2022-05-20 12:20:05 +00:00
id : CVE-2022-21500
info :
2022-06-29 17:51:04 +00:00
name : Oracle E-Business Suite <=12.2 - Authentication Bypass
2022-05-20 12:20:05 +00:00
author : 3th1c_yuk1,tess
severity : high
description : |
2022-06-29 19:25:07 +00:00
Oracle E-Business Suite (component : Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.
2023-09-06 11:59:08 +00:00
remediation : |
Apply the necessary security patches or updates provided by Oracle to mitigate this vulnerability.
2022-05-20 12:20:05 +00:00
reference :
- https://orwaatyat.medium.com/my-new-discovery-in-oracle-e-business-login-panel-that-allowed-to-access-for-all-employees-ed0ec4cad7ac
- https://twitter.com/GodfatherOrwa/status/1514720677173026816
2022-05-20 12:37:37 +00:00
- https://www.oracle.com/security-alerts/alert-cve-2022-21500.html
2022-06-29 19:25:07 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-21500
2023-07-11 19:49:27 +00:00
- https://www.oracle.com/security-alerts/cpujul2022.html
2022-05-20 12:37:37 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.5
cve-id : CVE-2022-21500
2023-08-31 11:46:18 +00:00
epss-score : 0.95664
epss-percentile : 0.99159
2023-09-06 11:59:08 +00:00
cpe : cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*
2022-05-20 12:20:05 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 11:59:08 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : oracle
product : e-business_suite
2023-09-06 11:59:08 +00:00
shodan-query : http.title:"Login" "X-ORACLE-DMS-ECID" 200
2022-07-02 11:48:08 +00:00
tags : cve,cve2022,oracle,misconfig,auth-bypass
2022-05-20 12:20:05 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-05-20 12:20:05 +00:00
- method : GET
path :
- '{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp'
matchers-condition : and
matchers :
- type : word
words :
- 'Registration'
- 'Register as individual'
- '<!-- ibeCZzpRuntimeIncl.jsp end -->'
condition : and
- type : status
status :
- 200