SB2020042303 - Multiple vulnerabilities in Enterprise Manager Base Platform

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020042303

SB2020042303 - Multiple vulnerabilities in Enterprise Manager Base Platform

Published: April 23, 2020

Security Bulletin ID SB2020042303
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2019-1543)

The vulnerability allows a remote attacker to gain access to encrypted data.

The vulnerability exists due to incorrect implementation of the ChaCha20-Poly1305 cipher. For messages, encrypted with this cipher, a reused nonce value is used that is susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce.

This vulnerability does not affect internal usage of the cipher within OpenSSL. However if an application uses this cipher directly and sets a non-default nonce length to be longer than 12 bytes, it may be vulnerable.

2) Integer overflow (CVE-ID: CVE-2018-18311)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in Perl_my_setenv when processing malicious input. A remote unauthenticated attacker can supply specially crafted data, trigger heap-based buffer overflow and cause the service to crash or execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Improper input validation (CVE-ID: CVE-2020-2961)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Discovery Framework (Oracle OHS) component in Enterprise Manager Base Platform. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


Remediation

Install update from vendor's website.

References