Oracle E-Business Suite <=12.2 - Authentication Bypass
ID: CVE-2022-21500
Severity: high
Author: 3th1c_yuk1,tess,0xpugal
Tags: cve,cve2022,oracle,misconfig,auth-bypass
Description
Section titled “Description”Oracle E-Business Suite (component: Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.
YAML Source
Section titled “YAML Source”id: CVE-2022-21500
info: name: Oracle E-Business Suite <=12.2 - Authentication Bypass author: 3th1c_yuk1,tess,0xpugal severity: high description: | Oracle E-Business Suite (component: Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. impact: | Successful exploitation of this vulnerability could allow an attacker to bypass authentication and gain unauthorized access to the Oracle E-Business Suite application. remediation: | Apply the necessary security patches or updates provided by Oracle to mitigate this vulnerability. reference: - https://orwaatyat.medium.com/my-new-discovery-in-oracle-e-business-login-panel-that-allowed-to-access-for-all-employees-ed0ec4cad7ac - https://twitter.com/GodfatherOrwa/status/1514720677173026816 - https://www.oracle.com/security-alerts/alert-cve-2022-21500.html - https://nvd.nist.gov/vuln/detail/CVE-2022-21500 - https://www.oracle.com/security-alerts/cpujul2022.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-21500 epss-score: 0.93111 epss-percentile: 0.99046 cpe: cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:* metadata: verified: true max-request: 4 vendor: oracle product: e-business_suite shodan-query: - http.title:"Login" "X-ORACLE-DMS-ECID" 200 - http.title:"login" "x-oracle-dms-ecid" 200 fofa-query: title="login" "x-oracle-dms-ecid" 200 google-query: intitle:"login" "x-oracle-dms-ecid" 200 tags: cve,cve2022,oracle,misconfig,auth-bypass
http: - method: GET path: - '{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp' - '{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp' - '{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp' - '{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp'
stop-at-first-match: true
matchers-condition: and matchers: - type: word words: - 'Registration' - 'Register as individual' - '<!-- ibeCZzpRuntimeIncl.jsp end -->' condition: and
- type: status status: - 200# digest: 4b0a00483046022100eba82c35189bb0d43393f234463dfddbaa410b001c1f0d4e555fb04ead66f229022100bba3a4d1784825849b223487be2d3995d9ea2a655e22020199f8c9c794758864:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-21500.yaml"