-2017-10278"
  );
  script_bugtraq_id(
    101841,
    101852,
    101870,
    101871,
    101875
  );

  script_name(english:"Oracle Tuxedo Jolt Server Multiple Vulnerabilities (CVE-2017-10269)");
  script_summary(english:"Checks for the patch.");

  script_set_attribute(attribute:"synopsis", value:
"An application server installed on the remote host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle Tuxedo installed on the remote host is missing
a security patch. It is, therefore, affected by multiple
vulnerabilities including unauthenticated remote code execution.");
  # https://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?675bbafd");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate rolling patch according to Oracle Security
Alert Advisory - CVE-2017-10269.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-10269");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/11/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/11/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/11/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:tuxedo");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_tuxedo_installed.nbin");
  script_require_keys("installed_sw/Oracle Tuxedo");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("oracle_rdbms_cpu_func.inc");
include("misc_func.inc");
include("install_func.inc");

app_name = "Oracle Tuxedo";
install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
version = install['version'];
rp = install['RP'];
path = install['path'];

rp_fix = 0;

if (version =~ "^12\.1\.3\.0($|\.|_)")
{
  rp_fix = 100;
  patch = "26694193";
}
else if (version =~ "^12\.2\.2\.0($|\.|_)")
{
  rp_fix = 23;
  patch = "26694193";
}
else if (version =~ "^12\.1\.1\.0($|\.|_)")
{
  rp_fix = 89;
  patch = "27086843";
}
else if (version =~ "^11\.1\.1\.2($|\.|_)")
{
  rp_fix = 179;
  patch = "27105181";
}
else if (version =~ "^11\.1\.1\.3($|\.|_)")
{
  rp_fix = 36;
  patch = "27162711";
}
else
  audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + " RP " + rp, path);

if (rp == UNKNOWN_VER || rp < rp_fix)
{
  items = make_array("Path", path,
                     "Version", version,
                     "RP", rp,
                     "Required RP", rp_fix,
                     "Required patch", patch
                    );
  order = make_list("Path", "Version", "RP", "Required RP", "Required patch");
  report = report_items_str(report_items:items, ordered_fields:order);

  security_report_v4(port:0, extra:report, severity:SECURITY_HOLE);
  exit(0);
}
else
  audit(AUDIT_INST_PATH_NOT_VULN, app_name, version + " RP " + rp, path);