Oracle Fusion Middleware PHP Remote File Inclusion Vulnerability - 20231117001

Overview

The WA SOC has observed a high vulnerability in Oracle software configuration, whereby the api handling endpoint allows for a local file inclusion that can lead to remote code execution. It requires a valid api token which can be obtained via a database backup (with account access), a number of different sql injections (with account access), or stolen from a user.

What is the vulnerability?

CVE-2023-2551 - CVSS v3 Base Score: 8.8

What is vulnerable?

The vulnerability affects the following products:

• PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month (refer Patch Management):

• Bug Fixing

Additional References

• Mitre CVE