VDB
WID-SEC-W-2023-2676
WID-SEC-W-2023-2676
PUBLISHED
Oracle Enterprise Manager (OEM) ist ein Set von System Management Werkzeugen von Oracle für Oracle Umgebungen. Es beinhaltet Werkzeuge zum Monitoring von Oracle Umgebung und zur Automatisierung von Datenbank- und Applikations Administration.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Enterprise Manager 13.5.0.0 | ||
| Oracle Enterprise Manager 13.5.1.1 | ||
| Oracle Enterprise Manager 12.4.0.0 | ||
| Oracle Enterprise Manager 13.3.0.1 |
Exploit Intelligence
- CVE-2024-21683 Confluence Post Auth RCE (github-poc)
- phucrio/CVE-2024-21683-RCE (github-poc)
- This vulnerability could allow an attacker to take complete control of a vulnerable Confluence server. This could allow the attacker to steal data, modify data, or disrupt the availability of the server. (github-poc)
- CVE-2024-21683 Confluence Post Auth RCE (github-poc)
- This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server (github-poc)
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2676.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2676 (circl)
- https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixEM (circl)
- Nuclei Template: CVE-2024-21683 (nuclei-template)
Timeline
- Oct 17, 2023 CVE Published