SK-CERT Bezpečnostné varovanie V20241016-02

Dôležitosť Kritická
Klasifikácia Neutajované/TLP:CLEAR
CVSS Skóre
9.8
Identifikátor
Oracle produkty – viacero kritických bezpečnostných zraniteľností
Popis
Spoločnosť Oracle vydala bezpečnostné aktualizácie na svoje portfólio produktov, ktoré opravujú viacero bezpečnostných zraniteľností, z ktorých je viacero označených ako kritických.
Najzávažnejšia kritická bezpečnostná zraniteľnosť s identifikátorom CVE-2024-45492 sa nachádza v produktoch Oracle Database Core, Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core a Oracle Outside In Technology, spočíva v nedostatočnej implementácii bezpečnostných mechanizmov komponentu LibExpat a umožňuje vzdialenému, neautentifikovanému útočníkovi prostredníctvom zaslania špeciálne vytvorenej HTTP požiadavky získať neoprávnený prístup do systému s následkom úplného narušenia dôvernosti, integrity a dostupnosti systému.
Zneužitím ostatných bezpečnostných zraniteľností možno získať neoprávnený prístup k citlivým údajom, vykonať neoprávnené zmeny v systéme, spôsobiť zneprístupnenie služby, získať úplnú kontrolu nad systémom, eskalovať privilégiá a vykonať škodlivý kód.
Zneužitie viacerých zraniteľností vyžaduje interakciu používateľa.
Dátum prvého zverejnenia varovania
15.10.2024
CVE
CVE-2024-7885, CVE-2024-7592, CVE-2024-7264, CVE-2024-7254, CVE-2024-6387, CVE-2024-6345, CVE-2024-6232, CVE-2024-6162, CVE-2024-6119, CVE-2024-5971, CVE-2024-5585, CVE-2024-5535, CVE-2024-5458, CVE-2024-4741, CVE-2024-4603, CVE-2024-45801, CVE-2024-4577, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-43411, CVE-2024-43407, CVE-2024-43045, CVE-2024-43044, CVE-2024-41909, CVE-2024-41817, CVE-2024-41172, CVE-2024-40898, CVE-2024-40725, CVE-2024-39884, CVE-2024-39689, CVE-2024-39573, CVE-2024-38999, CVE-2024-38998, CVE-2024-38816, CVE-2024-38809, CVE-2024-38808, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2024-38472, CVE-2024-38357, CVE-2024-38356, CVE-2024-37891, CVE-2024-37372, CVE-2024-37371, CVE-2024-37370, CVE-2024-3653, CVE-2024-36387, CVE-2024-36138, CVE-2024-36137, CVE-2024-36052, CVE-2024-35200, CVE-2024-34750, CVE-2024-34161, CVE-2024-33899, CVE-2024-33602, CVE-2024-33601, CVE-2024-33600, CVE-2024-33599, CVE-2024-32760, CVE-2024-32114, CVE-2024-32007, CVE-2024-31744, CVE-2024-31083, CVE-2024-31080, CVE-2024-31079, CVE-2024-30251, CVE-2024-29857, CVE-2024-29736, CVE-2024-2961, CVE-2024-29133, CVE-2024-29131, CVE-2024-29025, CVE-2024-28887, CVE-2024-28849, CVE-2024-28752, CVE-2024-28182, CVE-2024-27983, CVE-2024-27834, CVE-2024-27306, CVE-2024-26308, CVE-2024-26130, CVE-2024-25710, CVE-2024-25638, CVE-2024-25269, CVE-2024-2511, CVE-2024-25062, CVE-2024-24990, CVE-2024-24989, CVE-2024-24549, CVE-2024-2408, CVE-2024-2398, CVE-2024-23944, CVE-2024-23807, CVE-2024-23672, CVE-2024-23635, CVE-2024-23284, CVE-2024-23280, CVE-2024-23263, CVE-2024-23254, CVE-2024-23252, CVE-2024-22262, CVE-2024-22257, CVE-2024-22201, CVE-2024-22020, CVE-2024-22018, CVE-2024-21886, CVE-2024-21885, CVE-2024-21286, CVE-2024-21285, CVE-2024-21284, CVE-2024-21283, CVE-2024-21282, CVE-2024-21281, CVE-2024-21280, CVE-2024-21279, CVE-2024-21278, CVE-2024-21277, CVE-2024-21276, CVE-2024-21275, CVE-2024-21274, CVE-2024-21273, CVE-2024-21272, CVE-2024-21271, CVE-2024-21270, CVE-2024-21269, CVE-2024-21268, CVE-2024-21267, CVE-2024-21266, CVE-2024-21265, CVE-2024-21264, CVE-2024-21263, CVE-2024-21262, CVE-2024-21261, CVE-2024-21260, CVE-2024-21259, CVE-2024-21258, CVE-2024-21257, CVE-2024-21255, CVE-2024-21254, CVE-2024-21253, CVE-2024-21252, CVE-2024-21251, CVE-2024-21250, CVE-2024-21249, CVE-2024-21248, CVE-2024-21247, CVE-2024-21246, CVE-2024-21244, CVE-2024-21243, CVE-2024-21242, CVE-2024-21241, CVE-2024-21239, CVE-2024-21238, CVE-2024-21237, CVE-2024-21236, CVE-2024-21235, CVE-2024-21234, CVE-2024-21233, CVE-2024-21232, CVE-2024-21231, CVE-2024-21230, CVE-2024-21219, CVE-2024-21218, CVE-2024-21217, CVE-2024-21216, CVE-2024-21215, CVE-2024-21214, CVE-2024-21213, CVE-2024-21212, CVE-2024-21211, CVE-2024-21210, CVE-2024-21209, CVE-2024-21208, CVE-2024-21207, CVE-2024-21206, CVE-2024-21205, CVE-2024-21204, CVE-2024-21203, CVE-2024-21202, CVE-2024-21201, CVE-2024-21200, CVE-2024-21199, CVE-2024-21198, CVE-2024-21197, CVE-2024-21196, CVE-2024-21195, CVE-2024-21194, CVE-2024-21193, CVE-2024-21192, CVE-2024-21191, CVE-2024-21190, CVE-2024-21172, CVE-2024-21147, CVE-2024-21145, CVE-2024-21144, CVE-2024-21140, CVE-2024-21138, CVE-2024-21131, CVE-2024-1874, CVE-2024-0727, CVE-2024-0450, CVE-2024-0232, CVE-2024-0229, CVE-2023-7104, CVE-2023-6918, CVE-2023-6816, CVE-2023-6597, CVE-2023-6237, CVE-2023-6129, CVE-2023-6004, CVE-2023-5752, CVE-2023-5685, CVE-2023-5678, CVE-2023-5363, CVE-2023-52428, CVE-2023-52426, CVE-2023-52425, CVE-2023-51775, CVE-2023-51385, CVE-2023-51384, CVE-2023-5072, CVE-2023-50447, CVE-2023-49083, CVE-2023-48795, CVE-2023-4863, CVE-2023-4807, CVE-2023-4759, CVE-2023-46136, CVE-2023-45853, CVE-2023-45288, CVE-2023-44981, CVE-2023-44487, CVE-2023-44483, CVE-2023-43642, CVE-2023-42956, CVE-2023-42950, CVE-2023-42843, CVE-2023-42503, CVE-2023-4043, CVE-2023-39743, CVE-2023-39410, CVE-2023-38545, CVE-2023-38408, CVE-2023-37920, CVE-2023-3635, CVE-2023-35116, CVE-2023-34455, CVE-2023-34454, CVE-2023-34453, CVE-2023-34055, CVE-2023-33201, CVE-2023-2976, CVE-2023-2953, CVE-2023-29469, CVE-2023-28823, CVE-2023-28484, CVE-2023-28439, CVE-2023-27391, CVE-2023-26555, CVE-2023-26554, CVE-2023-26553, CVE-2023-26552, CVE-2023-26551, CVE-2023-26464, CVE-2023-26031, CVE-2023-20863, CVE-2023-0401, CVE-2023-0286, CVE-2023-0217, CVE-2023-0216, CVE-2023-0215, CVE-2022-46337, CVE-2022-45061, CVE-2022-4450, CVE-2022-4304, CVE-2022-42919, CVE-2022-4203, CVE-2022-41342, CVE-2022-40196, CVE-2022-3996, CVE-2022-38136, CVE-2022-37454, CVE-2022-36760, CVE-2022-36033, CVE-2022-34381, CVE-2022-34169, CVE-2022-31160, CVE-2022-31129, CVE-2022-2601, CVE-2022-23437, CVE-2022-23307, CVE-2022-23305, CVE-2022-23302, CVE-2022-2068, CVE-2022-1471, CVE-2022-1292, CVE-2021-41184, CVE-2021-41183, CVE-2021-41182, CVE-2021-37137, CVE-2021-37136, CVE-2021-36713, CVE-2021-36368, CVE-2021-28170, CVE-2021-23358, CVE-2020-9493, CVE-2020-8908, CVE-2020-17521, CVE-2020-15778, CVE-2020-14145, CVE-2020-13956, CVE-2020-11023, CVE-2020-11022, CVE-2019-10172
IOC
Zasiahnuté systémy
Oracle Access Manager
Oracle Agile PLM
Oracle Application Express
Oracle Application Testing Suite
Oracle Autovue for Agile Product Lifecycle Management
Oracle Banking APIs
Oracle Banking Cash Management
Oracle Banking Corporate Lending Process Management
Oracle Banking Digital Experience
Oracle Banking Liquidity Management
Oracle Banking Supply Chain Finance
Oracle BI Publisher
Oracle Blockchain Platform
Oracle Business Activity Monitoring
Oracle Business Intelligence Enterprise Edition
Oracle Business Process Management Suite
Oracle Commerce Guided Search
Oracle Commerce Platform
Oracle Communications ASAP
Oracle Communications Cloud Native Core Automated Test Suite
Oracle Communications Cloud Native Core Binding Support Function
Oracle Communications Cloud Native Core Certificate Management
Oracle Communications Cloud Native Core Console
Oracle Communications Cloud Native Core DBTier
Oracle Communications Cloud Native Core Network Function Cloud Native Environment
Oracle Communications Cloud Native Core Network Repository Function
Oracle Communications Cloud Native Core Network Slice Selection Function
Oracle Communications Cloud Native Core Policy
Oracle Communications Cloud Native Core Security Edge Protection Proxy
Oracle Communications Cloud Native Core Service Communication Proxy
Oracle Communications Cloud Native Core Unified Data Repository
Oracle Communications Convergent Charging Controller
Oracle Communications Core Session Manager
Oracle Communications EAGLE Application Processor
Oracle Communications IP Service Activator
Oracle Communications LSMS
Oracle Communications Messaging Server
Oracle Communications Network Analytics Data Director
Oracle Communications Network Charging and Control
Oracle Communications Operations Monitor
Oracle Communications Order and Service Management
Oracle Communications Performance Intelligence Center
Oracle Communications Policy Management
Oracle Communications Session Border Controller
Oracle Communications Unified Assurance
Oracle Communications User Data Repository
Oracle Database Server
Oracle E-Business Suite
Oracle Enterprise Communications Broker
Oracle Enterprise Data Quality
Oracle Enterprise Manager Base Platform
Oracle Enterprise Manager for Fusion Middleware
Oracle Enterprise Manager Fusion Middleware Control
Oracle Enterprise Operations Monitor
Oracle Essbase
Oracle Financial Services Compliance Studio
Oracle Global Lifecycle Management FMW Installer
Oracle GoldenGate Big Data and Application Adapters
Oracle GoldenGate Stream Analytics
Oracle GraalVM Enterprise Edition
Oracle GraalVM for JDK
Oracle Hospitality Cruise Shipboard Property Management System
Oracle Hospitality OPERA 5
Oracle Hospitality Simphony
Oracle HTTP Server
Oracle Hyperion BI+
Oracle Hyperion Financial Management
Oracle Hyperion Infrastructure Technology
Oracle Identity Manager Connector
Oracle Java SE
Oracle Managed File Transfer
Oracle Management Cloud Engine
Oracle Middleware Common Libraries and Tools
Oracle MySQL Client
Oracle MySQL Cluster
Oracle MySQL Connectors
Oracle MySQL Enterprise Backup
Oracle MySQL Enterprise Monitor
Oracle MySQL Server
Oracle MySQL Workbench
Oracle NoSQL Database
Oracle Outside In Technology
Oracle PeopleSoft Enterprise CC Common Application Objects
Oracle PeopleSoft Enterprise ELM Enterprise Learning Management
Oracle PeopleSoft Enterprise FIN Expenses
Oracle PeopleSoft Enterprise HCM Global Payroll Core
Oracle PeopleSoft Enterprise PeopleTools
Oracle Retail Customer Management and Segmentation Foundation
Oracle Retail EFTLink
Oracle SD-WAN Aware
Oracle SD-WAN Edge
Oracle Secure Backup
Oracle Service Bus
Oracle Siebel Applications
Oracle Solaris Cluster
Oracle SQL Developer
Oracle Utilities Application Framework
Oracle Utilities Network Management System
Oracle VM VirtualBox
Oracle WebCenter Forms Recognition
Oracle WebCenter Portal
Oracle WebCenter Sites
Oracle WebLogic Server

Presnú špecifikáciu jednotlivých zasiahnutých produktov nájdete na odkazoch v sekcii ZDROJE

Následky
Vykonanie škodlivého kódu
Eskalácia privilégií
Neoprávnený prístup k citlivým údajom
Neoprávnená zmena v systéme
Zneprístupnenie služby
Neoprávnený prístup do systému
Odporúčania
Administrátorom a používateľom odporúčame bezodkladne vykonať aktualizáciu zasiahnutých systémov.
Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.
Taktiež odporúčame poučiť používateľov, aby neotvárali neoverené e-mailové správy, prílohy z neznámych zdrojov a nenavštevovali nedôveryhodné webové stránky.
Zdroje
https://www.oracle.com/security-alerts/cpuoct2024.html
https://www.oracle.com/security-alerts/cpuoct2024verbose.html#EBS

« Späť na zoznam