CVE (Common Vulnerabilities and Exposures)
The weaknesses that I identified throughout my career and conveyed as a result of my security researches and contributed to the elimination of weaknesses.
2021 : Oracle CVE
I discovered a vulnerability at Oracle ORACLE OPERATIONAL DECISION SUPPORT SYSTEM .
- CVE-2021-2003
- * CVSSv3.1 Base Score: 5.4
- * CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- * Credited As: Omur Ugur of Turk Telekom
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.exploit-db.com/exploits/49444
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2003
2020 : Hewlett Packard Enterprise (HPE) CVE
CVE-2019-11997 : HPE Enhanced Internet Usage Manager (eIUM)
A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11997
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03975en_us
2019 : Oracle CVE
I discovered a vulnerability at Oracle Service Bus .
/CVE-2019-2576:
- Subject: XML ENTITY EXPANSION
- CVSSv3.0 Base Score: 5.3
- CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Credited As: Omur Ugur of Turk Telekom
/CVE-2019-2576:
- Subject: XML Entity Expansion Defect in OSB
- CVSSv3.0 Base Score: 5.3
- CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Credited As: Omur Ugur of Turk Telekom
/CVE-2019-2576:
- Subject: SOAP IMPLEMENTATION SUBJECT TO XML ENTITY EXPANSION
VULNERABILITY - CVSSv3.0 Base Score: 5.3
- CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Credited As: Omur Ugur of Turk Telekom
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://nvd.nist.gov/vuln/detail/CVE-2019-2576
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2576
- https://www.securityfocus.com/bid/107946
2019 : Huawei CVE
I discovered a vulnerability at Huawei product.
Note: Product name and description are not shared due to company confidentiality.
- HWPSIRT-2019-05128
- HWPSIRT-2019-05129