Oracle Application Testing Suite 13.3.0.1 Load Testing for Web Apps denial of service
A vulnerability was found in Oracle Application Testing Suite 13.3.0.1. It has been classified as critical. This affects an unknown part of the component Load Testing for Web Apps. The manipulation leads to denial of service. The CWE definition for the vulnerability is CWE-404. The weakness was shared 01/16/2024 as Oracle Critical Patch Update Advisory - January 2024. It is possible to read the advisory at oracle.com. This vulnerability is uniquely identified as CVE-2023-2618. It is possible to initiate the attack remotely. There are no technical details available. There is no exploit available. The pricing for an exploit might be around USD $0-$5k at the moment. The attack technique deployed by this issue is T1499 according to MITRE ATT&CK. It is declared as not defined. We expect the 0-day to have been worth approximately $5k-$25k. The bugfix is ready for download at github.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.