Multiple vulnerabilities in Oracle Communications Billing and Revenue Management
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2019-11358 CVE-2019-12086 CVE-2018-18311 |
| CWE-ID | CWE-1321 CWE-200 CWE-190 CWE-122 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Oracle Communications Billing and Revenue Management Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Prototype pollution
EUVDB-ID: #VU18092
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2019-11358
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary JavaScript code.
The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.
Install update from vendor's website.
Vulnerable software versionsOracle Communications Billing and Revenue Management: 7.5 - 12.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2019.html?904644
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Information disclosure
EUVDB-ID: #VU19941
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2019-12086
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a polymorphic typing issue when Default Typing is enabled for an externally exposed JSON endpoint and the service has the mysql-connector-java jar in the classpath. A remote attacker can send a specially crafted JSON message and read arbitrary local files on the server due to the missing "com.mysql.cj.jdbc.admin.MiniAdmin" validation.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Billing and Revenue Management: 7.5 - 12.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2019.html?904644
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Integer overflow
EUVDB-ID: #VU16183
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2018-18311
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in Perl_my_setenv when processing malicious input. A remote unauthenticated attacker can supply specially crafted data, trigger heap-based buffer overflow and cause the service to crash or execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Billing and Revenue Management: 7.5 - 12.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujul2019.html?904644
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
