VARIoT IoT vulnerabilities database
| VAR-201912-2001 | No CVE | H3C ER6300G2 router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Hangzhou Huasan Communication Technology Co., Ltd. (referred to as Huasan Communication), mainly provides research, development, production, sales and services of IT infrastructure products and solutions.
Huasan ER6300G2 router has a weak password vulnerability. Attackers can use this vulnerability to log in to the router's backend.
| VAR-201912-2012 | No CVE | H3C ER3260 router has weak password vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Hangzhou Huasan Communication Technology Co., Ltd. (referred to as Huasan Communication), mainly provides research, development, production, sales and services of IT infrastructure products and solutions.
Huasan ER3260 router has a weak password vulnerability. Attackers can use this vulnerability to log in to the router's backend.
| VAR-201912-1212 | CVE-2019-16871 | Beckhoff Embedded Windows PLCs and Beckhoff Twincat Input validation vulnerability |
CVSS V2: 9.3 CVSS V3: 9.8 Severity: CRITICAL |
Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. Beckhoff Embedded Windows PLCs and Beckhoff Twincat Contains an input validation vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Beckhoff TwinCAT is a set of programming software for programmable logic controllers (PLCs) from the German company Beckhoff.
There are security holes in Beckhoff TwinCAT 2/3. An attacker could use the Beckhoff ADS protocol to exploit this vulnerability to execute code with SYSTEM permissions
| VAR-201912-0889 | CVE-2019-17571 | Log4j Vulnerable to unreliable data deserialization |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Log4j Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. (CVE-2019-17571)
A flaw was found in the Java logging library Apache Log4j in version 1.x. This allows a remote malicious user to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint. (CVE-2021-4104).
For the oldstable distribution (stretch), this problem has been fixed
in version 1.2.17-7+deb9u1.
For the stable distribution (buster), this problem has been fixed in
version 1.2.17-8+deb10u1.
We recommend that you upgrade your apache-log4j1.2 packages.
For the detailed security status of apache-log4j1.2 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/apache-log4j1.2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6/FH1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RAJQ/9HLo721J7x4kWxFiWIP0Ui1xl8ZM6MBhA8qYfUD4DxKoHHfvYEq6Q7TTD
+FlTX5rRrjvgHF+MgxG1XDHtwv7XWhczEiHzZKHLCX3CsG+AL+CMmGoVqBtKEncC
FGYbVCSKYzxM8LaX2G1EyCzT2zfGZvPT5nFT7zAV0Ge6vpvWklF0s168h4pbG9hE
cF6aPqAlWMy5pLVRI+3XE1og4MECjqXB9a7HSWlHfur6NSnQlrHhWOCDJBw5zpPu
AKEfW5GvBaCdxdat1xTFqCu6h5387dtNsBlRrefp9q+fcrGj2Z351Lv7ccG5Co8T
e/7iNyABu2fmi8x4WFQwS3PY4AsM/2sa+KHfXnttSXcQniXAccg6S1eCaWVqdNfZ
3LPmeBC5gX3UqDNZTVv+kvHvv7EsD1/6bMeVZlKQZkYAeysbLWdjkA+88f6kaVwD
qv6mWCGo5k7ZoWCUKD1Zjz8VwBT4EI/2II5D93QgblVkHDX9CESfipIjJBJp7aJ7
wS2kvdXOko3JDaJbScpGmCnjCb5NhJ1KiBZSzXYHv3uhoqlI5QvYvC1bFHqC2GnT
cF4syuMELN6nZ/Yoz8sJiT4Ilppz98vLerHbJoJZIPEOh15k8UKaFkdt5CpI8MGK
4+sL2iWyTtCjGYGuhDkk0KyLcqijybv282VIkXDtAetpi8MTdsE=
=eH9L
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: log4j security update
Advisory ID: RHSA-2022:5053-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:5053
Issue date: 2022-06-15
CVE Names: CVE-2019-17571
=====================================================================
1. Summary:
An update for log4j is now available for Red Hat Enterprise Linux 6
Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 6 ELS) - i386, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64
3. Description:
Log4j is a tool to help the programmer output log statements to a variety
of output targets.
Security Fix(es):
* log4j: deserialization of untrusted data in SocketServer (CVE-2019-17571)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Server (v. 6 ELS):
Source:
log4j-1.2.14-6.7.el6_10.src.rpm
i386:
log4j-1.2.14-6.7.el6_10.i686.rpm
log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm
s390x:
log4j-1.2.14-6.7.el6_10.s390x.rpm
log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm
x86_64:
log4j-1.2.14-6.7.el6_10.x86_64.rpm
log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6 ELS):
i386:
log4j-debuginfo-1.2.14-6.7.el6_10.i686.rpm
log4j-javadoc-1.2.14-6.7.el6_10.i686.rpm
log4j-manual-1.2.14-6.7.el6_10.i686.rpm
s390x:
log4j-debuginfo-1.2.14-6.7.el6_10.s390x.rpm
log4j-javadoc-1.2.14-6.7.el6_10.s390x.rpm
log4j-manual-1.2.14-6.7.el6_10.s390x.rpm
x86_64:
log4j-debuginfo-1.2.14-6.7.el6_10.x86_64.rpm
log4j-javadoc-1.2.14-6.7.el6_10.x86_64.rpm
log4j-manual-1.2.14-6.7.el6_10.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-17571
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYqnJeNzjgjWX9erEAQgGiQ/8DiTAwAZPNPQlrV5ItJ3I3AxT4ruBA995
bPYquIN3zX0afhrGRMWTs/aD/4vYkbUtLA5QzqYlE1dsbleGHcAbxmSfY+wE8tE7
Bg02UGNI7bru25JPZE5lSuNA8McZw/aBRcorwhSVRiBQ1GbPMQqAimbrNx98r6Qe
QLupPSuNmbczUOh9X4gbPoqEeIizf8MtYbMS+LbpeIZWH7rELk3t7o63MerkAIYi
yWjXzL8Xn3ylflXUzdRNIJ8QZC+nU7kgib3Ugm4TbC9F5A0w7TiAomb9qnHOP+mW
2HoGje7VZIeGX7rwtCIttW5Z9/LztkhXb/Yk1tzMM3Jo/HWgqoP8dULxian7L8aE
DFlrGSbF0OQTDiYGVgGX2uW89Yi/XbX1nP7q0MtBq0D5P7z7yLKfHNyeksX+TFyV
kxhUrHY8u3JLvWxWBoRzEH8TOhuoMXRIp/FkDpnnM6dDbwSyQsalGZzWnTqOHSwi
sZDFnmuLQDUZQtslb4suSRgdQbu0xnvc+i38jbhoEOcH4xJGZnizRY/97wytq3Jp
nBj2G0sRSMNlbcA4rr0zzTT6K/HiBhI9OWn3n76lj7jySFYrIUmPgCNhZy5dV1vx
nK0c1WI+oRXn4xT4ekCYQUM/uysgWfeVLr9b2ArwaxMxvc4GiLA713gUgelejl6h
9kT6WndTNP0=
=VXI/
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202402-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Apache Log4j: Multiple Vulnerabilities
Date: February 18, 2024
Bugs: #719146
ID: 202402-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in Apache Log4j, the worst
of which can lead to remote code execution.
Background
==========
Log4j is a Java logging framework that supports various use cases with a
rich set of components, a separate API, and a performance-optimized
implementation.
Affected packages
=================
Package Vulnerable Unaffected
-------------- ------------ ------------
dev-java/log4j <= 1.2.17 Vulnerable!
Description
===========
Multiple vulnerabilities hav been discovered in Apache Log4j. Please
review the CVE identifiers referenced below for details.
Impact
======
Please review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
Gentoo has discontinued support for log4j. We recommend that users
unmerge it:
# emerge --ask --depclean "dev-java/log4j"
References
==========
[ 1 ] CVE-2019-17571
https://nvd.nist.gov/vuln/detail/CVE-2019-17571
[ 2 ] CVE-2020-9488
https://nvd.nist.gov/vuln/detail/CVE-2020-9488
[ 3 ] CVE-2020-9493
https://nvd.nist.gov/vuln/detail/CVE-2020-9493
[ 4 ] CVE-2022-23302
https://nvd.nist.gov/vuln/detail/CVE-2022-23302
[ 5 ] CVE-2022-23305
https://nvd.nist.gov/vuln/detail/CVE-2022-23305
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202402-16
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2024 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. Description:
Red Hat JBoss Data Virtualization is a lean data integration solution that
provides easy, real-time, and unified data access across disparate sources
to multiple applications and users. JBoss Data Virtualization makes data
spread across physically distinct systems - such as multiple databases, XML
files, and even Hadoop systems - appear as a set of tables in a local
database.
This Service Pack release of Red Hat JBoss Data Virtualization 6.4.8.SP1
(Service Pack 1) serves as a replacement for Red Hat JBoss Data
Virtualization 6.4.8, and mitigates the impact of the log4j CVE's
referenced in this document by removing the affected classes from the
patch. Solution:
Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.
The References section of this erratum contains a download link (you must
log in to download the update). Bugs fixed (https://bugzilla.redhat.com/):
1785616 - CVE-2019-17571 log4j: deserialization of untrusted data in SocketServer
1831139 - CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender
2031667 - CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender
2041949 - CVE-2022-23302 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink
2041959 - CVE-2022-23305 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender
2041967 - CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer
5. =========================================================================
Ubuntu Security Notice USN-5998-1
April 05, 2023
apache-log4j1.2 vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Apache Log4j.
Software Description:
- apache-log4j1.2: Java-based open-source logging tool
Details:
It was discovered that the SocketServer component of Apache Log4j 1.2
incorrectly handled deserialization. An attacker could possibly use this issue
to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM.
(CVE-2019-17571)
It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly
handled deserialization. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-23302)
It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL
statements. A remote attacker could possibly use this issue to perform an SQL
injection attack and alter the database. This issue was only fixed in Ubuntu
18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305)
It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly
handled deserialization. An attacker could possibly use this issue to execute
arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2022-23307)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
liblog4j1.2-java 1.2.17-9ubuntu0.2
Ubuntu 18.04 LTS:
liblog4j1.2-java 1.2.17-8+deb10u1ubuntu0.2
Ubuntu 16.04 ESM:
liblog4j1.2-java 1.2.17-7ubuntu1+esm1
In general, a standard system update will make all the necessary changes
| VAR-201912-1337 | CVE-2019-19693 | Trend Micro Security 2020 Vulnerable to information disclosure |
CVSS V2: 3.6 CVSS V3: 7.1 Severity: HIGH |
The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. By creating a junction, an attacker can abuse the service to delete arbitrary files
| VAR-201912-0831 | CVE-2019-7484 | SonicWall SMA100 SQL Injection Vulnerability |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. SonicWall SMA100 In SQL An injection vulnerability exists.Information may be obtained. SonicWall SMA100 is a secure access gateway device from SonicWall, USA. The vulnerability stems from the lack of validation of externally entered SQL statements by database-based applications. Attackers can use this vulnerability to execute illegal SQL commands
| VAR-201912-1171 | CVE-2019-11995 | HPE UIoT Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance. HPE UIoT Contains an information disclosure vulnerability.Information may be obtained. HPE UIoT is a universal IoT platform from Hewlett Packard Enterprise (HPE). The platform has functions such as data analysis, currency security and synchronization management
| VAR-201912-1023 | CVE-2019-19889 | Humax Wireless Voice Gateway HGB10R-2 Vulnerability in the transmission of important information in clear text on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. The attacker can discover admin credentials in the backup file, aka backupsettings.conf. The product includes features such as modems, IP phones and routers
| VAR-201912-1730 | CVE-2019-11399 | plural TRENDnet In product devices OS Command injection vulnerability |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. OS command injection occurs through the get_set.ccp lanHostCfg_HostName_1.1.1.0.0 parameter. TRENDnet TEW-651BR , TEW-652BRP , TEW-652BRU The device includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TRENDnet TEW-651BR and others are all wireless routers from TRENDnet.
An operating system command injection vulnerability exists in TRENDnet TEW-651BR version 2.04B1, TEW-652BRP version 3.04b01, and TEW-652BRU version 1.00b12. The vulnerability originates from the process of externally inputting data to construct the executable command of the operating system, and the network system or product does not properly filter the special characters, commands, etc., and an attacker can use this vulnerability to execute illegal operating system commands
| VAR-201912-0055 | CVE-2019-5276 | Huawei Classic buffer overflow vulnerability in smartphones |
CVSS V2: 5.8 CVSS V3: 8.8 Severity: HIGH |
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. Huawei Smartphones contain a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei ELLE-AL00B is a smartphone from China's Huawei
| VAR-201912-0065 | CVE-2019-5267 | Huawei OceanStor SNS3096 Information Disclosure Vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. Huawei OceanStor SNS3096 is a data center-oriented fiber switch from China's Huawei
| VAR-201912-1550 | CVE-2019-18996 | ABB PB610 Panel Builder 600 Vulnerabilities related to untrusted search paths |
CVSS V2: 4.4 CVSS V3: 7.8 Severity: HIGH |
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context. ABB PB610 Panel Builder 600 Contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABB PB610 Panel Builder 600 is a software that designs a graphical user interface for the CP600 control panel platform. An attacker could exploit this vulnerability to execute code within the context of the application
| VAR-201912-0832 | CVE-2019-7485 | SonicWall SMA100 Vulnerable to classic buffer overflow |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. SonicWall SMA100 Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SonicWall SMA100 is a secure access gateway device from SonicWall, USA. This vulnerability is caused by a network system or product performing incorrect operations on the memory and incorrectly verifying the data boundaries, resulting in incorrect reads and writes to associated memory locations. Operation, an attacker could use this vulnerability to cause a buffer overflow or heap overflow
| VAR-201912-1549 | CVE-2019-18995 | ABB PB610 Panel Builder 600 Input validation vulnerability |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting. ABB PB610 Panel Builder 600 Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ABB PB610 Panel Builder 600 is a software that designs a graphical user interface for the CP600 control panel platform. The vulnerability stems from the failure of the network system or product to properly validate the input data
| VAR-201912-1731 | CVE-2019-11400 | plural TRENDnet Buffer error vulnerability in product devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter. TRENDnet TEW-651BR , TEW-652BRP , TEW-652BRU The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TRENDnet TEW-651BR and others are all wireless routers from TRENDnet.
A buffer overflow vulnerability exists in TRENDnet TEW-651BR version 2.04B1, TEW-652BRP version 3.04b01, and TEW-652BRU version 1.00b12. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be associated with other memory locations
| VAR-201912-0063 | CVE-2019-5265 | Huawei P30 Access Control Error Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. The Huawei P30 is a smartphone from China's Huawei
| VAR-201912-0830 | CVE-2019-7483 | SonicWall SMA100 Path Traversal Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. SonicWall SMA100 Contains a path traversal vulnerability.Information may be obtained. SonicWall SMA100 is a secure access gateway device from SonicWall, USA. The vulnerability stems from a network system or product's failure to properly filter special elements in a resource or file path. An attacker could use this vulnerability to access locations outside the restricted directory
| VAR-201912-1551 | CVE-2019-18997 | ABB PB610 Panel Builder 600 Vulnerable to unauthorized authentication |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access. PB610 HMISimulator is one of the PB610 simulator components
| VAR-201912-1548 | CVE-2019-18994 | ABB PB610 Panel Builder 600 Input validation vulnerability |
CVSS V2: 3.5 CVSS V3: 6.5 Severity: MEDIUM |
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service. ABB PB610 Panel Builder 600 Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. ABB PB610 Panel Builder 600 is a software that designs a graphical user interface for the CP600 control panel platform. The vulnerability stems from the fact that the network system or product did not correctly verify the input data.
ABB CP651 HMI has a vulnerability in trust management issues
| VAR-201912-0064 | CVE-2019-5266 | Huawei P30 Input Validation Error Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. The Huawei P30 is a smartphone from China's Huawei