The version of GoldenGate installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory.

  - Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate Microservices (Dell BSAFE Micro Edition     Suite)).   The supported version that is affected is 19c. Easily exploitable vulnerability allows     unauthenticated attacker with network access via HTTPS to compromise Oracle GoldenGate.  Successful     attacks of this vulnerability can result in takeover of Oracle GoldenGate. (CVE-2020-35169)

  - Vulnerability in the Oracle Goldengate product of Oracle GoldenGate (component: Stream Analytics     (JinJava)). The supported version that is affected is 19c. Easily exploitable vulnerability allows low     privileged attacker with network access via HTTP to compromise Oracle Goldengate.  Successful attacks of     this vulnerability can result in  unauthorized read access to a subset of Oracle Goldengate accessible     data. (CVE-2018-18893)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Oracle GoldenGate (Oct 2022 CPU)

critical Nessus Plugin ID 166440

Version 1.3

Version 1.2

Version 1.1

Version 1.3 Nov 4, 2022, 5:53 PM CVE Logic Changes
Version 1.2 Oct 25, 2022, 3:50 PM CVSS temporal metrics Exploit attributes
Version 1.1 Oct 25, 2022, 9:50 AM New