Details of VAR-202001-1034

ID

VAR-202001-1034

CVE

CVE-2020-2555

TITLE

Oracle Fusion Middleware of Oracle Coherence In Caching,CacheStore,Invocation Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-001293

DESCRIPTION

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Oracle Fusion Middleware of Oracle Coherence In Caching,CacheStore,Invocation There are vulnerabilities that affect confidentiality, integrity, and availability due to a flaw in processing.Information gained, falsified, and denial of service by remote attackers (DoS) An attack could be made. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the T3 protocol on TCP port 7001. When deserializing objects embedded with T3 protocol messages, the server allows deserialization of classes that may lead to arbitrary code execution. An attacker can leverage this vulnerability to execute code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The platform provides functions such as middleware and software collection

Trust: 2.97

sources: NVD: CVE-2020-2555 // JVNDB: JVNDB-2020-001293 // ZDI: ZDI-20-128 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-179539 // VULMON: CVE-2020-2555

AFFECTED PRODUCTS

vendor:	oracle	model:	utilities framework	scope:	eq	version:	4.4.0.2.0	Trust: 1.0
vendor:	oracle	model:	coherence	scope:	eq	version:	3.7.1.0	Trust: 1.0
vendor:	oracle	model:	utilities framework	scope:	eq	version:	4.2.0.2.0	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	oracle	model:	utilities framework	scope:	gte	version:	4.3.0.1.0	Trust: 1.0
vendor:	oracle	model:	rapid planning	scope:	eq	version:	12.1	Trust: 1.0
vendor:	oracle	model:	webcenter portal	scope:	eq	version:	12.2.1.4.0	Trust: 1.0
vendor:	oracle	model:	commerce platform	scope:	eq	version:	11.2.0	Trust: 1.0
vendor:	oracle	model:	rapid planning	scope:	eq	version:	12.2	Trust: 1.0
vendor:	oracle	model:	healthcare data repository	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	oracle	model:	coherence	scope:	eq	version:	12.1.3.0.0	Trust: 1.0
vendor:	oracle	model:	retail assortment planning	scope:	eq	version:	15.0	Trust: 1.0
vendor:	oracle	model:	utilities framework	scope:	lte	version:	4.3.0.6.0	Trust: 1.0
vendor:	oracle	model:	commerce platform	scope:	gte	version:	11.3.0	Trust: 1.0
vendor:	oracle	model:	utilities framework	scope:	eq	version:	4.2.0.3.0	Trust: 1.0
vendor:	oracle	model:	commerce platform	scope:	lte	version:	11.3.2	Trust: 1.0
vendor:	oracle	model:	webcenter portal	scope:	eq	version:	12.2.1.3.0	Trust: 1.0
vendor:	oracle	model:	utilities framework	scope:	eq	version:	4.4.0.0.0	Trust: 1.0
vendor:	oracle	model:	commerce platform	scope:	eq	version:	11.1.0	Trust: 1.0
vendor:	oracle	model:	commerce platform	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	oracle	model:	coherence	scope:	eq	version:	12.2.1.3.0	Trust: 1.0
vendor:	oracle	model:	access manager	scope:	eq	version:	11.1.2.3.0	Trust: 1.0
vendor:	oracle	model:	coherence	scope:	eq	version:	12.2.1.4.0	Trust: 1.0
vendor:	oracle	model:	retail assortment planning	scope:	eq	version:	16.0	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	lte	version:	8.2.2	Trust: 1.0
vendor:	oracle	model:	fusion middleware	scope:	eq	version:	of oracle coherence 12.1.3.0.0	Trust: 0.8
vendor:	oracle	model:	fusion middleware	scope:	eq	version:	of oracle coherence 12.2.1.3.0	Trust: 0.8
vendor:	oracle	model:	fusion middleware	scope:	eq	version:	of oracle coherence 12.2.1.4.0	Trust: 0.8
vendor:	oracle	model:	fusion middleware	scope:	eq	version:	of oracle coherence 3.7.1.17	Trust: 0.8
vendor:	oracle	model:	weblogic	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-20-128 // JVNDB: JVNDB-2020-001293 // NVD: CVE-2020-2555

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-2555
value:	CRITICAL
Trust: 1.0
secalert_us@oracle.com:	CVE-2020-2555
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2020-2555
value:	CRITICAL
Trust: 0.8
ZDI:	CVE-2020-2555
value:	CRITICAL
Trust: 0.7
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202001-679
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-179539
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-2555
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-2555
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-179539
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

secalert_us@oracle.com:	CVE-2020-2555
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-2555
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2020-2555
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-128 // VULHUB: VHN-179539 // VULMON: CVE-2020-2555 // JVNDB: JVNDB-2020-001293 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202001-679 // NVD: CVE-2020-2555 // NVD: CVE-2020-2555

PROBLEMTYPE DATA

problemtype:

CWE-502

Trust: 1.1

sources: VULHUB: VHN-179539 // NVD: CVE-2020-2555

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202001-679

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-001293

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-179539

PATCH

title:	Oracle Critical Patch Update Advisory - January 2020	url:	https://www.oracle.com/security-alerts/cpujan2020.html	Trust: 1.5
title:	Text Form of Oracle Critical Patch Update - January 2020 Risk Matrices	url:	https://www.oracle.com/security-alerts/cpujan2020verbose.html	Trust: 0.8
title:	Oracle Fusion Middleware Coherence Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108607	Trust: 0.6
title:	CVE-2020-2555 Require Reference	url:	https://github.com/Uvemode/CVE-2020-2555	Trust: 0.1
title:	CVE-2020-2555 Require Reference	url:	https://github.com/Y4er/CVE-2020-2555	Trust: 0.1
title:	POC_CVE-2020-2555	url:	https://github.com/Qynklee/POC_CVE-2020-2555	Trust: 0.1
title:	CVE-2020-2555	url:	https://github.com/wsfengfan/CVE-2020-2555	Trust: 0.1
title:	Attacking_Shiro_with_CVE_2020_2555	url:	https://github.com/feihong-cs/Attacking_Shiro_with_CVE_2020_2555	Trust: 0.1

sources: ZDI: ZDI-20-128 // VULMON: CVE-2020-2555 // JVNDB: JVNDB-2020-001293 // CNNVD: CNNVD-202001-679

EXTERNAL IDS

db:	NVD	id:	CVE-2020-2555	Trust: 3.3
db:	PACKETSTORM	id:	157207	Trust: 1.7
db:	PACKETSTORM	id:	157795	Trust: 1.7
db:	PACKETSTORM	id:	157054	Trust: 1.7
db:	ZDI	id:	ZDI-20-128	Trust: 1.3
db:	JVNDB	id:	JVNDB-2020-001293	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-9020	Trust: 0.7
db:	EXPLOIT-DB	id:	48508	Trust: 0.7
db:	CNNVD	id:	CNNVD-202001-679	Trust: 0.7
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	EXPLOIT-DB	id:	48320	Trust: 0.6
db:	CS-HELP	id:	SB2021072118	Trust: 0.6
db:	CS-HELP	id:	SB2021072735	Trust: 0.6
db:	NSFOCUS	id:	45703	Trust: 0.6
db:	CXSECURITY	id:	WLB-2020050174	Trust: 0.6
db:	CXSECURITY	id:	WLB-2020040075	Trust: 0.6
db:	SEEBUG	id:	SSVID-98140	Trust: 0.1
db:	VULHUB	id:	VHN-179539	Trust: 0.1
db:	VULMON	id:	CVE-2020-2555	Trust: 0.1

REFERENCES

url:	https://www.oracle.com/security-alerts/cpujan2020.html	Trust: 2.4
url:	http://packetstormsecurity.com/files/157054/oracle-coherence-fusion-middleware-remote-code-execution.html	Trust: 2.3
url:	http://packetstormsecurity.com/files/157207/oracle-weblogic-server-12.2.1.4.0-remote-code-execution.html	Trust: 2.3
url:	http://packetstormsecurity.com/files/157795/weblogic-server-deserialization-remote-code-execution.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpujan2021.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpujul2020.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpuoct2020.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpujul2021.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-2555	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-2555	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://cxsecurity.com/issue/wlb-2020040075	Trust: 0.6
url:	https://www.exploit-db.com/exploits/48508	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/45703	Trust: 0.6
url:	https://www.oracle.com/security-alerts/cpujan2020verbose.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/oracle-fusion-middleware-vulnerabilities-of-january-2020-31329	Trust: 0.6
url:	https://media.cert.europa.eu/static/securityadvisories/2020/cert-eu-sa2020-026.pdf	Trust: 0.6
url:	https://www.zerodayinitiative.com/advisories/zdi-20-128/	Trust: 0.6
url:	https://www.exploit-db.com/exploits/48320	Trust: 0.6
url:	https://cxsecurity.com/issue/wlb-2020050174	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072118	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072735	Trust: 0.6

sources: ZDI: ZDI-20-128 // VULHUB: VHN-179539 // JVNDB: JVNDB-2020-001293 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202001-679 // NVD: CVE-2020-2555

CREDITS

Jang from VNPT ISC

Trust: 0.7

sources: ZDI: ZDI-20-128

SOURCES

db:	ZDI	id:	ZDI-20-128
db:	VULHUB	id:	VHN-179539
db:	VULMON	id:	CVE-2020-2555
db:	JVNDB	id:	JVNDB-2020-001293
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202001-679
db:	NVD	id:	CVE-2020-2555

LAST UPDATE DATE

2024-10-02T21:22:30.277000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-128	date:	2020-01-15T00:00:00
db:	VULHUB	id:	VHN-179539	date:	2022-10-25T00:00:00
db:	VULMON	id:	CVE-2020-2555	date:	2022-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2020-001293	date:	2020-01-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202001-679	date:	2022-07-14T00:00:00
db:	NVD	id:	CVE-2020-2555	date:	2024-10-02T14:24:50.520

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-128	date:	2020-01-15T00:00:00
db:	VULHUB	id:	VHN-179539	date:	2020-01-15T00:00:00
db:	VULMON	id:	CVE-2020-2555	date:	2020-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2020-001293	date:	2020-01-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202001-679	date:	2020-01-15T00:00:00
db:	NVD	id:	CVE-2020-2555	date:	2020-01-15T17:15:17.347