2022-05-20 12:20:05 +00:00
id : CVE-2022-21500
info :
2022-06-29 17:51:04 +00:00
name : Oracle E-Business Suite <=12.2 - Authentication Bypass
2023-10-12 13:10:11 +00:00
author : 3th1c_yuk1,tess,0xpugazh
2022-05-20 12:20:05 +00:00
severity : high
description : |
2022-06-29 19:25:07 +00:00
Oracle E-Business Suite (component : Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to bypass authentication and gain unauthorized access to the Oracle E-Business Suite application.
2023-09-06 11:59:08 +00:00
remediation : |
Apply the necessary security patches or updates provided by Oracle to mitigate this vulnerability.
2022-05-20 12:20:05 +00:00
reference :
- https://orwaatyat.medium.com/my-new-discovery-in-oracle-e-business-login-panel-that-allowed-to-access-for-all-employees-ed0ec4cad7ac
- https://twitter.com/GodfatherOrwa/status/1514720677173026816
2022-05-20 12:37:37 +00:00
- https://www.oracle.com/security-alerts/alert-cve-2022-21500.html
2022-06-29 19:25:07 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-21500
2023-07-11 19:49:27 +00:00
- https://www.oracle.com/security-alerts/cpujul2022.html
2022-05-20 12:37:37 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.5
cve-id : CVE-2022-21500
2024-03-23 09:28:19 +00:00
epss-score : 0.92631
epss-percentile : 0.98947
2023-09-06 11:59:08 +00:00
cpe : cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*
2022-05-20 12:20:05 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-10-14 11:27:55 +00:00
max-request : 4
2023-07-11 19:49:27 +00:00
vendor : oracle
product : e-business_suite
2023-09-06 11:59:08 +00:00
shodan-query : http.title:"Login" "X-ORACLE-DMS-ECID" 200
2022-07-02 11:48:08 +00:00
tags : cve,cve2022,oracle,misconfig,auth-bypass
2022-05-20 12:20:05 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-05-20 12:20:05 +00:00
- method : GET
path :
- '{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp'
2023-10-13 09:38:25 +00:00
- '{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp'
2023-10-12 13:10:11 +00:00
- '{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp'
- '{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp'
2022-05-20 12:20:05 +00:00
2023-10-12 13:11:52 +00:00
stop-at-first-match : true
2022-05-20 12:20:05 +00:00
matchers-condition : and
matchers :
- type : word
words :
- 'Registration'
- 'Register as individual'
- '<!-- ibeCZzpRuntimeIncl.jsp end -->'
condition : and
- type : status
status :
- 200
2024-03-25 11:57:16 +00:00
# digest: 4a0a00473045022077a908cc0f84943d99a897323cdeb2899210c5a6cd3d08634c62ced31283feeb022100a8428c5469152520da4ec621970240d45755a2c602d099e22dce986d12653785:922c64590222798bb761d5b6d8e72950