CVE-2017-3230

Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Remote Code Execution Vulnerability

Severity Score

8.6

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L).

Vulnerabilidad en el Oracle Fusion Middleware MapViewer componente de Oracle Fusion Middleware (subcomponent: Map Builder). Versiones compatibles que son afectadas son 11.1.1.9, 12.2.1.1 y 12.2.1.2. Vulnerabilidad fácilmente explotable permite a un atacante sin acceso con acceso a la red a través de HTTP comprometer Oracle Fusion Middleware MapViewer. Los ataques con éxito de esta vulnerabilidad pueden dar lugar a la creación, eliminación o modificación no autorizadas de acceso a datos críticos a todos los datos accesibles de Oracle Fusion Middleware MapViewer, así como al acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Fusion Middleware MapViewer y capacidad no autorizada para causar una denegación parcial De servicio (DOS parcial) de Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 8.6 (Confidencialidad, Integridad y Disponibilidad Impactos). Vector CVSS: (CVSS: 3.0/AV: N/AC: L/PR: N/UI: N/S: U/C: L/I: H/A: L).

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Fusion Middleware MapViewer. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the FileUploaderServlet servlet. When parsing the fileName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user.

*Credits: rgod

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Complete

Availability

Partial

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2016-12-06 CVE Reserved
2017-04-19 CVE Published
2024-07-25 EPSS Updated
2024-10-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (3)

URL	Tag	Source
http://www.securityfocus.com/bid/97746	Third Party Advisory
http://www.securitytracker.com/id/1038291	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html	2019-10-03

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Oracle Search vendor "Oracle"		Fusion Middleware Mapviewer Search vendor "Oracle" for product "Fusion Middleware Mapviewer"				11.1.1.9 Search vendor "Oracle" for product "Fusion Middleware Mapviewer" and version "11.1.1.9"		-		Affected
Oracle Search vendor "Oracle"		Fusion Middleware Mapviewer Search vendor "Oracle" for product "Fusion Middleware Mapviewer"				12.2.1.1 Search vendor "Oracle" for product "Fusion Middleware Mapviewer" and version "12.2.1.1"		-		Affected
Oracle Search vendor "Oracle"		Fusion Middleware Mapviewer Search vendor "Oracle" for product "Fusion Middleware Mapviewer"				12.2.1.2 Search vendor "Oracle" for product "Fusion Middleware Mapviewer" and version "12.2.1.2"		-		Affected