Oracle.Business.Transaction.Management.Arbitrary.File.Write

description-logoDescription

This indicates an attack attempt against an Authentication Bypass vulnerability in Oracle Business Transaction Management Server.
The vulnerabilities are caused by an error when the vulnerable software handles malicious SOAP request. It allows a remote attacker to execute arbitrary code or delete a file via a crafted SOAP request.

affected-products-logoAffected Products

Oracle Business Transaction Management Server 12.1.0.2.7

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-10-16 13.473 Sig Added