Oracle.WebLogic.Fusion.Middleware.UDDIexplorer.SSRF

description-logoDescription

This indicates an attack attempt against a Server Side Request Forgery vulnerability in Oracle Fusion Middleware.
The vulnerabilities is due to an error in the application when handling a crafted HTTP webpage. A remote attacker can exploit this to bypass security checks of vulnerable systems to make HTTP GET or FTP request, via a crafted HTTP webpage.

affected-products-logoAffected Products

Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.6

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP GET or FTP request.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-27 17.006 Default_action:pass:drop
2020-12-16 16.981