F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228) - Nessus
High Plugin ID: 118663This page contains detailed information about the F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.
Plugin Overview
ID: 118663
Name: F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228)
Filename: f5_bigip_SOL44923228.nasl
Vulnerability Published: 2018-04-19
This Plugin Published: 2018-11-02
Last Modification Time: 2022-01-31
Plugin Version: 1.4
Plugin Type: local
Plugin Family: F5 Networks Local Security Checks
Dependencies:
f5_bigip_detect.nbin
Required KB Items [?]: Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version, Host/local_checks_enabled, Settings/ParanoidReport
Vulnerability Information
Severity: High
Vulnerability Published: 2018-04-19
Patch Published: 2018-05-10
CVE [?]: CVE-2018-2783
CPE [?]: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip
Synopsis
The remote device is missing a vendor-supplied security patch.
Description
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). (CVE-2018-2783)
Impact
BIG-IP, BIG-IQ, F5 iWorkflow, Enterprise Manager, and Traffix SDC
Attacker with network access via multiple protocols may exploit this vulnerability with unauthorized access and manipulation to the affected data of all Java SE components.
LineRate
There is no impact; thisF5 productis not affected by this vulnerability.
Solution
Upgrade to one of the non-vulnerable versions listed in the F5 Solution K44923228.
Public Exploits
Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (GitHub)
Exploit Ease: Exploits (PoCs) are available
Here's the list of publicly known exploits and PoCs for verifying the F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228) vulnerability:
- GitHub: https://github.com/spiegel-im-spiegel/jvnman
[CVE-2018-2783]
Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.
WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.
Risk Information
CVSS Score Source [?]: CVE-2018-2783
CVSS V2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C
| CVSS Base Score: | 5.8 (Medium) |
| Impact Subscore: | 4.9 |
| Exploitability Subscore: | 8.6 |
| CVSS Temporal Score: | 4.3 (Medium) |
| CVSS Environmental Score: | NA (None) |
| Modified Impact Subscore: | NA |
| Overall CVSS Score: | 4.3 (Medium) |
| CVSS Base Score: | 7.4 (High) |
| Impact Subscore: | 5.2 |
| Exploitability Subscore: | 2.2 |
| CVSS Temporal Score: | 6.4 (Medium) |
| CVSS Environmental Score: | NA (None) |
| Modified Impact Subscore: | NA |
| Overall CVSS Score: | 6.4 (Medium) |
Go back to menu.
Plugin Source
This is the f5_bigip_SOL44923228.nasl nessus plugin source code. This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K44923228.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(118663);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/31");
script_cve_id("CVE-2018-2783");
script_name(english:"F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"Vulnerability in the Java SE, Java SE Embedded, JRockit component of
Oracle Java SE (subcomponent: Security). Supported versions that are
affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152;
JRockit: R28.3.17. Difficult to exploit vulnerability allows
unauthenticated attacker with network access via multiple protocols to
compromise Java SE, Java SE Embedded, JRockit. Successful attacks of
this vulnerability can result in unauthorized creation, deletion or
modification access to critical data or all Java SE, Java SE Embedded,
JRockit accessible data as well as unauthorized access to critical
data or complete access to all Java SE, Java SE Embedded, JRockit
accessible data. Note: Applies to client and server deployment of
Java. This vulnerability can be exploited through sandboxed Java Web
Start applications and sandboxed Java applets. It can also be
exploited by supplying data to APIs in the specified Component without
using sandboxed Java Web Start applications or sandboxed Java applets,
such as through a web service. CVSS 3.0 Base Score 7.4
(Confidentiality and Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). (CVE-2018-2783)
Impact
BIG-IP, BIG-IQ, F5 iWorkflow, Enterprise Manager, and Traffix SDC
Attacker with network access via multiple protocols may exploit this
vulnerability with unauthorized access and manipulation to the
affected data of all Java SE components.
LineRate
There is no impact; thisF5 productis not affected by this
vulnerability."
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K44923228"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K44923228."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2783");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/19");
script_set_attribute(attribute:"patch_publication_date", value:"2018/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/02");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K44923228";
vmatrix = make_array();
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["AFM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["AM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["APM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["ASM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["AVR"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["GTM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["LC"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["LTM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["PEM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
# WAM
vmatrix["WAM"] = make_array();
vmatrix["WAM"]["affected" ] = make_list("14.0.0","13.0.0-13.1.1","12.1.0-12.1.3","11.2.1-11.6.3");
vmatrix["WAM"]["unaffected"] = make_list("14.1.0","14.0.0.3","13.1.1.2","12.1.3.7");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
The latest version of this script can be found in these locations depending on your platform:
- Linux / Unix:
/opt/nessus/lib/nessus/plugins/f5_bigip_SOL44923228.nasl - Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\f5_bigip_SOL44923228.nasl - Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/f5_bigip_SOL44923228.nasl
Go back to menu.
How to Run
Here is how to run the F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):
- Click to start a New Scan.
- Select Advanced Scan.
- Navigate to the Plugins tab.
- On the top right corner click to Disable All plugins.
- On the left side table select F5 Networks Local Security Checks plugin family.
- On the right side table select F5 Networks BIG-IP : Oracle Java SE vulnerability (K44923228) plugin ID 118663.
- Specify the target on the Settings tab and click to Save the scan.
- Run the scan.
Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.
Basic usage:
/opt/nessus/bin/nasl f5_bigip_SOL44923228.nasl -t <IP/HOST>Run the plugin with audit trail message on the console:
/opt/nessus/bin/nasl -a f5_bigip_SOL44923228.nasl -t <IP/HOST>Run the plugin with trace script execution written to the console (useful for debugging):
/opt/nessus/bin/nasl -T - f5_bigip_SOL44923228.nasl -t <IP/HOST>Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):
/opt/nessus/bin/nasl -K /tmp/state f5_bigip_SOL44923228.nasl -t <IP/HOST>Go back to menu.
References
See also:
- https://www.tenable.com/plugins/nessus/118663
- https://support.f5.com/csp/article/K44923228
- https://vulners.com/nessus/F5_BIGIP_SOL44923228.NASL
- 160357 - IBM Java 6.0 < 6.0.16.65 / 6.1 < 6.1.8.65 / 7.0 < 7.0.10.25 / 7.1 < 7.1.4.25 / 8.0 < 8.0.5.15 Multiple Vulnerabilities
- 109202 - Oracle Java SE Multiple Vulnerabilities (April 2018 CPU)
- 109203 - Oracle Java SE Multiple Vulnerabilities (April 2018 CPU) (Unix)
- 109207 - Oracle JRockit R28.3.17 Multiple Vulnerabilities (April 2018 CPU)
- 111932 - Photon OS 1.0: Mysql / Openjdk PHSA-2018-1.0-0130 (deprecated)
- 121835 - Photon OS 1.0: Openjdk PHSA-2018-1.0-0130
- 106182 - RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2018:0099)
- 106183 - RHEL 6 / 7 : java-1.7.0-oracle (RHSA-2018:0100)
- 109304 - RHEL 6 : java-1.6.0-sun (RHSA-2018:1203)
- 109306 - RHEL 7 : java-1.6.0-sun (RHSA-2018:1205)
- 110115 - RHEL 7 : java-1.8.0-ibm (RHSA-2018:1721)
- 110116 - RHEL 6 : java-1.8.0-ibm (RHSA-2018:1722)
- 110117 - RHEL 7 : java-1.7.1-ibm (RHSA-2018:1723)
- 110118 - RHEL 6 : java-1.7.1-ibm (RHSA-2018:1724)
- 110692 - RHEL 6 : java-1.7.1-ibm (RHSA-2018:1974)
- 110793 - RHEL 6 : java-1.8.0-ibm (RHSA-2018:1975)
- 110186 - SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1447-1)
- 110223 - SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2018:1458-1)
- 110620 - SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:1738-1)
- 118267 - SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:1738-2)
- 110638 - SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1764-1)
- 118268 - SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2018:1764-2)
- 120060 - SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2068-1)
- 109723 - Ubuntu 16.04 LTS / 17.10 : OpenJDK 8 vulnerabilities (USN-3644-1)
Version
This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file f5_bigip_SOL44923228.nasl version 1.4. For more plugins, visit the Nessus Plugin Library.
Go back to menu.
