Vulnerabilities > CVE-2020-2739 - Unspecified vulnerability in Oracle Webcenter Sites 12.2.1.3.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

oracle

nessus

NVD

Published: 2020-04-15

Updated: 2020-04-15

Summary

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 7.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N).

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Webcenter Sites 12.2.1.3.0	1

Nessus

NASL family	Windows
NASL id	ORACLE_WEBCENTER_SITES_APR_2020_CPU.NASL
description	Oracle WebCenter Sites component of Oracle Fusion Middleware is vulnerable to multiple vulnerabilities. - Component: Advanced UI (jQuery). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data as well as unauthorized read access to a subset of Oracle WebCenter Sites accessible data (CVE-2019-11358). - Component: Sites (jackson-databind). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Sites (CVE-2019-16943). - Component: Advanced UI. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data (CVE-2020-2739 ).
last seen	2020-05-08
modified	2020-04-16
plugin id	135676
published	2020-04-16
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/135676
title	Oracle WebCenter Sites Multiple Vulnerabilities (April 2020 CPU)
code	# # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(135676); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/24"); script_cve_id("CVE-2019-11358", "CVE-2019-16943", "CVE-2020-2739"); script_xref(name:"IAVA", value:"2020-A-0153"); script_name(english:"Oracle WebCenter Sites Multiple Vulnerabilities (April 2020 CPU)"); script_set_attribute(attribute:"synopsis", value: "An application running on the remote host is affected by multiple security vulnerabilities."); script_set_attribute(attribute:"description", value: "Oracle WebCenter Sites component of Oracle Fusion Middleware is vulnerable to multiple vulnerabilities. - Component: Advanced UI (jQuery). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data as well as unauthorized read access to a subset of Oracle WebCenter Sites accessible data (CVE-2019-11358). - Component: Sites (jackson-databind). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Sites (CVE-2019-16943). - Component: Advanced UI. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data (CVE-2020-2739)."); script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2020.html"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the April 2020 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16943"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/15"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/16"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_webcenter_sites_installed.nbin", "oracle_enum_products_win.nbin"); script_require_keys("SMB/WebCenter_Sites/Installed"); exit(0); } include('oracle_rdbms_cpu_func.inc'); port = get_kb_item('SMB/transport'); if (isnull(port)) port = 445; get_kb_item_or_exit('SMB/WebCenter_Sites/Installed'); versions = get_kb_list('SMB/WebCenter_Sites/*/Version'); if (isnull(versions)) exit(1, 'Unable to obtain a version list for Oracle WebCenter Sites.'); report = ''; # vulnerable versions: # - 12.2.1.3.0 - Revision 185862, Patch 29957990 # Note that the revision does not match up with the version suffix shown in the readme # # - 12.2.1.4.0 - Patch 31101341 # This patch does not change revision. Need to find specific patch foreach key (keys(versions)) { fix = ''; version = versions[key]; revision = get_kb_item(key - '/Version' + '/Revision'); path = get_kb_item(key - '/Version' + '/Path'); if (isnull(version) \|\| isnull(revision)) continue; # Patch 29957990 - 12.2.1.3.0 < Revision 185862 if (version =~ "^12\.2\.1\.3\.0$" && revision < 185862) { fix = '\n Fixed revision : 185862' + '\n Required patch : 29957990'; } # Patch 31101341 - 12.2.1.4.0 else if (version =~ "^12\.2\.1\.4\.0$") { # Revision check does not work. Must find specific patch patch = '31101341'; oracle_homes = query_scratchpad("SELECT path FROM oracle_homes"); if (!max_index(oracle_homes)) exit(1, 'Failed to get any Oracle homes from the scratchpad.'); ohome = NULL; # Find the correct ohome foreach res (oracle_homes) { testpath = res['path']; if (testpath >< tolower(path)) { ohome = testpath; break; } } if (empty_or_null(ohome)) exit(1, 'Failed to find the proper Oracle home in the scratchpad.'); patchesinstalled = query_scratchpad("SELECT patchid FROM oracle_patches WHERE ohome=?;", ohome); patched = FALSE; # Check if patch is in ohome if (!isnull(patchesinstalled)) { patched = FALSE; foreach item (patchesinstalled) { if (item['patchid'] == patch) patched = TRUE; } } if(!patched) fix = '\n Required patch : 31101341'; } if (fix != '') { if (!isnull(path)) report += '\n Path : ' + path; report += '\n Version : ' + version + '\n Revision : ' + revision + fix + '\n'; } } if (report != '') security_report_v4(port:port, extra:report, severity:SECURITY_HOLE); else audit(AUDIT_INST_VER_NOT_VULN, 'Oracle WebCenter Sites');

References

https://www.oracle.com/security-alerts/cpuapr2020.html