Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Oracle Critical Patch Update for October 2020 Addresses 402 Security Updates

Oracle’s latest Critical Patch Update surpasses the 400 mark for the second time this year with 402 security patches addressing 230 CVEs, including numerous critical vulnerabilities in Oracle Fusion Middleware products.

Background

On October 20, Oracle released the Critical Patch Update (CPU) Advisory for October 2020, its final quarterly release of security patches for the year. This update contains fixes for 230 CVEs in 402 security patches across 27 Oracle product families. This quarter’s update marks the second-highest count in Oracle CPUs, surpassed only by the July 2020 update which holds the record with over 440 patches.

* Chart is accurate as of October 21, 2020

Analysis

This quarter’s CPU includes 35 critically rated CVEs across a wide range of Oracle products. The table below lists the product families with vulnerabilities addressed in this month’s release along with the number of vulnerabilities that are remotely exploitable without authentication.

Oracle Product FamilyNumber of PatchesRemote Exploit without Auth
Oracle Financial Services Applications5349
Oracle MySQL534
Oracle Communications5241
Oracle Fusion Middleware4636
Oracle Retail Applications2825
Oracle E-Business Suite2725
Oracle Database Server184
Oracle PeopleSoft1512
Oracle Enterprise Manager1110
Oracle Communications Applications98
Oracle Construction and Engineering97
Oracle Hyperion91
Oracle Java SE88
Oracle Systems83
Oracle Virtualization70
Oracle Hospitality Applications63
Oracle Insurance Applications66
Oracle Policy Automation66
Oracle REST Data Services52
Oracle Utilities Applications53
Oracle TimesTen In-Memory Database44
Oracle Food and Beverage Applications43
Oracle Health Sciences Applications44
Oracle Supply Chain43
Oracle Siebel CRM33
Oracle Big Data Graph11
Oracle GraalVM11

* Table is accurate as of October 21, 2020

Notable Vulnerabilities

Considering the large number of patches released in this CPU, it may be hard to digest, filter and prioritize these vulnerabilities. However, a few Oracle WebLogic Server vulnerabilities are of note due to their criticality and potential for being targeted by attackers.

CVE-2020-14825, CVE-2020-14841, CVE-2020-14859 | Oracle WebLogic Server - Component: Core

CVE-2020-14825, CVE-2020-14841 and CVE-2020-14859 are vulnerabilities in the Core component of Oracle WebLogic Server. Oracle has classified these vulnerabilities as “easily exploitable” as they would allow an unauthenticated attacker with network access via Oracle’s T3 or Internet Inter-ORB Protocol (IIOP) to compromise the server. All three vulnerabilities affect versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. CVE-2020-14841 and CVE-2020-14859 also affect versions 10.3.6.0.0 and 12.1.3.0.0.

CVE-2002-14841 Proof of Concept

On October 21, security researcher Hamid Kashfi shared a proof of concept (PoC) for CVE-2020-14841 in a tweet stating “Another Oracle Tomcat JNDI bypass: CVE-2020-14841.”

CVE-2020-14882 | Oracle WebLogic Server - Component: Console

CVE-2020-14882 is a vulnerability in the Console component of Oracle WebLogic Server. Oracle has highlighted this vulnerability as “easily exploitable” as it would allow an unauthenticated attacker to compromise the Oracle WebLogic server over HTTP resulting in the takeover of the targeted server. This vulnerability affects versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.

CVE-2019-17267 | Oracle WebLogic Server - Component: Centralized Thirdparty Jars (jackson-databind)

CVE-2019-17267 is a vulnerability in the Centralized Thirdparty Jars (jackson-databind) component of Oracle WebLogic Server. Oracle notes that this vulnerability is “easily exploitable” and would allow an unauthenticated attacker with network access over HTTP to compromise and take over a targeted server. Version 12.2.1.3.0 is the only version affected by this vulnerability.

Oracle has assigned all five of the vulnerabilities discussed in this section a CVSSv3.1 score of 9.8 due to their impact and ease of exploitation. Oracle WebLogic Server vulnerabilities have appeared in every Oracle CPU this year.

Oracle WebLogic Servers have always been a prime target for threat actors. On April 30,, Oracle published a blog post warning of in-the-wild exploitation of CVE-2020-2883, a deserialization vulnerability in the Oracle Coherence library of Oracle WebLogic Server that was patched in the April 2020 Oracle CPU. CVE-2020-2883 is a patch bypass of CVE-2020-2555, another deserialization vulnerability in Oracle Web Server, which was included in the January 2020 CPU.

Less than a week after the July 2020 Oracle CPU, a PoC was released for CVE-2020-14645, another vulnerability affecting the Core component of Oracle WebLogic Server. Based on this consistent interest in WebLogic Server from threat actors and researchers, we expect to see additional patches and perhaps PoCs for this product in the future.

Solution

Customers are advised to apply all relevant patches in this CPU. Please refer to the October 2020 advisory for full details.

Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities will appear here as they’re released.

Get more information

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.

Get a free 30-day trial of Tenable.io Vulnerability Management.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training