TR-20-440 (Oracle E-Business Suite Zafiyeti)

Genel Bilgi

Oracle E-Business Suite ürününde saldırganların hedef sistemde hassas bilgilere erişimini sağlayan kritik bir zafiyeti tespit edildi.

Etki

Mevcut güvenlik açıklıkları nedeniyle siber saldırganların bu zafiyeti kullanarak saldırılarını gerçekleştirmeleri ihtimal dâhilindedir. Zafiyetlerin CVE kodları şöyledir, CVE-2020-2586, CVE-2020-2587, CVE-2020-4310, CVE-2020-4320, CVE-2020-8541, CVE-2020-8542 ve CVE-2020-8543 .

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Oracle firmasının güvenlik bültenlerini takip etmelerini, bu zafiyet hakkında yayınlanan yama kodunu ivedilikle güncellemelerini önermektedir.

Kaynaklar

https://thehackernews.com/2020/06/oracle-e-business-suite.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+TheHackersNews+(The+Hackers+News+-+Cyber+Security+Blog)Oracle

http://feedproxy.google.com/~r/TheHackersNews/~3/ymN0bZ7Q76Q/oracle-e-business-suite.htmlOracle

https://www.darkreading.com/vulnerabilities---threats/half-of-firms-likely-running-vulnerable-oracle-e-business-suite/d/d-id/1338096?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simpleHalf

https://www.itsecuritynews.info/half-of-firms-likely-running-vulnerable-oracle-e-business-suite/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+ItSecurityNewsAggregated+(IT+Security+News)Half

https://securityaffairs.co/wordpress/104840/hacking/bigdebit-flaws-oracle-ebs.html?utm_source=rss&utm_medium=rss&utm_campaign=bigdebit-flaws-oracle-ebsBigDebIT

https://www.securitynewspaper.com/2020/06/16/oracles-e-business-suite-ebs-vulnerabilities-expose-your-business-financial-records-to-hackers/Oracle's

https://thehackernews.com/2020/06/oracle-e-business-suite.html

2020-06-17