Oracle E-Business Suite - Remote Code Execution (CVE-2022-21587)
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite is affected by a Remote Code Execution vulnerability. The root cause of this vulnerability is a special case treated by doUploadFile method which allows uploading a file using UUE encoding. The attacker can upload a malicious Perl web shell in order to achieve access to the server.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Apply the security patch for the Oracle Web Applications Desktop Integrator.
- References
https://nvd.nist.gov/vuln/detail/CVE-2022-21587
https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- Oct 2022
- Published at
- Updated at
- Software Type
- Web server
- Vendor
- Oracle
- Product
- EBS