Description

Due to insecure handling of XML DTD, Oracle EBS lcmServiceController script allows remote attackers to interact with internal network resources via Blind Server Side Request Forgery (SSRF).

Remediation

Upgrade to the latest version of Oracle E-Business Suite

References

Oracle Critical Patch Update Advisory - October 2018

Related Vulnerabilities

Apache Struts2 Remote Command Execution (S2-053)

WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Server-Side Request Forgery (2.2.23)

XSLT injection

Kentico CMS Deserialization RCE

Jira Unauthorized SSRF via REST API

Severity

Medium

Classification

CVE-2018-3167 CWE-918 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Acumonitor SSRF