Intrusion Prevention

Oracle.iPlanet.Admin.Panel.admingui.Image.Injection

Description

This indicates an attack attempt to exploit an Image Injection Vulnerability in Oracle iPlanet Admin Panel.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may perform phishing attacks by injecting a custom image in the admin panel.

Affected Products

Oracle iPlanet Web Server versions 7.0

Impact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2020-9314