Private Vulnerabilities

Our customers will know first

Vulnerabilities Discovered in 2018

[Vicxer-1806] Oracle Siebel Missing Authentication Check
  • Risk: Critical
  • CVSSv3: 10 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
  • Vendor: Oracle
  • Publication Date: 04/11/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    Due to a lack of authentication check impacting all versions of the Oracle Siebel kernel, a remote and unauthenticated attacker will be able to extract the entire content of the Oracle Siebel database and even execute specific functions on the affected system.

    This vulnerability is particularly risky as it can be exploited directly from the Internet even if the affected server is protected by a regular firewall or a WAF.

[Vicxer-1805] SAP Security Audit Log Bypass
  • Risk: Medium
  • CVSSv3: 6.3 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L)
  • Vendor: SAP
  • Publication Date: 11/04/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    An attacker who had previously compromised an SAP system, will be able to invoke a certain report that can be use to call different RFC function modules without registering any of the activities (calls / output) on the security audit log, even if this security audit trail is fully activated on the affected SAP system.

[Vicxer-1804] SAP DB Web Server Remote Denial Of Service
  • Risk: High
  • CVSSv3: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
  • Vendor: SAP
  • Publication Date: 04/11/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    A remote and unauthenticated attacker will be able to completely shutdown the SAP DB Web Server by sending a simple HTTP request to the webserver dispatcher. After the successful exploitation of this vulnerability, the process behind the remote administrative interface crashes and has to be manually started.

    The attacker only needs network connectivity to be able to exploit this vulnerability.

[Vicxer-1803] Oracle EBS 12.1, Remote Code Execution on default web application
  • Risk: Critical
  • CVSSv3: 10 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
  • Vendor: Oracle
  • Publication Date: 01/16/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    A remote and unauthenticated attacker will be able to execute arbitrary SQL statements and operating system commands under the privileges of the user that is running the affected EBS server, allowing him / her to completely compromise the vulnerable asset and all the information that it is processed by it.

    This serious issue is present on a default EBS web application, that fails to properly verify if the remote user has been previously authenticated and if it has the right set of privileges to use the application. This vulnerability is particularly risky as it can be exploited from the Internet, even if the EBS server is protected by a regular firewall or a WAF.

[Vicxer-1802] SAP MaxDB X Server, information disclosure
  • Risk: Medium
  • CVSSv3: 4.7 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
  • Vendor: SAP
  • Publication Date: 01/16/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    A remote and unauthenticated attacker will be able to send a specially crafted request towards a particular MaxDB application server, with the objective of retrieving sensitive technical information such as database names, schemas, disk space, kernel information, etc.

    By exploiting this vulnerability, an attacker could plan a more advance and precise attack against the vulnerable MaxDB server.

[Vicxer-1801] Unprotected and undocumented SAP web methods
  • Risk: Medium
  • CVSSv3: 4.7 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
  • Vendor: SAP
  • Publication Date: 01/16/2018
  • Status: 0-Day
  • Brief description of the vulnerability:

    A remote and unauthenticated attacker will be able to send a specially crafted request towards any SAP Netweaver Systems (>= 7.20) and obtain vast technical information from the affected SAP system like application servers hostnames, IPs, System SIDs and many more.

    This scenario is particularly risky, as the vulnerable functionality is not officially documented on the SAP configuration documents which makes its resolution even harder.

I want to be protected against these 0-Days

To learn more about this offering, please complete this short form and one of our business representatives will contact you as soon as possible.