https://www.oracle.com/security-alerts/cpujan2020.html

http://packetstormsecurity.com/files/157054/Oracle-Coherence-Fusion-Middleware-Remote-Code-Execution.html

http://packetstormsecurity.com/files/157207/Oracle-WebLogic-Server-12.2.1.4.0-Remote-Code-Execution.html

http://packetstormsecurity.com/files/157795/WebLogic-Server-Deserialization-Remote-Code-Execution.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpujan2021.html

The version of Oracle Access Manager installed on the remote host is affected by the following vulnerabilities as noted in the July 2021 CPU advisory :
  - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces     for Access Mgr). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability     allows high privileged attacker with network access via HTTPS to compromise Oracle Access Manager.
    Successful attacks of this vulnerability can result in unauthorized access to critical data or complete     access to all Oracle Access Manager accessible data. (CVE-2021-2358)

  - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Installation     Component (Oracle Coherence)). The supported version that is affected is 11.1.2.3.0. Difficult to exploit     vulnerability allows high privileged attacker with access to the physical communication segment attached     to the hardware where the Oracle Access Manager executes to compromise Oracle Access Manager. Successful     attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle     Access Manager accessible data as well as unauthorized read access to a subset of Oracle Access Manager     accessible data. (CVE-2020-2555)


Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the October 2020 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including the following:

  - dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might     enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the     safe, non-default behavior in any application that uses dom4j. (CVE-2020-10683)

  - A vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore,     Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily     exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle     Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. (CVE-2020-2555)

  - xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the     security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands     when unmarshalling XML or any supported format. e.g. JSON. (CVE-2019-10173)

  - A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows     remote attackers to inject arbitrary web script through a crafted protected comment (with the cke_protected     syntax). (CVE-2020-9281)

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

The version of the tested product installed on the remote host is prior to tested version. It is, therefore, affected by a remote code execution vulnerability, as referenced in the January 2020 Oracle CPU advisory.

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
151978	Oracle Access Manager Multiple Vulnerabilities (Jul 2021 CPU)	Nessus	Misc.	critical
142223	Oracle WebCenter Portal Multiple Vulnerabilities (Oct 2020 CPU)	Nessus	Misc.	critical
137854	Oracle Coherence (Jan 2020 CPU)	Nessus	Misc.	critical

CVE-2020-2555

critical

Tenable Plugins

critical

critical

critical