Multiple vulnerabilities in Oracle Financial Services Model Management and Governance



Published: 2022-10-18 | Updated: 2022-11-28
Risk Medium
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-24823
CVE-2022-22971
CVE-2021-44832
CVE-2022-23181
CVE-2022-31129
CVE-2022-25647
CVE-2021-40690
CWE-ID CWE-378
CWE-20
CWE-94
CWE-264
CWE-185
CWE-502
CWE-200
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe
Oracle Financial Services Model Management and Governance
Server applications / Other server solutions

Vendor Oracle

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Creation of Temporary File With Insecure Permissions

EUVDB-ID: #VU62849

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24823

CWE-ID: CWE-378 - Creation of Temporary File With Insecure Permissions

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to usage of insecure permissions for temporary files. A local user can view contents of temporary files and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU63085

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-22971

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the Spring application with a STOMP over WebSocket endpoint. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Code Injection

EUVDB-ID: #VU59098

Risk: Medium

CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-44832

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote user with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Security restrictions bypass

EUVDB-ID: #VU60079

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23181

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a time of check, time of use flaw when configured to persist sessions using the FileStore. A local user can perform certain actions which lead to security restrictions bypass and privilege escalation (code execution with Tomcat process privileges).

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Incorrect Regular Expression

EUVDB-ID: #VU65835

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31129

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of user-supplied input when parsing overly long strings. A remote attacker can pass a string that contains more that 10k characters and perform regular expression denial of service (ReDoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.0.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deserialization of Untrusted Data

EUVDB-ID: #VU64152

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-25647

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to insecure input validation when processing serialized data passed to writeReplace() method. A remote attacker can pass specially crafted data to the application and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.0.8.0 - 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Information disclosure

EUVDB-ID: #VU58198

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-40690

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. A remote attacker can abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Financial Services Model Management and Governance: 8.1.1.0

External links

http://www.oracle.com/security-alerts/cpuoct2022.html?948044


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###