QID 730670

Oracle E-Business Suite is one of Oracle Corp.'s major product lines. Also known as Oracle EBS, it is an integrated set of business applications for automating customer relationship management (CRM), enterprise resource planning (ERP) and supply chain management (SCM) processes within organizations.

Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator.

Affected Products:
Oracle E-Business Suite versions 12.2.3 - 12.2.11

QID Detection Logic (Unauthenticated):
Detection would be overwriting existing perl file "txkfndwrr.pl" using vulnerable endpoint "OA_HTML/BneViewerXMLService?bne:uueupload=TRUE" with malicious payload and on successful execution, uploaded payload will echo string "QualysTest: File has been modified for QID 730670 (CVE-2022-21587)" in response over endpoint "OA_CGI/FNDWRR.exe".

NOTE:
Qualys recommends to create a backup of the file -"txkFNDWRR.pl" present at path - "FMW_Home/Oracle_EBS-app1/common/scripts/" before scanning.

Successfully exploitation of these vulnerabilities may allow an unauthenticated attacker to execute arbitrary code on the target system.