Oracle Reports Servlet Parsequery Function Remote Database Credentials Exposure

medium Nessus Plugin ID 73120

Synopsis

The remote host is running a web application that exposes database credentials.

Description

Nessus was able to exploit a flaw in the Oracle Reports servlet parsequery function, and was able to retrieve the plaintext database credentials for one or more users. A remote attacker can exploit this vulnerability to gain unauthorized database access.

Solution

Apply the appropriate patch per the vendor's advisory.

See Also

http://www.nessus.org/u?c969a07f

http://www.nessus.org/u?87547c81

Plugin Details

Severity: Medium

ID: 73120

File Name: oracle_reports_password_disclosure.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 3/20/2014

Updated: 5/28/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.5

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2012-3153

Vulnerability Information

CPE: cpe:/a:oracle:fusion_middleware

Required KB Items: www/oracle_reports

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Exploited by Nessus: true

Patch Publication Date: 10/16/2012

Vulnerability Publication Date: 10/16/2012

Exploitable With

Metasploit (Oracle Forms and Reports Remote Code Execution)

Reference Information

CVE: CVE-2012-3153

BID: 55961