SB20190716126 - Multiple vulnerabilities in Oracle Retail Order Broker

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20190716126

SB20190716126 - Multiple vulnerabilities in Oracle Retail Order Broker

Published: July 16, 2019

Security Bulletin ID SB20190716126
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) OS Command Injection (CVE-ID: CVE-2019-0232)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to an input validation error within the CGI Servlet when passing arguments from JRE to the Windows environment. A remote attacker can send a specially crafted request to the CGI Servlet, inject and execute arbitrary OS commands on the system with Apache Tomcat privileges.

Successful exploitation of the vulnerability requires that Apache Tomcat is installed on Windows operating system with enabled option “enableCmdLineArguments” (CGI Servlet and “enableCmdLineArguments” option are disabled by default).


2) Man-in-the-middle attack (CVE-ID: CVE-2018-8039)

The vulnerability allows a remote authenticated attacker to conduct man-in-the-middle attack on the target system.

The weakness exists due to improper verification of TLS hostnames when used with the 'com.sun.net.ssl' implementation. A remote attacker can conduct a man-in-the-middle attack and bypass the hostname verification.

Remediation

Install update from vendor's website.

References