{"id":486338,"date":"2022-11-29T05:03:42","date_gmt":"2022-11-29T07:03:42","guid":{"rendered":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-une-vulnerabilite-critique-du-middleware-oracle-fusion-activement-exploitee\/"},"modified":"2022-11-29T05:03:43","modified_gmt":"2022-11-29T07:03:43","slug":"la-cisa-met-en-garde-contre-une-vulnerabilite-critique-du-middleware-oracle-fusion-activement-exploitee","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-une-vulnerabilite-critique-du-middleware-oracle-fusion-activement-exploitee\/","title":{"rendered":"La CISA met en garde contre une vuln\u00e9rabilit\u00e9 critique du middleware Oracle Fusion activement exploit\u00e9e"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>L&#8217;Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) lundi <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/11\/28\/cisa-adds-two-known-exploited-vulnerabilities-catalog\" target=\"_blank\">ajout\u00e9e<\/a> une faille critique impactant Oracle Fusion Middleware sur ses vuln\u00e9rabilit\u00e9s exploit\u00e9es connues (<a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\">KEV<\/a>) Catalogue, citant des preuves d&#8217;exploitation active.<\/p>\n<p>La vuln\u00e9rabilit\u00e9, suivie comme <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-35587\" target=\"_blank\">CVE-2021-35587<\/a>affiche un score CVSS de 9,8 et affecte les versions 11.1.2.3.0, 12.2.1.3.0 et 12.2.1.4.0 d&#8217;Oracle Access Manager (OAM).<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEjRFZ8qsBvgTY-k97x35shkWsLwy9nml2qvGAhoSUrgnOv4cjMNq_Fxt3PX1-fGsYvukFgecZk_tEq7yo25JhDC5-Vs1Y7zQbdJRNWI2oxxbGupTJLIJ0PYz_4_8B6uWYsPON_7MgJlvofZuiWyadFpo71DOfXvGZzq6ie6zFQwJuzi2macqFLGR30PbA\/s1600\/Uptycs-728.jpg\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>L&#8217;exploitation r\u00e9ussie du bogue d&#8217;ex\u00e9cution de commande \u00e0 distance pourrait permettre \u00e0 un attaquant non authentifi\u00e9 disposant d&#8217;un acc\u00e8s au r\u00e9seau de compromettre compl\u00e8tement et de prendre le contr\u00f4le des instances d&#8217;Access Manager.<\/p>\n<p>&#8220;Cela peut donner \u00e0 l&#8217;attaquant un acc\u00e8s au serveur OAM, cr\u00e9er n&#8217;importe quel utilisateur avec n&#8217;importe quel privil\u00e8ge, ou simplement obtenir l&#8217;ex\u00e9cution de code sur le serveur de la victime&#8221;, a d\u00e9clar\u00e9 le chercheur en s\u00e9curit\u00e9 vietnamien Nguyen Jang (<a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/testanull\" target=\"_blank\">Janggggg<\/a>), qui a signal\u00e9 le bogue avec <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/peterjson\" target=\"_blank\">peterjson<\/a>, <a rel=\"nofollow noopener\" href=\"https:\/\/testbnull.medium.com\/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316\" target=\"_blank\">c&#8217;est not\u00e9<\/a> plus t\u00f4t ce mois de mars.<\/p>\n<p><iframe loading=\"lazy\" title=\"CVE-2021-35587 OAM Pre-Auth RCE PoC\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/pkoHPJSAB2o?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>Le probl\u00e8me a \u00e9t\u00e9 trait\u00e9 par Oracle dans le cadre de son <a rel=\"nofollow noopener\" href=\"https:\/\/www.oracle.com\/security-alerts\/cpujan2022.html\" target=\"_blank\">Mise \u00e0 jour du correctif critique<\/a> en janvier 2022.<\/p>\n<p>Des d\u00e9tails suppl\u00e9mentaires concernant la nature des attaques et l&#8217;ampleur des efforts d&#8217;exploitation ne sont pas clairs dans l&#8217;imm\u00e9diat.  Les donn\u00e9es recueillies par la soci\u00e9t\u00e9 de renseignement sur les menaces GreyNoise montrent que <a rel=\"nofollow noopener\" href=\"https:\/\/viz.greynoise.io\/query\/?gnql=cve%3ACVE-2021-35587\" target=\"_blank\">tentatives<\/a> \u00e0 <a rel=\"nofollow noopener\" href=\"https:\/\/viz.greynoise.io\/tag\/Oracle-Access-Manager-RCE-Attempt?days=30\" target=\"_blank\">armer la faille<\/a> sont en cours et proviennent des \u00c9tats-Unis, de la Chine, de Singapour et du Canada.<\/p>\n<p>La CISA a \u00e9galement ajout\u00e9 au catalogue KEV la faille de d\u00e9passement de m\u00e9moire tampon r\u00e9cemment corrig\u00e9e dans le navigateur Web Google Chrome (CVE-2022-4135) que le g\u00e9ant de l&#8217;Internet a reconnu comme ayant \u00e9t\u00e9 abus\u00e9e dans la nature.<\/p>\n<p>Les agences f\u00e9d\u00e9rales sont tenues d&#8217;appliquer les correctifs des fournisseurs d&#8217;ici le 19 d\u00e9cembre 2022 pour s\u00e9curiser les r\u00e9seaux contre les menaces potentielles.<\/p>\n<p><\/p>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/11\/cisa-warns-of-actively-exploited.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>L&#8217;Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) lundi ajout\u00e9e une faille critique impactant Oracle Fusion Middleware sur ses vuln\u00e9rabilit\u00e9s exploit\u00e9es connues (KEV) Catalogue, citant des preuves d&#8217;exploitation active. La vuln\u00e9rabilit\u00e9, suivie comme CVE-2021-35587affiche un score CVSS de 9,8 et affecte les versions 11.1.2.3.0, 12.2.1.3.0 et 12.2.1.4.0 d&#8217;Oracle Access Manager (OAM). L&#8217;exploitation r\u00e9ussie [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":486340,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[4807,4805,4168,841,22,4158,4165,4161,36372,20451,525,4157,4159,4171,4170,4167,4955,128264,4160,4163,4162,82197,4172,4169,196,4166,3667,4164],"class_list":["post-486338","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-activement","tag-cisa","tag-comment-pirater","tag-contre","tag-critique","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-exploitee","tag-fusion","tag-garde","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel-malveillant-de-ransomware","tag-met","tag-middleware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-oracle","tag-securite-informatique","tag-securite-internet","tag-une","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/486338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=486338"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/486338\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/486340"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=486338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=486338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=486338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}