SB2023101795 - Multiple vulnerabilities in Oracle Business Intelligence Enterprise Edition

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023101795

SB2023101795 - Multiple vulnerabilities in Oracle Business Intelligence Enterprise Edition

Published: October 17, 2023

Security Bulletin ID SB2023101795
Severity
High
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Medium 67% Low 8%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2023-22109)

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Analytics Web Dashboards component in Oracle Business Intelligence Enterprise Edition. A remote authenticated user can exploit this vulnerability to read and manipulate data.


2) Improper input validation (CVE-ID: CVE-2023-22082)

The vulnerability allows a remote authenticated user to read and manipulate data.

The vulnerability exists due to improper input validation within the Pod Admin component in Oracle Business Intelligence Enterprise Edition. A remote authenticated user can exploit this vulnerability to read and manipulate data.


3) Resource exhaustion (CVE-ID: CVE-2023-34462)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources if no idle timeout handler was configured. A remote attacker can send a client hello packet, which leads the server to buffer up to 16MB of data per connection and results in a denial of service condition.


4) Protection mechanism failure (CVE-ID: CVE-2019-10086)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exist due to Beanutils is not using by default the a special BeanIntrospector class in PropertyUtilsBean that was supposed to suppress the ability for an attacker to access the classloader via the class property available on all Java objects. A remote attacker can abuse such application behavior against applications that were developed to rely on this security feature.


5) Information disclosure (CVE-ID: CVE-2023-30861)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to missing Vary: Cookie header. A remote attacker can gain unauthorized access to sensitive information on the system.


6) Integer overflow (CVE-ID: CVE-2022-41409)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in pcre2test. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service (DoS) attack.


7) Resource exhaustion (CVE-ID: CVE-2021-43045)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to .NET SDK of Apache Avro does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


8) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2020-11988)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input within the XMPParser in Apache XmlGraphics Commons. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


9) Improper input validation (CVE-ID: CVE-2023-30535)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Development Operations (Snowflake JDBC) component in BI Publisher. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


10) Code Injection (CVE-ID: CVE-2022-33980)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


11) Security features bypass (CVE-ID: CVE-2022-26612)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to missing symbolic links checks when extracting files from TAR archives on Windows. A remote attacker can trick the victim to open a specially crafted archive and overwrite files on the system.


12) Improper Privilege Management (CVE-ID: CVE-2023-22946)

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management. A local user can send specially crafted configuration-related classes on the classpath and exploit this vulnerability to execute arbitrary code with the privileges of the submitting user.


Remediation

Install update from vendor's website.

References