nuclei-templates/cves/2019/CVE-2019-2725.yaml

45 lines
1.6 KiB
YAML

id: CVE-2019-2725
info:
name: Oracle WebLogic Server - Unauthenticated RCE
author: dwisiswant0
severity: critical
description: |
Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
reference:
- https://paper.seebug.org/910/
- https://www.exploit-db.com/exploits/46780/
- https://www.oracle.com/security-alerts/cpujan2020.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-2725
cwe-id: CWE-74
tags: cve,cve2019,oracle,weblogic,rce
requests:
- method: POST
path:
- "{{BaseURL}}/_async/AsyncResponseService"
headers:
Content-Type: application/soap; charset="utf-8"
body: >-
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ads="http://www.w3.org/2005/08/addressing">
<soapenv:Header></soapenv:Header>
<soapenv:Body></soapenv:Body>
</soapenv:Envelope>
matchers-condition: and
matchers:
- type: word
words:
- "soapenv:Envelope"
part: body
- type: word
words:
- "X-Powered-By: Servlet"
part: header
- type: status
status:
- 200