SB2020042115 - Multiple vulnerabilities in Oracle Communications Session Report Manager 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020042115

SB2020042115 - Multiple vulnerabilities in Oracle Communications Session Report Manager

Published: April 21, 2020

Security Bulletin ID SB2020042115
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2019-10247)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Integrator Acquistion System (Eclipse Jetty) component in Oracle Endeca Information Discovery Integrator. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.


2) Improper input validation (CVE-ID: CVE-2018-15756)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in Pivotal Software Spring Framework due to improper handling of range requests. A remote attacker can send a specially crafted request that contains an additional range header with a high number of ranges or with wide ranges that overlap and cause the service to crash.


3) Resource management error (CVE-ID: CVE-2019-10072)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incomplete fix for SB2019020812 when processing HTTP/2 requests. A remote attacker can perform denial of service attack by not sending WINDOW_UPDATE messages for the connection window (stream 0).

4) Improper input validation (CVE-ID: CVE-2019-0227)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Core (Apache Axis) component in Oracle Communications Design Studio. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


5) Privilege escalation (CVE-ID: CVE-2019-0211)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists within MPM implementation due to the application does not properly maintain each child's listener bucket number in the scoreboard that may lead to unprivileged code or scripts run by server (e.g. via mod_php) to modify the scoreboard and abuse the privileged main process.

A local user can execute arbitrary code on the system with privileges of the Apache HTTP Server code process.


6) Man-in-the-middle attack (CVE-ID: CVE-2018-8039)

The vulnerability allows a remote authenticated attacker to conduct man-in-the-middle attack on the target system.

The weakness exists due to improper verification of TLS hostnames when used with the 'com.sun.net.ssl' implementation. A remote attacker can conduct a man-in-the-middle attack and bypass the hostname verification.

Remediation

Install update from vendor's website.

References