SB2022012747 - Multiple vulnerabilities in Oracle Enterprise Session Border Controller

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022012747

SB2022012747 - Multiple vulnerabilities in Oracle Enterprise Session Border Controller

Published: January 27, 2022 Updated: July 31, 2022

Security Bulletin ID SB2022012747
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Medium 50% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2022-21383)

The vulnerability allows a remote authenticated user to perform service disruption.

The vulnerability exists due to improper input validation within the Log component in Oracle Enterprise Session Border Controller. A remote authenticated user can exploit this vulnerability to perform service disruption.


2) Off-by-one (CVE-ID: CVE-2021-23017)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an off-by-one error within the ngx_resolver_copy() function when processing DNS responses. A remote attacker can trigger an off-by-one error, write a dot character (‘.’, 0x2E) out of bounds in a heap allocated buffer and execute arbitrary code on the system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E.


3) Improper input validation (CVE-ID: CVE-2022-21381)

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the WebUI component in Oracle Enterprise Session Border Controller. A remote authenticated user can exploit this vulnerability to read and manipulate data.


4) Improper input validation (CVE-ID: CVE-2022-21382)

The vulnerability allows a remote authenticated user to manipulate data.

The vulnerability exists due to improper input validation within the WebUI component in Oracle Enterprise Session Border Controller. A remote authenticated user can exploit this vulnerability to manipulate data.


Remediation

Install update from vendor's website.

References