Oracle.Secure.Backup.Cookies.Command.Injection
Description
This indicates an attack attempt against a command-injection vulnerability in Oracle Secure Backup.
The vulnerability is caused by an error when the CGI program "login.php" handles a specially crafted HTTP request. It allows a remote attacker to inject arbitrary commands.
Affected Products
Oracle Secure Backup 10.2.0.3
Oracle Secure Backup 10.2.0.2
Oracle Secure Backup 10.1.0.3
Oracle Secure Backup 10.1.0.2
Oracle Secure Backup 10.1.0.1
Impact
System Compromise
Recommended Actions
Apply the patch available at the following website:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |