cbcvebase.
CVE-2013-5880
published 2014-01-15

CVE-2013-5880: Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote…

PriorityP351medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
59.56%
99.0th percentile
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to DM Others.

Affected

3 ranges
VendorProductVersion rangeFixed in
oraclesupply_chain_products_suite
oraclesupply_chain_products_suite
oraclesupply_chain_products_suite

Detection & IOCsextracted from sources · hover to see the quote

urlPOST /demantra/common/loginCheck.jsp/../../GraphServlet
path/demantra/common/loginCheck.jsp/../../GraphServlet
port8080
pathC:/Program Files (x86)/Oracle Demantra Spectrum/Collaborator/demantra/WEB-INF/web.xml
  • Detect path traversal attempts targeting GraphServlet via loginCheck.jsp bypass — look for HTTP POST requests containing the pattern 'loginCheck.jsp/../../GraphServlet' in the URI.
  • Detect POST requests to /demantra/ endpoints with a 'filename' parameter in the body, which indicates an attempted arbitrary file retrieval.
  • The authentication bypass is achieved by embedding path traversal sequences (../../) within the loginCheck.jsp path segment to reach GraphServlet without authentication.
  • Monitor for unauthenticated access to Oracle Demantra GraphServlet resulting in database credential disclosure (database name, username, password).
  • The vulnerability is exploited over HTTP; monitor port 8080 on Oracle Demantra hosts for suspicious POST requests to /demantra/ paths.
  • ·Affected versions are limited to Oracle Demantra Demand Management 12.2.0, 12.2.1, and 12.2.2 only.
  • ·The default file targeted for credential/config leakage is WEB-INF/web.xml under the Demantra Spectrum Collaborator installation path; actual path may vary by deployment.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.