HTTP: Oracle Endeca Information Discovery Integrator ETL Server RenameFile Directory Traversal
This signature detects attempts to exploit a known flaw in Oracle Endeca Information Discovery Integrator ETL Server.. A successful attack can result in directory traversal attacks.
Extended Description
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745.
Affected Products
Oracle fusion_middleware
References
CVE: CVE-2015-2606
Short Name
HTTP:DIR:ORACLE-INFO-DISCOVERY
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-2606 Directory Discovery ETL Endeca Information Integrator Oracle RenameFile Server Traversal
Release Date
08/27/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3716
False Positive
Unknown
Vendors
Oracle
CVSS Score
7.5