While a CVE ID and severity rating haven’t been issued yet, Matan said it was brought to Oracle’s notice and was swiftly remediated by the company.
CSRF oversight leading to RCE
OCI’s Code Editor, a web-based IDE built for managing resources like Functions, Resource Manager, and Data Science, was designed for seamless developer workflows. But it’s tight integration with Cloud Shell, Oracle’s browser-based command-line environment, that shares session context, file systems, and runtime environment, created the exposure.
Tenable researchers found that while Cloud Shell’s direct upload mechanism played by the rules, Code Editor quietly exposed a file upload endpoint, lacking cross-site request forgery (CSRF) protections.
