CVE-2022-21392 The Oracle Enterprise Manager Base Platform is affected by a vulnerability in versions 13.4.0.0 and 13.5.0.0.

CVE-2022-21392 The Oracle Enterprise Manager Base Platform is affected by a vulnerability in versions 13.4.0.0 and 13.5.0.0.

Red teamers can use this vulnerability to perform an RCE on the affected component. In order to exploit the vulnerability an attacker must have the ability to send a request to the component via HTTP and the request must be successfully processed by the component. Enterprise Manager Base Platform does not have a formal logging system, so it is not possible for administrators to determine what actions were taken when receiving a request. This makes it difficult for administrators to detect an attack in progress. CVSS 3.0 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). Enterprise Manager Base Platform performs authentication via a cookie, which makes it possible for attackers to hijack visitors to the system by injecting a forged cookie. This vulnerability is easily exploitable. Red teamers can use this vulnerability to perform remote code execution. To exploit this vulnerability an attacker must have the ability to send a request to the component via HTTP and the request must be successfully processed by the component. Enterprise Manager Base Platform does not have a formal logging system, so it is not possible for administrators to determine what actions were taken when receiving a request. This makes it difficult for administrators to detect an attack in progress. Enterprise Manager Base Platform uses a cookie-based authentication mechanism and thus an attacker can easily intercept and modify HTTP requests

Third-party software

A vulnerability exists within the third-party software. The vulnerability allows an attacker to inject a payload into a web session by exploiting a race condition in the software. Red teamers can use this vulnerability to perform remote code execution on Enterprise Manager Base Platform. To exploit this vulnerability an attacker must have the ability to send a request to the component via HTTP and the request must be successfully processed by the component. There is no formal logging system for Enterprise Manager Base Platform, which makes it difficult for administrators to detect an attack in progress.

Vulnerable packages

Enterprise Manager Base Platform is vulnerable to POODLE.
The vulnerability allows an attacker to intercept and modify HTTP requests. This makes it possible for attackers to hijack visitors to the system by injecting a forged cookie. This vulnerability is easily exploitable, as red teamers can use this vulnerability to perform remote code execution.

Business Impact

The impact to the business will depend on the severity of the vulnerability. If an attacker manages to insert a forged cookie in requests, it could lead to unauthorized access and server compromise. This is a serious issue for any organization that uses Enterprise Manager Base Platform. Vulnerabilities such as this are difficult to assess because of the lack of formal system logging.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe