Login Sign Up

CVE-2021-2231

8.1 HIGH

📋 TL;DR

This vulnerability in Oracle E-Business Suite's Installed Base component allows authenticated attackers with network access via HTTP to perform unauthorized data manipulation and access. Attackers can create, delete, or modify critical data, potentially compromising the integrity and confidentiality of all Installed Base accessible information. Organizations running Oracle E-Business Suite 12.1.3 are affected.

💻 Affected Systems

Products:
  • Oracle E-Business Suite
Versions: 12.1.3
Operating Systems: Any OS running Oracle E-Business Suite
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the Installed Base component's APIs within Oracle E-Business Suite 12.1.3.

📦 What is this software?

Installed Base by Oracle

View all CVEs affecting Installed Base →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of Oracle Installed Base data including unauthorized access to all sensitive information and ability to modify or delete critical business data, potentially disrupting operations.

🟠

Likely Case

Unauthorized access to sensitive business data and unauthorized modifications to installed base records, leading to data integrity issues and potential business process disruption.

🟢

If Mitigated

Limited impact if proper network segmentation, access controls, and monitoring are in place, though the vulnerability still exists.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires low privileged attacker with network access via HTTP. The vulnerability is described as 'easily exploitable' by Oracle.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply patches from Oracle Critical Patch Update April 2021

Vendor Advisory: https://www.oracle.com/security-alerts/cpuapr2021.html

Restart Required: Yes

Instructions:

1. Download the appropriate patch from Oracle Support. 2. Apply the patch following Oracle's patching procedures. 3. Restart affected services. 4. Test functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Oracle E-Business Suite to only trusted sources

Access Control Enhancement

all

Review and tighten user permissions for Oracle Installed Base APIs

🧯 If You Can't Patch

  • Implement strict network access controls to limit HTTP access to Oracle E-Business Suite
  • Enhance monitoring of Oracle Installed Base API access and data modification activities

🔍 How to Verify

Check if Vulnerable:

Check Oracle E-Business Suite version and verify if patch from April 2021 CPU has been applied

Check Version:

Check Oracle E-Business Suite version through Oracle application administration tools

Verify Fix Applied:

Verify patch application through Oracle's patch management tools and confirm version is updated

📡 Detection & Monitoring

Log Indicators:

  • Unusual API calls to Oracle Installed Base components
  • Unauthorized data modification attempts
  • Multiple failed authentication attempts followed by successful access

Network Indicators:

  • HTTP traffic to Oracle E-Business Suite Installed Base APIs from unusual sources
  • Patterns of data manipulation requests

SIEM Query:

Search for HTTP requests to Oracle E-Business Suite Installed Base APIs with suspicious parameters or from unauthorized IP addresses

📊 Metadata

CVE ID: CVE-2021-2231
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Published: April 22, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON