SB2023101774 - Multiple vulnerabilities in Oracle Commerce Guided Search

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023101774

SB2023101774 - Multiple vulnerabilities in Oracle Commerce Guided Search

Published: October 17, 2023

Security Bulletin ID SB2023101774
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 83% Low 17%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2023-22043)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the JavaFX component in Oracle Java SE. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


2) Improper input validation (CVE-ID: CVE-2023-22029)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Workbench component in Oracle Commerce Guided Search. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.


3) Input validation error (CVE-ID: CVE-2023-20863)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote user can use a specially crafted SpEL expression and perform a denial of service (DoS) attack.


4) Insufficient verification of data authenticity (CVE-ID: CVE-2021-37533)

The vulnerability allows an attacker to redirect victim to a malicious host.

The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.


5) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-28709)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an incomplete fox for #VU72427 (CVE-2023-24998). If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed. A remote attacker can initiate a series of uploads and perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2022-41966)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass specially crafted data to the application, trigger a stack overflow error and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References