SB2024011695 - Multiple vulnerabilities in Oracle Commerce Guided Search

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024011695

SB2024011695 - Multiple vulnerabilities in Oracle Commerce Guided Search

Published: January 16, 2024 Updated: December 6, 2024

Security Bulletin ID SB2024011695
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

High 25% Medium 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Incorrect Regular Expression (CVE-ID: CVE-2022-33879)

The vulnerability allows a remote attacker to perform DoS attack.

The vulnerability exists due to improper validation in the StandardsExtractingContentHandler. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.

The vulnerability exists due to incomplete fixes for #VU63404 (CVE-2022-30126) and #VU63904 (CVE-2022-30973).


2) Resource exhaustion (CVE-ID: CVE-2023-44487)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".

Note, the vulnerability is being actively exploited in the wild.


3) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-5072)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


4) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2023-46589)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests when parsing malformed trailer headers. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.


Remediation

Install update from vendor's website.

References