SB20200114164 - Multiple vulnerabilities in Oracle Retail Markdown Optimization

Security Bulletin ID SB20200114164

Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2016-1181)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation in ActionServlet.java when handling multithreaded access to an ActionForm instance. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

2) Stored cross-site scripting (CVE-ID: CVE-2018-12581)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data within Designer feature. A remote attacker create database with a specially crafted name and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

3) Improper input validation (CVE-ID: CVE-2019-2904)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Load Testing for Web Apps (Application Development Framework) component in Oracle Application Testing Suite. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Remediation

Install update from vendor's website.

References

https://www.oracle.com/security-alerts/cpujan2020.html?534494