Oracle E-Business 多个漏洞(2017 年 1 月 CPU)

high Nessus 插件 ID 96608

简介

远程主机上安装的 Web 应用程序受到多个漏洞影响。

描述

远程主机上安装的 Oracle E-Business 版本缺少 2017 年 1 月的 Oracle 关键修补程序更新 (CPU)。因此,它受到多个组件和子组件中多个不明漏洞影响,其中最严重的可允许未经认证的远程攻击者影响机密性和完整性。受影响的组件和子组件为:

- Oracle Advanced Outbound Telephony:User Interface
- Oracle Application Object Library:Patching
- Oracle Applications DBA:Patching
- Oracle Applications Manager:OAM Client
- Oracle Common Applications:Resources Module
- Oracle Common Applications:Role Summary
- Oracle Common Applications:User Interface
- Oracle CRM Technical Foundation:User Interface
- Oracle Customer Intelligence:User Interface
- Oracle Customer Interaction History:User Interface
- Oracle Email Center:User Interface
- Oracle Fulfillment Manager:User Interface
- Oracle Installed Base:User Interface
- Oracle Interaction Blending:User Interface
- Oracle iStore:Address Book
- Oracle iStore:User Interface
- Oracle Knowledge Management:User Interface
- Oracle Leads Management:User Interface
- Oracle Marketing:User Interface
- Oracle One-to-One Fulfillment:Internal Operations
- Oracle One-to-One Fulfillment:Request Confirmation
- Oracle One-to-One Fulfillment:User Interface
- Oracle Partner Management:User Interface
- Oracle Service Fulfillment Manager:User Interface
- Oracle Universal Work Queue:User Interface
- Oracle XML Gateway:Oracle Transport Agent

解决方案

根据 2017 年 1 月 Oracle 关键修补程序更新报告,应用相应修补程序。

另见

http://www.nessus.org/u?2f2c97c2

插件详情

严重性: High

ID: 96608

文件名: oracle_e-business_cpu_jan_2017.nasl

版本: 1.11

类型: remote

系列: Misc.

发布时间: 2017/1/18

最近更新时间: 2022/4/11

配置: 启用全面检查

支持的传感器: Nessus

风险信息

VPR

风险因素: Medium

分数: 5.2

CVSS v2

风险因素: Medium

基本分数: 6.8

时间分数: 5.3

矢量: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS 分数来源: CVE-2017-3346

CVSS v3

风险因素: High

基本分数: 8.2

时间分数: 7.4

矢量: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

时间矢量: CVSS:3.0/E:P/RL:O/RC:C

漏洞信息

CPE: cpe:/a:oracle:e-business_suite

必需的 KB 项: Oracle/E-Business/Version, Oracle/E-Business/patches/installed

可利用: true

易利用性: Exploits are available

补丁发布日期: 2017/1/18

漏洞发布日期: 2017/1/18

参考资料信息

CVE: CVE-2016-8325, CVE-2017-3246, CVE-2017-3274, CVE-2017-3275, CVE-2017-3277, CVE-2017-3278, CVE-2017-3279, CVE-2017-3280, CVE-2017-3281, CVE-2017-3282, CVE-2017-3283, CVE-2017-3284, CVE-2017-3285, CVE-2017-3286, CVE-2017-3287, CVE-2017-3303, CVE-2017-3326, CVE-2017-3327, CVE-2017-3328, CVE-2017-3333, CVE-2017-3334, CVE-2017-3335, CVE-2017-3336, CVE-2017-3338, CVE-2017-3339, CVE-2017-3340, CVE-2017-3341, CVE-2017-3343, CVE-2017-3344, CVE-2017-3346, CVE-2017-3348, CVE-2017-3349, CVE-2017-3350, CVE-2017-3351, CVE-2017-3352, CVE-2017-3353, CVE-2017-3354, CVE-2017-3357, CVE-2017-3358, CVE-2017-3359, CVE-2017-3360, CVE-2017-3361, CVE-2017-3362, CVE-2017-3363, CVE-2017-3364, CVE-2017-3365, CVE-2017-3366, CVE-2017-3367, CVE-2017-3368, CVE-2017-3369, CVE-2017-3370, CVE-2017-3371, CVE-2017-3372, CVE-2017-3373, CVE-2017-3374, CVE-2017-3375, CVE-2017-3376, CVE-2017-3377, CVE-2017-3378, CVE-2017-3379, CVE-2017-3380, CVE-2017-3381, CVE-2017-3382, CVE-2017-3383, CVE-2017-3384, CVE-2017-3385, CVE-2017-3386, CVE-2017-3387, CVE-2017-3388, CVE-2017-3389, CVE-2017-3390, CVE-2017-3391, CVE-2017-3392, CVE-2017-3394, CVE-2017-3395, CVE-2017-3396, CVE-2017-3397, CVE-2017-3398, CVE-2017-3399, CVE-2017-3400, CVE-2017-3401, CVE-2017-3402, CVE-2017-3403, CVE-2017-3404, CVE-2017-3405, CVE-2017-3406, CVE-2017-3407, CVE-2017-3408, CVE-2017-3409, CVE-2017-3410, CVE-2017-3411, CVE-2017-3412, CVE-2017-3413, CVE-2017-3414, CVE-2017-3415, CVE-2017-3416, CVE-2017-3417, CVE-2017-3418, CVE-2017-3419, CVE-2017-3420, CVE-2017-3421, CVE-2017-3422, CVE-2017-3423, CVE-2017-3424, CVE-2017-3425, CVE-2017-3426, CVE-2017-3427, CVE-2017-3428, CVE-2017-3429, CVE-2017-3430, CVE-2017-3431, CVE-2017-3433, CVE-2017-3435, CVE-2017-3436, CVE-2017-3437, CVE-2017-3438, CVE-2017-3439, CVE-2017-3440, CVE-2017-3441, CVE-2017-3442, CVE-2017-3443

BID: 95618, 95463, 95464, 95465, 95467, 95468, 95485, 95487, 95490, 95492, 95497, 95500, 95511, 95523, 95526, 95531, 95561, 95564, 95569, 95573, 95577, 95582, 95586, 95587, 95591, 95593, 95594, 95595, 95597, 95598, 95600, 95602, 95604, 95605, 95610, 95611, 95612, 95613, 95614, 95615, 95616, 95617