VDB
WID-SEC-W-2023-1015
WID-SEC-W-2023-1015
PUBLISHED
Health Sciences Applications ist eine Zusammenstellung von Produkten für die Pharma-, Biotechnologie-, Medizin- und Gesundheitsbranche.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Health Sciences Applications <8.2.3 | ||
| Oracle Health Sciences Applications <7.0.0.1 | ||
| Oracle Health Sciences Applications 7.0.0.1 | ||
| Oracle Health Sciences Applications 5.4.0.2 | ||
| Oracle Health Sciences Applications 6.3.1.3 | ||
| Oracle Health Sciences Applications 8.2.3 | ||
| Oracle Health Sciences Applications <6.3.1.3 |
Exploit Intelligence
- This project for CVE-2019-18935 (github-poc-repo)
- TelerikUI Vulnerability Scanner (CVE-2019-18935) (github-poc-repo)
- Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935) (github-poc-repo)
- [CVE-2019-18935] Telerik UI for ASP.NET AJAX (RadAsyncUpload Handler) .NET JSON Deserialization (github-poc-repo)
- CVE-2019-18935 (github-poc-repo)
- TelerikUI Vulnerability Scanner (CVE-2019-18935) (github-poc-repo)
- 0xAgun/CVE-2019-18935-checker (github-poc-repo)
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX. (github-poc-repo)
- Unrestricted File Upload by Weak Encryption affected versions (CVE-2017-11317) 2. Remote Code Execution by Insecure Deserialization - (CVE-2019-18935) (github-poc-repo)
- TelerikUI Vulnerability Scanner (CVE-2019-18935) (github-poc-repo)
…and 40 more exploits
Timeline
- May 17, 2020 PoC Published
- Apr 18, 2023 CVE Published
- Feb 4, 2025 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1015.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1015 advisory
- https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixHCAR url
- https://www.esentire.com/blog/threat-actors-use-cve-2019-18935-to-deliver-reverse-shells-and-juicypotatong-privilege-escalation-tool url