CVE-2016-0545

CVE-2016-0545 is a software vulnerability that affects the Oracle E-Business Suite. It is a flaw in the software's design or implementation that potentially allows unauthorized access or manipulation of data. This vulnerability was one of several exploited by the group known as Gold Melody between July 2020 and July 2022, according to cybersecurity firm Secureworks. The group leveraged this and other flaws to gain initial access to systems, using them as vectors for further exploitation. In addition to CVE-2016-0545, Gold Melody also exploited vulnerabilities in Apache Struts (CVE-2017-5638), Sitecore XP (CVE-2021-42237), and Flexera FlexNet (CVE-2021-4104). These attacks were observed across five separate incident response engagements conducted by Secureworks. The group took advantage of these vulnerabilities to breach systems, demonstrating a wide range of tools and tactics in their operations. The modus operandi of Gold Melody involved exploiting known vulnerabilities in internet-exposed servers to gain initial access. Besides the Oracle E-Business Suite, they targeted other systems such as WebLogic, Sitecor, Apache Struts, Log4j, JBoss MQ Java Message Service, and Citrix ShareFile. By exploiting these vulnerabilities, the group was able to infiltrate systems, indicating a sophisticated understanding of software vulnerabilities and a high level of technical skill.