CVE-2020-2961
published 2020-04-15CVE-2020-2961: Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Supported versions…
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.84%
76.4th percentile
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | enterprise_manager_base_platform | — | — |
| oracle | enterprise_manager_base_platform | — | — |
| oracle_corporation | enterprise_manager_base_platform | — | — |
| oracle_corporation | enterprise_manager_base_platform | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is exploitable via HTTP by an unauthenticated remote attacker targeting the Discovery Framework (Oracle OHS) component of Oracle Enterprise Manager Base Platform ↗
- →Affected versions are Enterprise Manager Base Platform 13.2.0.0 and 13.3.0.0; monitor for exploitation attempts against these specific versions ↗
- →Successful exploitation results in full takeover (C/I/A all HIGH); treat any anomalous unauthenticated HTTP activity against the Discovery Framework / Oracle OHS endpoint as high-priority ↗
- ·No authentication or user interaction is required, and network complexity is low (AC:L/PR:N/UI:N), meaning the attack surface is broad — any network-accessible instance of the affected versions is at risk ↗
- ·The vulnerable component is specifically Oracle OHS within the Discovery Framework; detections should be scoped to that sub-component rather than all of Oracle Enterprise Manager ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_oracle9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Oracle
Oracle Oracle Enterprise Manager Risk Matrix: Discovery Framework (Oracle OHS) — CVE-2020-2961
vendor_oracle·2020-04-15·CVSS 9.8
CVE-2020-2961 [CRITICAL] Oracle Oracle Enterprise Manager Risk Matrix: Discovery Framework (Oracle OHS) — CVE-2020-2961
Oracle Oracle Enterprise Manager Risk Matrix: Discovery Framework (Oracle OHS) vulnerability
CVE: CVE-2020-2961
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2020 (APR 2020)
GHSA
GHSA-xpm5-w5vx-3xw6: Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS))
ghsa_unreviewed·2022-05-24
CVE-2020-2961 [HIGH] GHSA-xpm5-w5vx-3xw6: Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS))
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in takeover of Enterprise Manager Base Platform. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-04-15
Published