Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query     parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open     redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used     after passing validation checks. This is the same as CVE-2024-22259     https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 ,     but with different input. (CVE-2024-22262)

Note that Nessus relies on the presence of the package as reported by the vendor.

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported     versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this     vulnerability can result in takeover of Oracle WebLogic Server. (CVE-2024-21181) 

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported     versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this     vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle     WebLogic Server accessible data. (CVE-2024-21175)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported     versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated     attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this     vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server     accessible data. (CVE-2024-21182)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory.

  - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: Admin (Spring     Framework)). Supported versions that are affected are 19.12.0-19.12.19, 20.12.0-20.12.14 and 21.12.0-21.12.12.
    Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise     Primavera Gateway. Successful attacks require human interaction from a person other than the attacker.
    Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access     to critical data or all Primavera Gateway accessible data as well as unauthorized access to critical data or     complete access to all Primavera Gateway accessible data. (CVE-2024-22262)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory.

  - Vulnerability in the MySQL Enterprise Monitor component Spring Security. A remote     unauthenticated attacker could gain unauthorized access to critical data or complete     access to all MySQL Enterprise Monitor accessible data as well as unauthorized     update, insert or delete access to some of MySQL Enterprise Monitor accessible data.     (CVE-2024-22257)

  - Vulnerability in the MySQL Enterprise Monitor component Spring     Framework. Supported versions that are affected are 8.0.38 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with network access via multiple protocols     to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from     a person other than the attacker. Successful attacks of this vulnerability can result     in unauthorized creation, deletion or modification access to critical data or all MySQL     Enterprise Monitor accessible data as well as unauthorized access to critical data or     complete access to all MySQL Enterprise Monitor accessible data. (CVE-2024-22262)

  - Vulnerability in the MySQL Enterprise Monitor component     Apache Tomcat. A unauthenticated attacker with network access via multiple protocols     to compromise MySQL Enterprise Monitor. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or frequently repeatable crash MySQL     Enterprise Monitor. (CVE-2024-24549)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory.

  - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component:
    Integration (Apache James MIME4J)). Supported versions that are affected are 19.12.0-19.12.16,     20.12.0-20.12.16, 21.12.0-21.12.17, 22.12.0-22.12.13 and 23.12.0-23.12.6. Easily exploitable vulnerability     allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful     attacks of this vulnerability can result in unauthorized update, insert or delete access to some of     Primavera Unifier accessible data. (CVE-2024-21742)

  - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Document     Management (Spring Framework)). Supported versions that are affected are 22.12.0-22.12.13 and     23.12.0-23.12.6. Easily exploitable vulnerability allows low privileged attacker with network access via     HTTP to compromise Primavera Unifier. Successful attacks require human interaction from a person other     than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or     delete access to some of Primavera Unifier accessible data as well as unauthorized read access to a subset     of Primavera Unifier accessible data. (CVE-2024-22262)

  - Information disclosure in persistent watchers handling in Apache ZooKeeper due to missing ACL check. It     allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a     parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent     watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon     is exposed to the owner of the watcher. It's important to note that only the path is exposed by this     vulnerability, not the data of znode, but since znode path can contain sensitive information like user     name or login ID, this issue is potentially critical. Users are recommended to upgrade to version 3.9.2,     3.8.4 which fixes the issue. (CVE-2024-23944)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95973 advisory.

  - Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query     parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open     redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used     after passing validation checks. This is the same as CVE-2024-22259     https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 ,     but with different input. (CVE-2024-22262)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
251673	Linux Distros Unpatched Vulnerability : CVE-2024-22262	Nessus	Misc.	high
202722	Oracle WebLogic Server (July 2024 CPU)	Nessus	Misc.	critical
202623	Oracle Primavera Gateway (Jul 2024 CPU)	Nessus	CGI abuses	high
202597	Oracle MySQL Enterprise Monitor (Jul 2024 CPU)	Nessus	CGI abuses	high
202594	Oracle Primavera Unifier (Jul 2024 CPU)	Nessus	CGI abuses	medium
201102	Atlassian Confluence 1.0.1 < 7.19.24 / 7.20.x < 8.5.11 / 8.6.x < 8.9.3 (CONFSERVER-95973)	Nessus	CGI abuses	high

Detections

Analytics

CVE-2024-22262

high

Tenable Plugins

high

critical

high

high

medium

high