SB2020042337 - Multiple vulnerabilities in Oracle Knowledge

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020042337

SB2020042337 - Multiple vulnerabilities in Oracle Knowledge

Published: April 23, 2020 Updated: March 6, 2024

Security Bulletin ID SB2020042337
CSH Severity
High
Patch available
YES
Number of vulnerabilities 16
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 19% Medium 38% Low 44%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 16 vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2020-2522)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Information Manager Console component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


2) Improper input validation (CVE-ID: CVE-2020-2553)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Information Manager Console component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


3) Improper input validation (CVE-ID: CVE-2020-2932)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Information Manager Console component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.


4) Improper input validation (CVE-ID: CVE-2020-2524)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the InQuira Search component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.


5) Cross-site scripting (CVE-ID: CVE-2017-14735)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear


The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


6) Cross-site scripting (CVE-ID: CVE-2015-9251)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear


The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when a cross-domain Ajax request is performed without the dataType option. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary text/javascript responses in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


7) Prototype pollution (CVE-ID: CVE-2019-11358)

CWE-ID: CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes (\'Prototype Pollution\')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear


The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.


8) Improper input validation (CVE-ID: CVE-2020-2795)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local privileged user to execute arbitrary code.

The vulnerability exists due to improper input validation within the Information Manager Console component in Oracle Knowledge. A local privileged user can exploit this vulnerability to execute arbitrary code.


9) Infinite loop (CVE-ID: CVE-2018-17197)

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to an infinite loop when handling malicious input. A remote attacker can supply a carefully crafted or corrupt sqlite file, trigger and an infinite loop in Apache Tika's SQLite3Parser and cause the service to crash.


10) Improper input validation (CVE-ID: CVE-2015-0254)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Information Manager Console (Apache Standard Taglibs) component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


11) Resource exhaustion (CVE-ID: CVE-2016-3092)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause denial of service conditions on the target system.

The vulnerability exists due to input validation error when processing very long boundary strings within the MultipartStream class in Apache Commons Fileupload. A remote user can cause denial of service conditions by sending specially crafted boundary string and consume excessive CPU resources.

Successful exploitation of this vulnerability may result in denial of service attack.


12) Improper input validation (CVE-ID: CVE-2019-0227)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green


The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Core (Apache Axis) component in Oracle Communications Design Studio. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


13) XXE attack (CVE-ID: CVE-2015-1832)

CWE-ID: CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to conduct XXE attack.
The weakness exists due to XML external entity error. Via vectors involving XmlVTI and the XML datatype context-dependent attackers can view arbitrary files that may lead to denial of service.
Successful exploitation of the vulnerability can result in potentially sensitive information disclosure and denial of service on the vulnerable system.

14) Improper input validation (CVE-ID: CVE-2020-2931)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Web Applications - InfoCenter component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


15) Desereliazation of untrusted data (CVE-ID: CVE-2016-1000031)

CWE-ID: CWE-502 - Deserialization of Untrusted Data

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists in DiskFileItem class of the FileUpload library due to deserialization of untrusted data. A remote attacker can execute arbitrary code under the context of the current process.

Successful exploitation of the vulnerability may result in system compromise.

16) Improper input validation (CVE-ID: CVE-2020-2791)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Information Manager Console component in Oracle Knowledge. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


Remediation

Install update from vendor's website.

References