Oracle.BPEL.PM.ScriptServlet.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in Oracle BPEL Process Manager.
The vulnerability is due to an insufficient input validation error when handling a crafted HTTP request. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted HTTP request.
Affected Products
Oracle BPEL Process Manager 10.1.x up to 10.1.3.5.0
Oracle BPEL Process Manager 11.1.x up to 11.1.1.6.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |