Vulnerabilities > CVE-2018-3252 - Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0
Summary
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family Misc. NASL id ORACLE_WEBLOGIC_SERVER_CPU_OCT_2018.NASL description The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - Vulnerabilities in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Easily exploitable vulnerabilities allow unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerabilities can result in takeover of Oracle WebLogic Server. Supported versions that are affected: - 10.3.6.0: CVE-2018-3191, CVE-2018-3245, CVE-2018-3252 - 12.1.3.0: CVE-2018-3191, CVE-2018-3197, CVE-2018-3245, CVE-2018-3252 - 12.2.1.3: CVE-2018-3191, CVE-2018-3201, CVE-2018-3245, CVE-2018-3252 - Vulnerabilities in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Easily exploitable vulnerabilities allow unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerabilities can result in unauthorized access to critical data. Supported versions that are affected: - 10.3.6.0: CVE-2018-3248, CVE-2018-3249, CVE-2018-3250 - 12.1.3.0: CVE-2018-3246 - 12.2.1.3: CVE-2018-3246 - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Docker Images). The supported version that is affected is prior to Docker 12.2.1.3.20180913. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2018-3213) - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Console). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2018-2902) last seen 2020-06-01 modified 2020-06-02 plugin id 118205 published 2018-10-18 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118205 title Oracle WebLogic Server Multiple Vulnerabilities (October 2018 CPU) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(118205); script_version("1.5"); script_cvs_date("Date: 2019/04/30 14:00:04"); script_cve_id( "CVE-2018-3191", "CVE-2018-3197", "CVE-2018-3201", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3246", "CVE-2018-3213", "CVE-2018-3249", "CVE-2018-3248", "CVE-2018-3250", "CVE-2018-2902" ); script_bugtraq_id( 105613, 105606, 105611, 105628, 105654 ); script_name(english:"Oracle WebLogic Server Multiple Vulnerabilities (October 2018 CPU)"); script_summary(english:"Checks for the patch."); script_set_attribute(attribute:"synopsis", value: "An application server installed on the remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - Vulnerabilities in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Easily exploitable vulnerabilities allow unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerabilities can result in takeover of Oracle WebLogic Server. Supported versions that are affected: - 10.3.6.0: CVE-2018-3191, CVE-2018-3245, CVE-2018-3252 - 12.1.3.0: CVE-2018-3191, CVE-2018-3197, CVE-2018-3245, CVE-2018-3252 - 12.2.1.3: CVE-2018-3191, CVE-2018-3201, CVE-2018-3245, CVE-2018-3252 - Vulnerabilities in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Easily exploitable vulnerabilities allow unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerabilities can result in unauthorized access to critical data. Supported versions that are affected: - 10.3.6.0: CVE-2018-3248, CVE-2018-3249, CVE-2018-3250 - 12.1.3.0: CVE-2018-3246 - 12.2.1.3: CVE-2018-3246 - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Docker Images). The supported version that is affected is prior to Docker 12.2.1.3.20180913. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2018-3213) - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Console). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2018-2902)"); # https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?705136d8"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the October 2018 Oracle Critical Patch Update advisory. Refer to Oracle for any additional patch instructions or mitigation options."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-3191"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/16"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/18"); script_set_attribute(attribute:"agent", value:"all"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:weblogic_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_weblogic_server_installed.nbin", "os_fingerprint.nasl"); script_require_keys("installed_sw/Oracle WebLogic Server"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); include("obj.inc"); include("spad_log_func.inc"); app_name = "Oracle WebLogic Server"; install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE); ohome = install["Oracle Home"]; subdir = install["path"]; version = install["version"]; fix = NULL; fix_ver = NULL; spad_log(message:"checking version [" + version + "]"); # individual security patches if (version =~ "^12\.2\.1\.3($|[^0-9])") { fix_ver = "12.2.1.3.181016"; fix = make_list("28298734"); } else if (version =~ "^12\.1\.3\.") { fix_ver = "12.1.3.0.181016"; fix = make_list("28298916"); } else if (version =~ "^10\.3\.6\.") { fix_ver = "10.3.6.0.181016"; fix = make_list("GENM"); # patchid is obtained from the readme and 10.3.6.x assets are different } else audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir); spad_log(message:"checking fix [" + obj_rep(fix) + "]"); PATCHED=FALSE; # Iterate over the list of patches and check the install for the patchID foreach id (fix) { spad_log(message:"Checking fix id: [" + id +"]"); if (install[id]) { PATCHED=TRUE; break; } } VULN=FALSE; if (ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1) VULN=TRUE; if (PATCHED || !VULN) audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir); os = get_kb_item_or_exit("Host/OS"); if ('windows' >< tolower(os)) { port = get_kb_item("SMB/transport"); if (!port) port = 445; } else port = 0; report = '\n Oracle Home : ' + ohome + '\n Install path : ' + subdir + '\n Version : ' + version + '\n Fixes : ' + join(sep:", ", fix); security_report_v4(extra:report, severity:SECURITY_HOLE, port:port);
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201908-24.NASL description The remote host is affected by the vulnerability described in GLSA-201908-24 (MariaDB, MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB and MySQL. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 127973 published 2019-08-20 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127973 title GLSA-201908-24 : MariaDB, MySQL: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201908-24. # # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(127973); script_version("1.2"); script_cvs_date("Date: 2020/01/02"); script_cve_id("CVE-2018-2755", "CVE-2018-2759", "CVE-2018-2761", "CVE-2018-2766", "CVE-2018-2771", "CVE-2018-2777", "CVE-2018-2781", "CVE-2018-2782", "CVE-2018-2784", "CVE-2018-2786", "CVE-2018-2787", "CVE-2018-2810", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819", "CVE-2018-3143", "CVE-2018-3156", "CVE-2018-3162", "CVE-2018-3173", "CVE-2018-3174", "CVE-2018-3185", "CVE-2018-3200", "CVE-2018-3251", "CVE-2018-3252", "CVE-2018-3277", "CVE-2018-3282", "CVE-2018-3284", "CVE-2019-2510", "CVE-2019-2529", "CVE-2019-2537"); script_xref(name:"GLSA", value:"201908-24"); script_name(english:"GLSA-201908-24 : MariaDB, MySQL: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201908-24 (MariaDB, MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB and MySQL. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201908-24" ); script_set_attribute( attribute:"solution", value: "All MariaDB 10.1.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mariadb-10.1.38-r1' All MariaDB 10.2.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mariadb-10.2.22' All MySQL 5.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mysql-5.6.42' All MySQL 5.7.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mysql-5.7.24'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mariadb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mysql"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/19"); script_set_attribute(attribute:"patch_publication_date", value:"2019/08/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-db/mariadb", unaffected:make_list("ge 10.1.38-r1", "ge 10.2.22"), vulnerable:make_list("lt 10.1.38-r1", "lt 10.2.22"))) flag++; if (qpkg_check(package:"dev-db/mysql", unaffected:make_list("ge 5.6.42", "ge 5.7.24"), vulnerable:make_list("lt 5.6.42", "lt 5.7.24"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MariaDB / MySQL"); }
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.securityfocus.com/bid/105613
- http://www.securityfocus.com/bid/105613
- http://www.securitytracker.com/id/1041896
- http://www.securitytracker.com/id/1041896
- https://security.gentoo.org/glsa/201908-24
- https://security.gentoo.org/glsa/201908-24