2022-05-20 12:20:05 +00:00
id : CVE-2022-21500
info :
2022-06-29 17:51:04 +00:00
name : Oracle E-Business Suite <=12.2 - Authentication Bypass
2022-05-20 12:20:05 +00:00
author : 3th1c_yuk1,tess
severity : high
description : |
2022-06-29 17:51:04 +00:00
Oracle E-Business Suite (component : Manage Proxies)12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.
2022-05-20 12:20:05 +00:00
reference :
- https://orwaatyat.medium.com/my-new-discovery-in-oracle-e-business-login-panel-that-allowed-to-access-for-all-employees-ed0ec4cad7ac
- https://twitter.com/GodfatherOrwa/status/1514720677173026816
- https://nvd.nist.gov/vuln/detail/CVE-2022-21500
2022-05-20 12:37:37 +00:00
- https://www.oracle.com/security-alerts/alert-cve-2022-21500.html
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.5
cve-id : CVE-2022-21500
2022-05-20 12:20:05 +00:00
metadata :
shodan-query : http.title:"Login" "X-ORACLE-DMS-ECID" 200
2022-05-20 12:37:37 +00:00
verified : "true"
2022-05-20 12:20:05 +00:00
tags : oracle,misconfig,cve,cve2022
requests :
- method : GET
path :
- '{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp'
matchers-condition : and
matchers :
- type : word
words :
- 'Registration'
- 'Register as individual'
- '<!-- ibeCZzpRuntimeIncl.jsp end -->'
condition : and
- type : status
status :
- 200
2022-06-29 17:51:04 +00:00
# Enhanced by mp on 2022/06/29