20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulner…

…ability (#413) * 20231027001-Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability * 20231031001-VVMware-Tools-Multiple-Vulnerabilities * 20231031001-VMware-Tools-Multiple-Vulnerabilities * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability * 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability * Update 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability.md * Update 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability.md * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability --------- Co-authored-by: Joshua Hitchen (DGov) <[email protected]> Co-authored-by: Adon Metcalfe <[email protected]>
wagov · Nov 17, 2023 · 8da63c7 · 8da63c7
1 parent 1cfa178
commit 8da63c7
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/...20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md b/...20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md
@@ -0,0 +1,30 @@
+# Oracle Fusion Middleware PHP Remote File Inclusion Vulnerability - 20231117001
+
+## Overview
+
+The WA SOC has observed a high vulnerability in Oracle software configuration, whereby the api handling endpoint allows for a local file inclusion that can lead to remote code execution. It requires a valid api token which can be obtained via a database backup (with account access), a number of different sql injections (with account access), or stolen from a user.
+
+## What is the vulnerability?
+
+[**CVE-2023-2551**](https://nvd.nist.gov/vuln/detail/CVE-2023-2551) - CVSS v3 Base Score: ***8.8***
+
+## What is vulnerable?
+
+The vulnerability affects the following products:
+
+- [PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1](https://huntr.com/bounties/5723613c-55c6-4f18-9ed3-61ad44f5de9c/)
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- [Bug Fixing](https://github.com/unilogies/bumsys/commit/86e29dd23df348ec6075f0c0de8e06b8d9fb0a9a)
+
+## Additional References
+
+- [Mitre CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2551)
+