вторник, 12 май 2020 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (41 items)

New vulnerabilities from the NVD: CVE-2019-10091

When TLS is enabled with ssl-endpoint-identification-enabled set to true, Apache Geode fails to perform hostname verification of the entries in the certificate SAN during the SSL handshake. This could compromise intra-cluster communication using a man-in-the-middle attack.
Published at: March 16, 2020 at 04:15PM
View on website

March 16, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-13063

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.
Published at: March 16, 2020 at 05:15PM
View on website

March 16, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-13060

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue.
Published at: March 16, 2020 at 05:15PM
View on website

March 16, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-10125

Contao before 4.5.7 has XSS in the system log.
Published at: March 16, 2020 at 05:15PM
View on website

March 16, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11073

A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Transaction Sensor and set specific settings when the sensor is executed.
Published at: March 16, 2020 at 09:15PM
View on website

March 16, 2020 at 11:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-19325

tcpdump 4.9.2 (and probably lower versions) is prone to a heap-based buffer over-read in the EXTRACT_32BITS function (extract.h, called from the rx_cache_find function, print-rx.c) due to improper serviceId sanitization.
Published at: March 16, 2020 at 09:15PM
View on website

March 16, 2020 at 11:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-12842

Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an autonomous system relies solely on an SPV proof for transactions of a greater dollar amount.
Published at: March 16, 2020 at 10:15PM
View on website

March 17, 2020 at 01:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11074

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges (although not controlling the contents of such files) due to insufficient sanitisation when passing arguments to the phantomjs.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Full Web Page Sensor and set specific settings when executing the sensor.
Published at: March 17, 2020 at 05:15PM
View on website

March 17, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-21037

Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.
Published at: March 17, 2020 at 05:15PM
View on website

March 17, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-18576

The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.
Published at: March 17, 2020 at 05:15PM
View on website

March 17, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11939

Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00.
Published at: March 18, 2020 at 03:15AM
View on website

March 18, 2020 at 08:21AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11689

An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl fail to properly validate server responses and pass unsanitized text to the system shell, resulting in code execution as root.
Published at: March 18, 2020 at 05:15PM
View on website

March 18, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11688

An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.
Published at: March 18, 2020 at 05:15PM
View on website

March 18, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10682

django-nopassword before 5.0.0 stores cleartext secrets in the database.
Published at: March 18, 2020 at 05:15PM
View on website

March 18, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10146

A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.
Published at: March 18, 2020 at 05:15PM
View on website

March 18, 2020 at 07:21PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10178

It was found that the Token Processing Service (TPS) did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting (XSS) vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would execute arbitrary JavaScript code when viewed in a browser. All versions of pki-core are believed to be vulnerable.
Published at: March 18, 2020 at 06:15PM
View on website

March 18, 2020 at 08:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12124

An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12123

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsXml with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12122

An issue was discovered in ONAP Portal through Dublin. By executing a call to ONAPPORTAL/portalApi/loggedinUser, an attacker who possesses a user's cookie may retrieve that user's password from the database. All Portal setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12121

An issue was detected in ONAP Portal through Dublin. By executing a padding oracle attack using the ONAPPORTAL/processSingleSignOn UserId field, an attacker is able to decrypt arbitrary information encrypted with the same symmetric key as UserId. All Portal setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12120

An issue was discovered in ONAP VNFSDK through Dublin. By accessing port 8000 of demo-vnfsdk-vnfsdk, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12119

An issue was discovered in ONAP SDC through Dublin. By accessing port 7000 of demo-sdc-sdc-wfd-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12118

An issue was discovered in ONAP SDC through Dublin. By accessing port 7001 of demo-sdc-sdc-wfd-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12117

An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12116

An issue was discovered in ONAP SDC through Dublin. By accessing port 6000 of demo-sdc-sdc-fe pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12115

An issue was discovered in ONAP SDC through Dublin. By accessing port 4000 of demo-sdc-sdc-be pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12114

An issue was discovered in ONAP HOLMES before Dublin. By accessing port 9202 of dep-holmes-engine-mgmt pod, an unauthenticated attacker (who already has access to pod-to-pod communication) may execute arbitrary code inside that pod. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12113

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12112

An issue was discovered in ONAP SDNC before Dublin. By executing sla/upload with a crafted filename parameter, an unauthenticated attacker can execute an arbitrary command. All SDC setups that include admportal are affected.
Published at: March 18, 2020 at 09:15PM
View on website

March 18, 2020 at 10:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-12128

In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected.
Published at: March 19, 2020 at 04:15PM
View on website

March 19, 2020 at 06:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11361

Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover.
Published at: March 19, 2020 at 07:15PM
View on website

March 19, 2020 at 08:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2014-2723

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
Published at: March 19, 2020 at 06:15PM
View on website

March 19, 2020 at 08:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2014-2722

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
Published at: March 19, 2020 at 06:15PM
View on website

March 19, 2020 at 08:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2014-2721

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
Published at: March 19, 2020 at 06:15PM
View on website

March 19, 2020 at 08:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20335

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
Published at: March 20, 2020 at 03:15AM
View on website

March 20, 2020 at 07:55AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
Published at: March 20, 2020 at 03:15AM
View on website

March 20, 2020 at 07:55AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-20333

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
Published at: March 20, 2020 at 03:15AM
View on website

March 20, 2020 at 07:55AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10221

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.
Published at: March 20, 2020 at 05:15PM
View on website

March 20, 2020 at 06:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-10179

A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
Published at: March 20, 2020 at 05:15PM
View on website

March 20, 2020 at 06:55PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2019-11574

An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.
Published at: March 21, 2020 at 01:15AM
View on website

March 21, 2020 at 02:55AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2013-7487

On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system�, which allows remote attackers to execute arbitrary code via TCP port 9000.
Published at: March 21, 2020 at 03:15AM
View on website

March 21, 2020 at 07:55AM

via National Vulnerability Database


Няма коментари:

Публикуване на коментар