SB2022041936 - Multiple vulnerabilities in Oracle Commerce Guided Search

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022041936

SB2022041936 - Multiple vulnerabilities in Oracle Commerce Guided Search

Published: April 19, 2022 Updated: December 17, 2024

Security Bulletin ID SB2022041936
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 57% Low 29%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Incorrect default permissions (CVE-ID: CVE-2020-8908)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions for files located in the temporary directory set by the Guava com.google.common.io.Files.createTempDir(). A local user with access to the system can view contents of files and directories or modify them.


2) Input validation error (CVE-ID: CVE-2020-13956)

The vulnerability allows a remote attacker to compromise the affected application.

The vulnerability exists due to insufficient validation of user-supplied input in Apache HttpClient. A remote attacker can pass request URIs to the library as java.net.URI object and force the application to pick the wrong target host for request execution.


3) Cross-site scripting (CVE-ID: CVE-2021-41165)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when processing HTML comments. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


4) Improper input validation (CVE-ID: CVE-2022-21466)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Tools and Frameworks component in Oracle Commerce Guided Search. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.


5) Resource exhaustion (CVE-ID: CVE-2021-42340)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak when processing HTTP connections. A remote attacker can initiate multiple HTTP connections with the web server and consume all available memory on the system.

6) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2021-22118)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in the WebFlux application, which leads to security restrictions bypass and privilege escalation.


7) Improper input validation (CVE-ID: CVE-2021-39139)

The vulnerability allows a remote authenticated user to execute arbitrary code.

The vulnerability exists due to improper input validation within the Tools (XStream) component in Oracle Utilities Testing Accelerator. A remote authenticated user can exploit this vulnerability to execute arbitrary code.


Remediation

Install update from vendor's website.

References