cvelistv5 - cve-2019-2725

CVE-2019-2725 (GCVE-0-2019-2725)

Vulnerability from cvelistv5

Published

2019-04-26 18:21

Modified

2026-01-12 20:27

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.

Summary

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

References

URL

Tags

	http://www.securityfocus.com/bid/108074	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html	x_refsource_MISC
	https://support.f5.com/csp/article/K90059138	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/46780/	exploit, x_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html	x_refsource_MISC
	http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Tape Library ACSLS	Version: 8.5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-01-10

Due date: 2022-07-10

Required action: Apply updates per vendor instructions.

Used in ransomware: Known

Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-2725

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:56:45.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108074",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108074"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K90059138"
          },
          {
            "name": "46780",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46780/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-2725",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-01T16:23:13.530985Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2725"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-12T20:27:52.191Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2725"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tape Library ACSLS",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-21T12:13:22.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "108074",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108074"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K90059138"
        },
        {
          "name": "46780",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46780/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2019-2725",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Tape Library ACSLS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "8.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Oracle Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108074",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108074"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html",
              "refsource": "MISC",
              "url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K90059138",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K90059138"
            },
            {
              "name": "46780",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46780/"
            },
            {
              "name": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
              "refsource": "MISC",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2019-2725",
    "datePublished": "2019-04-26T18:21:08.000Z",
    "dateReserved": "2018-12-14T00:00:00.000Z",
    "dateUpdated": "2026-01-12T20:27:52.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2019-2725",
      "cwes": "[\"CWE-74\"]",
      "dateAdded": "2022-01-10",
      "dueDate": "2022-07-10",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-2725",
      "product": "WebLogic Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle WebLogic Server, Injection"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/108074\", \"name\": \"108074\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/csp/article/K90059138\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46780/\", \"name\": \"46780\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T18:56:45.647Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-2725\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-01T16:23:13.530985Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2725\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2725\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-01T16:23:30.069Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Tape Library ACSLS\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.5\"}]}], \"references\": [{\"url\": \"http://www.securityfocus.com/bid/108074\", \"name\": \"108074\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://support.f5.com/csp/article/K90059138\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46780/\", \"name\": \"46780\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2021-07-21T12:13:22.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"7.5\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\"}}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"8.5\", \"version_affected\": \"=\"}]}, \"product_name\": \"Tape Library ACSLS\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/108074\", \"name\": \"108074\", \"refsource\": \"BID\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://support.f5.com/csp/article/K90059138\", \"name\": \"https://support.f5.com/csp/article/K90059138\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.exploit-db.com/exploits/46780/\", \"name\": \"46780\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujan2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW\", \"name\": \"https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMW\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.  Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-2725\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-2725\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-12T20:27:52.191Z\", \"dateReserved\": \"2018-12-14T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2019-04-26T18:21:08.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2019-ALE-005

Vulnerability from certfr_alerte

[Mise à jour du 29 avril 2019] Oracle a publié un correctif de sécurité le 26 avril 2019. Le CERT-FR recommande son application dans les plus brefs délais (cf. section Documentation).

Le 21 avril 2019, l'équipe de chercheurs Knownsec 404 Team a annoncé avoir trouvé une vulnérabilité affectant toutes les versions d’Oracle WebLogic : https://medium.com/@knownseczoomeye/knownsec-404-team-oracle-weblogic-deserialization-rce-vulnerability-0day-alert-90dd9a79ae93

Par une requête HTTP(S) spécialement forgée, un attaquant non authentifié pourrait exécuter du code arbitraire à distance. La vulnérabilité serait déclenchée lors de la dé-sérialisation de la requête dans les composants wls9_async_response.war et wls-wsat.war, qui sont installés par défaut. Le premier composant permet la gestion d'opérations asynchrones par le serveur tandis que le second est un module de gestion de la sécurité.

Aucun correctif n’est disponible pour l’instant et Oracle n’a pas communiqué sur le sujet. Le CERT-FR n'a pu vérifier l’existence de ces vulnérabilités et n'a pas identifié de code d'exploitation sur Internet. De nombreux scans sur les urls vulnérables ont néanmoins été identifiés.

Selon le chercheur, cette vulnérabilité n’a pas encore été exploitée pour exécuter des charges malveillantes.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'application des correctifs de sécurité est toujours préférable aux mesures de contournement.

Une évaluation des risques doit être conduite avant d'envisager les mesures de contournement suivantes :

Bloquer l’accès aux chemins contenant les motifs /_async/* et */wls-wsat/* ;
*
Supprimer les fichiers wls9_async_response.war et wls-wsat.war, puis redémarrer le service.

None

Impacted products

	Vendor	Product	Description
	Oracle	Weblogic	Oracle WebLogic Server version 12.1.3.0.0
	Oracle	Weblogic	Oracle WebLogic Server version 10.3.6.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cve-2019-2725 du 26 avril 2019	None	vendor-advisory
Avis CERT-FR CERTFR-2019-AVI-189 du 29 avril 2019	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle WebLogic Server version 12.1.3.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server version 10.3.6.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-06-20",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nL\u0027application des correctifs de s\u00e9curit\u00e9 est toujours pr\u00e9f\u00e9rable aux\nmesures de contournement.\n\nUne \u00e9valuation des risques doit \u00eatre conduite avant d\u0027envisager les\nmesures de contournement suivantes :\n\n1.  Bloquer l\u2019acc\u00e8s aux chemins contenant les motifs */\\_async/\\** et\n    */wls-wsat/\\* ;  \n    *\n2.  Supprimer les fichiers *wls9_async_response.war* et *wls-wsat.war*,\n    puis red\u00e9marrer le service.\n",
  "cves": [
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    }
  ],
  "initial_release_date": "2019-04-26T00:00:00",
  "last_revision_date": "2019-06-20T00:00:00",
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-189 du 29 avril 2019",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-189/"
    }
  ],
  "reference": "CERTFR-2019-ALE-005",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-04-26T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de s\u00e9curit\u00e9 Oracle cve-2019-2725 du 26 avril 2019",
      "revision_date": "2019-04-29T00:00:00.000000"
    },
    {
      "description": "Modification des versions vuln\u00e9rables par Oracle le 30 avril 2019.",
      "revision_date": "2019-05-03T00:00:00.000000"
    },
    {
      "description": "Passage de la mesure de contournement dans la section Solution.",
      "revision_date": "2019-05-17T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte",
      "revision_date": "2019-06-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 29 avril 2019\\]\u003c/strong\u003e Oracle a publi\u00e9 un correctif de\ns\u00e9curit\u00e9 le 26 avril 2019. Le CERT-FR recommande son application dans\nles plus brefs d\u00e9lais (cf. section Documentation).\n\n\u00a0\n\nLe 21 avril 2019, l\u0027\u00e9quipe de chercheurs Knownsec 404 Team a annonc\u00e9\navoir trouv\u00e9 une vuln\u00e9rabilit\u00e9 affectant toutes les versions d\u2019Oracle\nWebLogic :\n\u003chttps://medium.com/@knownseczoomeye/knownsec-404-team-oracle-weblogic-deserialization-rce-vulnerability-0day-alert-90dd9a79ae93\u003e\n\nPar une requ\u00eate HTTP(S) sp\u00e9cialement forg\u00e9e, un attaquant non\nauthentifi\u00e9 pourrait ex\u00e9cuter du code arbitraire \u00e0 distance. La\nvuln\u00e9rabilit\u00e9 serait d\u00e9clench\u00e9e lors de la d\u00e9-s\u00e9rialisation de la\nrequ\u00eate dans les composants *wls9_async_response.war* et *wls-wsat.war*,\nqui sont install\u00e9s par d\u00e9faut. Le premier composant permet la gestion\nd\u0027op\u00e9rations asynchrones par le serveur tandis que le second est un\nmodule de gestion de la s\u00e9curit\u00e9.\n\nAucun correctif n\u2019est disponible pour l\u2019instant et Oracle n\u2019a pas\ncommuniqu\u00e9 sur le sujet. Le CERT-FR n\u0027a pu v\u00e9rifier l\u2019existence de ces\nvuln\u00e9rabilit\u00e9s et n\u0027a pas identifi\u00e9 de code d\u0027exploitation sur Internet.\nDe nombreux scans sur les urls vuln\u00e9rables ont n\u00e9anmoins \u00e9t\u00e9 identifi\u00e9s.\n\nSelon le chercheur, cette vuln\u00e9rabilit\u00e9 n\u2019a pas encore \u00e9t\u00e9 exploit\u00e9e\npour ex\u00e9cuter des charges malveillantes.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Oracle WebLogic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cve-2019-2725 du 26 avril 2019",
      "url": "https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
    }
  ]
}

CERTFR-2019-ALE-011

Vulnerability from certfr_alerte

Le 18 juin 2019, Oracle a publié un avis de sécurité hors de son cycle habituel de correctifs pour une vulnérabilité jugée critique.
Cette faille d'identifiant CVE-2019-2729 affecte les serveurs WebLogic et peut conduire à une exécution de code arbitraire à distance sans qu'une authentification soit nécessaire.

Cette vulnérabilité a été remontée à l'éditeur par plusieurs chercheurs en sécurité parmi lesquelles l'équipe Knownsec 404.
Dans une publication de blogue le 15 juin 2019 (cf. section documentation) l'équipe, qui avait par ailleurs rapporté au mois d'avril 2019 une précédente vulnérabilité affectant WebLogic, annonce avoir identifié l'exploitation de la vulnérabilité actuelle. Cette faille serait basée sur un contournement du correctif de sécurité déployé par Oracle en avril 2019 relatif à la vulnérabilité CVE-2019-2725.

Le CERT-FR recommande l'application du correctif de sécurité dans les plus brefs délais.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	Weblogic	Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0 et 12.2.1.3.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle alert-cve-2019-2729-5570780 du 18 juin 2019	None	vendor-advisory
Publication de blogue de l'équipe Knownsec 404 sur la CVE-2019-2729	-	other
Avis CERT-FR CERTFR-2019-AVI-285	-	other
Alerte du CERT-FR CERTFR-2019-ALE-005 du 26 avril 2019 sur la vulnérabilité CVE-2019-2725	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0 et 12.2.1.3.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-07-23",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    },
    {
      "name": "CVE-2019-2729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
    }
  ],
  "initial_release_date": "2019-06-20T00:00:00",
  "last_revision_date": "2019-07-23T00:00:00",
  "links": [
    {
      "title": "Publication de blogue de l\u0027\u00e9quipe Knownsec 404 sur la CVE-2019-2729",
      "url": "https://medium.com/@knownsec404team/knownsec-404-team-alert-again-cve-2019-2725-patch-bypassed-32a6a7b7ca15"
    },
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-285",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-285/"
    },
    {
      "title": "Alerte du CERT-FR CERTFR-2019-ALE-005 du 26 avril 2019 sur la vuln\u00e9rabilit\u00e9 CVE-2019-2725",
      "url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-005/"
    }
  ],
  "reference": "CERTFR-2019-ALE-011",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-20T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2019-07-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le 18 juin 2019, Oracle a publi\u00e9 un avis de s\u00e9curit\u00e9 hors de son cycle\nhabituel de correctifs pour une vuln\u00e9rabilit\u00e9 jug\u00e9e critique.  \nCette faille d\u0027identifiant CVE-2019-2729 affecte les serveurs WebLogic\net peut conduire \u00e0 une ex\u00e9cution de code arbitraire \u00e0 distance sans\nqu\u0027une authentification soit n\u00e9cessaire.\n\nCette vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 remont\u00e9e \u00e0 l\u0027\u00e9diteur par plusieurs chercheurs\nen s\u00e9curit\u00e9 parmi lesquelles l\u0027\u00e9quipe Knownsec 404.  \nDans une publication de blogue le 15 juin 2019 (cf. section\ndocumentation) l\u0027\u00e9quipe, qui avait par ailleurs rapport\u00e9 au mois d\u0027avril\n2019 une pr\u00e9c\u00e9dente vuln\u00e9rabilit\u00e9 affectant WebLogic, annonce avoir\nidentifi\u00e9 l\u0027exploitation de la vuln\u00e9rabilit\u00e9 actuelle. Cette faille\nserait bas\u00e9e sur un contournement du correctif de s\u00e9curit\u00e9 d\u00e9ploy\u00e9 par\nOracle en avril 2019 relatif \u00e0 la vuln\u00e9rabilit\u00e9 CVE-2019-2725.\n\nLe CERT-FR recommande l\u0027application du correctif de s\u00e9curit\u00e9 dans les\nplus brefs d\u00e9lais.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Oracle WebLogic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle alert-cve-2019-2729-5570780 du 18 juin 2019",
      "url": "https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html"
    }
  ]
}

CERTFR-2019-AVI-189

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Oracle WebLogic. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	Weblogic	Oracle WebLogic Server version 12.1.3.0.0
	Oracle	Weblogic	Oracle WebLogic Server version 10.3.6.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cve-2019-2725 du 26 avril 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle WebLogic Server version 12.1.3.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server version 10.3.6.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    }
  ],
  "initial_release_date": "2019-04-29T00:00:00",
  "last_revision_date": "2019-05-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-189",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-04-29T00:00:00.000000"
    },
    {
      "description": "Modification des versions vuln\u00e9rables par Oracle le 30 avril 2019.",
      "revision_date": "2019-05-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Oracle WebLogic. Elle permet \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Oracle WebLogic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cve-2019-2725 du 26 avril 2019",
      "url": "https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html"
    }
  ]
}

CERTFR-2020-AVI-037

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle VM Server for SPARC version 3.6
Oracle	N/A	Tape Library ACSLS, versions 8.5 et 8.5.1
Oracle	N/A	Sun ZFS Storage Appliance Kit version 8.8.6
Oracle	N/A	Oracle Solaris versions 10 et 11

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2020verbose du 14 janvier 2020	None	vendor-advisory
Bulletin de sécurité Oracle cpujan2020 du 14 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle VM Server for SPARC version 3.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Tape Library ACSLS, versions 8.5 et 8.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun ZFS Storage Appliance Kit version 8.8.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris versions 10 et 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-2578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2578"
    },
    {
      "name": "CVE-2019-2729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
    },
    {
      "name": "CVE-2020-2696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2696"
    },
    {
      "name": "CVE-2020-2565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2565"
    },
    {
      "name": "CVE-2019-11358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2018-15756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15756"
    },
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    },
    {
      "name": "CVE-2020-2656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2656"
    },
    {
      "name": "CVE-2020-2680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2680"
    },
    {
      "name": "CVE-2020-2571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2571"
    },
    {
      "name": "CVE-2020-2647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2647"
    },
    {
      "name": "CVE-2020-2558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2558"
    },
    {
      "name": "CVE-2019-9579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9579"
    },
    {
      "name": "CVE-2016-1000031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000031"
    },
    {
      "name": "CVE-2020-2605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2605"
    },
    {
      "name": "CVE-2020-2664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2664"
    }
  ],
  "initial_release_date": "2020-01-15T00:00:00",
  "last_revision_date": "2020-01-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-037",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2020verbose du 14 janvier 2020",
      "url": "https://www.oracle.com/security-alerts/cpujan2020verbose.html#SUNS"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2020 du 14 janvier 2020",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    }
  ]
}

CERTFR-2019-AVI-342

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Oracle Sun Systems. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Tape Virtual Storage Manager GUI version 6.2
Oracle	N/A	Sun ZFS Storage Appliance Kit (AK) version 8.8.3
Oracle	N/A	Oracle Solaris versions 10, 11.3 et 11.4
Oracle	N/A	StorageTek Tape Analytics SW Tool version 2.3.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujul2019-5072835 du 16 juillet 2019	None	vendor-advisory
Bulletin de sécurité Oracle cpujul2019verbose-5072838-5072835 du 16 juillet 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tape Virtual Storage Manager GUI version 6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Sun ZFS Storage Appliance Kit (AK) version 8.8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris versions 10, 11.3 et 11.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "StorageTek Tape Analytics SW Tool version 2.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-5598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5598"
    },
    {
      "name": "CVE-2019-2729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
    },
    {
      "name": "CVE-2019-2832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2832"
    },
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    },
    {
      "name": "CVE-2019-2788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2788"
    },
    {
      "name": "CVE-2019-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2807"
    },
    {
      "name": "CVE-2019-5597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5597"
    },
    {
      "name": "CVE-2019-2787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2787"
    },
    {
      "name": "CVE-2019-2820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2820"
    },
    {
      "name": "CVE-2019-2804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2804"
    },
    {
      "name": "CVE-2019-2878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2878"
    },
    {
      "name": "CVE-2019-2844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2844"
    },
    {
      "name": "CVE-2019-2838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2838"
    }
  ],
  "initial_release_date": "2019-07-17T00:00:00",
  "last_revision_date": "2019-07-17T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-342",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-07-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Sun Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2019-5072835 du 16 juillet 2019",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2019verbose-5072838-5072835 du 16 juillet 2019",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019verbose-5072838.html#SUNS"
    }
  ]
}

CERTFR-2020-AVI-045

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Oracle Weblogic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	Weblogic	Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 et 12.2.1.4.0

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2020 du 14 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 et 12.2.1.4.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-2729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2729"
    },
    {
      "name": "CVE-2020-2549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2549"
    },
    {
      "name": "CVE-2020-2544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2544"
    },
    {
      "name": "CVE-2019-2725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2725"
    },
    {
      "name": "CVE-2020-2551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2551"
    },
    {
      "name": "CVE-2020-2546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2546"
    },
    {
      "name": "CVE-2020-6950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
    },
    {
      "name": "CVE-2020-2548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2548"
    },
    {
      "name": "CVE-2020-2519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2519"
    },
    {
      "name": "CVE-2020-2552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2552"
    },
    {
      "name": "CVE-2020-2547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2547"
    },
    {
      "name": "CVE-2020-2550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2550"
    },
    {
      "name": "CVE-2019-17359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17359"
    }
  ],
  "initial_release_date": "2020-01-17T00:00:00",
  "last_revision_date": "2020-01-17T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-045",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Weblogic.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Weblogic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2020 du 14 janvier 2020",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-2725 (GCVE-0-2019-2725)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2019-ALE-005

Vulnerability from certfr_alerte

Solution

CERTFR-2019-ALE-011

Vulnerability from certfr_alerte

Solution

CERTFR-2019-AVI-189

Vulnerability from certfr_avis

Solution

CERTFR-2020-AVI-037

Vulnerability from certfr_avis

Solution

CERTFR-2019-AVI-342

Vulnerability from certfr_avis

Solution

CERTFR-2020-AVI-045

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature