CVE-2020-9315
published 2020-05-10CVE-2020-9315: ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console…
PriorityP274high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
81.81%
99.6th percentile
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | iplanet_web_server | 7.0 – 7.0.27 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4↗
sigma
matchers: words: ['Admin Console'] AND words: ['serverConfigurationsGeneral' OR 'serverCertificatesGeneral'] AND status: 200
- →Unauthenticated HTTP GET requests to /admingui/version/* URIs returning HTTP 200 with 'Admin Console' in the body indicate successful authentication bypass exploitation of CVE-2020-9315. ↗
- →Response body containing both 'Admin Console' and either 'serverConfigurationsGeneral' or 'serverCertificatesGeneral' on a 200 OK confirms the authentication bypass is successful and encryption key material may be exposed.
- →Shodan/FOFA fingerprint for exposed Oracle iPlanet Web Server instances: search for cpe:"cpe:2.3:a:oracle:iplanet_web_server" to identify attack surface.
- ·Oracle iPlanet Web Server 7.0.x is end-of-life and unsupported; Oracle will not issue patches. The CVE was assigned with a 'PRODUCT NOT SUPPORTED WHEN ASSIGNED' note. ↗
- ·The two exploit paths target different admingui/version sub-URIs; both must be tested as the vulnerability may be present on either endpoint.
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Oracle iPlanet Web Server 7.0.x - Image Injection
nuclei·CVSS 6.8
CVE-2020-9314 [MEDIUM] Oracle iPlanet Web Server 7.0.x - Image Injection
Oracle iPlanet Web Server 7.0.x - Image Injection
Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516.
Template:
id: CVE-2020-9314
info:
name: Oracle iPlanet Web Server 7.0.x - Image Injection
author: DhiyaneshDk
severity: medium
description: |
Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516.
impact: |
Attackers can inject malicious images into the admin console, potentially leading to social engineering, phishing attacks, or interface manipulation.
remediation: |
Oracle iPlanet Web Se
Nuclei
Oracle iPlanet Web Server 7.0.x - Authentication Bypass
nuclei·CVSS 7.5
CVE-2020-9315 [HIGH] Oracle iPlanet Web Server 7.0.x - Authentication Bypass
Oracle iPlanet Web Server 7.0.x - Authentication Bypass
Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE.
Template:
id: CVE-2020-9315
info:
name: Oracle iPlanet Web Server 7.0.x - Authentication Bypass
author: dhiyaneshDk
severity: high
description: |
Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE.
impact: |
Successful exploit
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2020/May/31https://www.oracle.com/support/lifetime-support/https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdfhttps://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314/http://seclists.org/fulldisclosure/2020/May/31https://www.oracle.com/support/lifetime-support/https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdfhttps://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314/
2020-05-10
Published