virus logo Intrusion Prevention

Oracle.BI.Publisher.SchedulerConfigPage11g.JNDI.Injection

description-logoDescription

This indicates an attack attempt to exploit a JNDI Injection Vulnerability in Oracle Business Intelligence Enterprise Edition.
This vulnerability is due to improper handling of user supplied data. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to a vulnerable server. Successful exploitation results in the target server retrieving a potentially malicious serialized object from an attacker controlled server which may lead to the execution of arbitrary code under the security context of the affected server.

affected-products-logoAffected Products

Oracle Business Intelligence Enterprise Edition 11.1.1.9.0
Oracle Business Intelligence Enterprise Edition 12.2.1.3.0
Oracle Business Intelligence Enterprise Edition 12.2.1.4.0
Oracle Business Intelligence Enterprise Edition 5.5.0.0.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/security-alerts/cpujul2021.html#AppendixFMW

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-10-06 18.171 Default_action:pass:drop
2021-09-27 18.165
ID 50765
Created Sep 16, 2021
Updated Oct 05, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2021-2391
Exploit Prediction Score 4.28%
Default Action drop
Active
Affected OS All
Affected App Oracle