SB2020041492 - Multiple vulnerabilities in Oracle Business Intelligence Enterprise Edition

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020041492

SB2020041492 - Multiple vulnerabilities in Oracle Business Intelligence Enterprise Edition

Published: April 14, 2020 Updated: November 3, 2021

Security Bulletin ID SB2020041492
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 67% Medium 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2015-7940)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."


2) Desereliazation of untrusted data (CVE-ID: CVE-2016-1000031)

The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists in DiskFileItem class of the FileUpload library due to deserialization of untrusted data. A remote attacker can execute arbitrary code under the context of the current process.

Successful exploitation of the vulnerability may result in system compromise.

3) Improper input validation (CVE-ID: CVE-2020-2950)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Analytics Web General component in Oracle Business Intelligence Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


Remediation

Install update from vendor's website.

References