⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2023-02-23.
CVE-2022-21587
Severity
9.8CRITICAL
EPSS
94.4%
top 0.02%
CISA KEV
KEVRansomware
Added 2023-02-02
Due 2023-02-23
Exploit
Exploited in wild
Active exploitation observed
Timeline
PublishedOct 18
KEV addedFeb 2
KEV dueFeb 23
CISA Required Action: Apply updates per vendor instructions.
Description
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Avai…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages2 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-64x7-wh2p-524g: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload)↗2022-10-19
CVEList▶
CVE-2022-21587: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload)↗2022-10-18
💥Exploits & PoCs
1Nuclei▶
Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution