CNVD-2020-43741

Vulnerability from cnvd - Published: 2020-07-27
VLAI Severity ?
Title
Oracle Fusion Middleware WebCenter Sites存在未明漏洞(CNVD-2020-43741 )
Description
Oracle Fusion Middleware(Oracle融合中间件)是美国甲骨文(Oracle)公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件,它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验,以提升销量和客户忠诚度。 Oracle Fusion Middleware WebCenter Sites存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,影响数据的保密性和完整性。
Severity
Patch Name
Oracle Fusion Middleware WebCenter Sites存在未明漏洞(CNVD-2020-43741 )的补丁
Patch Description
Oracle Fusion Middleware(Oracle融合中间件)是美国甲骨文(Oracle)公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件,它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验,以提升销量和客户忠诚度。 Oracle Fusion Middleware WebCenter Sites存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,影响数据的保密性和完整性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

厂商已发布了漏洞修复程序,请及时关注更新: https://www.oracle.com/security-alerts/cpujul2020.html

Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-14652
Impacted products
Name
['Oracle Oracle Fusion Middleware WebLogic Server 10.3.6.0.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.1.3.0.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.3.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.4.0', 'Oracle Oracle Fusion Middleware WebLogic Server 14.1.1.0.0']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-14652",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-14652"
    }
  },
  "description": "Oracle Fusion Middleware\uff08Oracle\u878d\u5408\u4e2d\u95f4\u4ef6\uff09\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u4f01\u4e1a\u548c\u4e91\u73af\u5883\u7684\u4e1a\u52a1\u521b\u65b0\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u4e2d\u95f4\u4ef6\u3001\u8f6f\u4ef6\u96c6\u5408\u7b49\u529f\u80fd\u3002WebCenter Sites\u662f\u5176\u4e2d\u7684\u4e00\u4e2aWeb\u4f53\u9a8c\u7ba1\u7406\u7ec4\u4ef6\uff0c\u5b83\u53ef\u8ba9\u8425\u9500\u4eba\u5458\u548c\u4e1a\u52a1\u7528\u6237\u5728\u5168\u7403\u8303\u56f4\u5185\u8de8\u591a\u4e2a\u6e20\u9053\u521b\u5efa\u548c\u7ba1\u7406\u4e92\u52a8\u5f0f\u793e\u4ea4\u5728\u7ebf\u4f53\u9a8c\uff0c\u4ee5\u63d0\u5347\u9500\u91cf\u548c\u5ba2\u6237\u5fe0\u8bda\u5ea6\u3002\n\nOracle Fusion Middleware WebCenter Sites\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u6388\u6743\u8bfb\u53d6\u3001\u66f4\u65b0\u3001\u63d2\u5165\u6216\u5220\u9664\u6570\u636e\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.oracle.com/security-alerts/cpujul2020.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-43741",
  "openTime": "2020-07-27",
  "patchDescription": "Oracle Fusion Middleware\uff08Oracle\u878d\u5408\u4e2d\u95f4\u4ef6\uff09\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u4f01\u4e1a\u548c\u4e91\u73af\u5883\u7684\u4e1a\u52a1\u521b\u65b0\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u4e2d\u95f4\u4ef6\u3001\u8f6f\u4ef6\u96c6\u5408\u7b49\u529f\u80fd\u3002WebCenter Sites\u662f\u5176\u4e2d\u7684\u4e00\u4e2aWeb\u4f53\u9a8c\u7ba1\u7406\u7ec4\u4ef6\uff0c\u5b83\u53ef\u8ba9\u8425\u9500\u4eba\u5458\u548c\u4e1a\u52a1\u7528\u6237\u5728\u5168\u7403\u8303\u56f4\u5185\u8de8\u591a\u4e2a\u6e20\u9053\u521b\u5efa\u548c\u7ba1\u7406\u4e92\u52a8\u5f0f\u793e\u4ea4\u5728\u7ebf\u4f53\u9a8c\uff0c\u4ee5\u63d0\u5347\u9500\u91cf\u548c\u5ba2\u6237\u5fe0\u8bda\u5ea6\u3002\r\n\r\nOracle Fusion Middleware WebCenter Sites\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u6388\u6743\u8bfb\u53d6\u3001\u66f4\u65b0\u3001\u63d2\u5165\u6216\u5220\u9664\u6570\u636e\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle Fusion Middleware WebCenter Sites\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-43741 \uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle Oracle Fusion Middleware WebLogic Server 10.3.6.0.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.1.3.0.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.3.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.4.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 14.1.1.0.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-14652",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-16",
  "title": "Oracle Fusion Middleware WebCenter Sites\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-43741 \uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.