From 8da63c7ab14737a0cc4dc97dfd5b438074767e52 Mon Sep 17 00:00:00 2001 From: TWangmo <125948963+TWangmo@users.noreply.github.com> Date: Fri, 17 Nov 2023 11:30:54 +0800 Subject: [PATCH] 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability (#413) * 20231027001-Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability * 20231031001-VVMware-Tools-Multiple-Vulnerabilities * 20231031001-VMware-Tools-Multiple-Vulnerabilities * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability * 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability * Update 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability.md * Update 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability.md * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability --------- Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com> Co-authored-by: Adon Metcalfe --- ...PHP-Remote-File-Inclusion-Vulnerability.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 docs/advisories/20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md diff --git a/docs/advisories/20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md b/docs/advisories/20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md new file mode 100644 index 00000000..15e3b048 --- /dev/null +++ b/docs/advisories/20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability.md @@ -0,0 +1,30 @@ +# Oracle Fusion Middleware PHP Remote File Inclusion Vulnerability - 20231117001 + +## Overview + +The WA SOC has observed a high vulnerability in Oracle software configuration, whereby the api handling endpoint allows for a local file inclusion that can lead to remote code execution. It requires a valid api token which can be obtained via a database backup (with account access), a number of different sql injections (with account access), or stolen from a user. + +## What is the vulnerability? + +[**CVE-2023-2551**](https://nvd.nist.gov/vuln/detail/CVE-2023-2551) - CVSS v3 Base Score: ***8.8*** + +## What is vulnerable? + +The vulnerability affects the following products: + +- [PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1](https://huntr.com/bounties/5723613c-55c6-4f18-9ed3-61ad44f5de9c/) + +## What has been observed? + +There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing. + +## Recommendation + +The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month* (refer [Patch Management](../guidelines/patch-management.md)): + +- [Bug Fixing](https://github.com/unilogies/bumsys/commit/86e29dd23df348ec6075f0c0de8e06b8d9fb0a9a) + +## Additional References + +- [Mitre CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2551) +