Oracle.WebLogic.Fusion.Middleware.UDDIexplorer.SSRF
Description
This indicates an attack attempt against a Server Side Request Forgery vulnerability in Oracle Fusion Middleware.
The vulnerabilities is due to an error in the application when handling a crafted HTTP webpage. A remote attacker can exploit this to bypass security checks of vulnerable systems to make HTTP GET or FTP request, via a crafted HTTP webpage.
Affected Products
Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.6
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP GET or FTP request.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |