VARIoT IoT vulnerabilities database
| VAR-202004-0659 | CVE-2019-5622 | Accellion File Transfer Appliance Trust Management Issue Vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials. (DoS) It may be put into a state. This product supports online sharing and file synchronization using AES 128/256. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use the default password or hard-coded passwords, hard-coded certificates, etc. to attack the affected components
| VAR-202004-1327 | CVE-2017-18855 | NETGEAR WNR854T injection vulnerability |
CVSS V2: 8.3 CVSS V3: 8.8 Severity: HIGH |
NETGEAR WNR854T devices before 1.5.2 are affected by command execution. NETGEAR WNR854T A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR854T is a wireless router of NETGEAR.
There is a security vulnerability in NETGEAR WNR854T before 1.5.2. Attackers can use this vulnerability to execute commands with administrator privileges
| VAR-202004-0532 | CVE-2020-12246 | Beeline Smart Box operating system command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter. (DoS) It may be put into a state. Beeline Smart Box is a wireless router of Russian Beeline company.
There is a security vulnerability in Beeline Smart Box version 2.0.38. Attackers can use the vulnerability to execute operating system commands through the ‘Ping ping_ipaddr’, ‘Nslookup nslookup_ipaddr’ or ‘Traceroute traceroute_ipaddr’ parameters
| VAR-202004-1328 | CVE-2017-18856 | NETGEAR ReadyNAS Injection vulnerabilities in devices |
CVSS V2: 4.6 CVSS V3: 6.7 Severity: MEDIUM |
NETGEAR ReadyNAS devices before 6.6.1 are affected by command injection. NETGEAR ReadyNAS A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Injection vulnerabilities exist in NETGEAR ReadyNAS OS 6.0 and later (version 6.6.1 has been fixed). The vulnerability stems from the fact that the network system or product lacks correct verification of user input data during the operation process of user input to construct commands, data structures, or records, and does not filter or correctly filter out special elements in it, resulting in parsing or failure of the system or product. Wrong way of interpreting
| VAR-202004-0653 | CVE-2019-5623 | Accellion File Transfer Appliance operating system command injection vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection'). (DoS) It may be put into a state. Accellion File Transfer Appliance is a file transfer device of American Accellion company. This product supports online sharing and file synchronization using AES 128/256. The vulnerability stems from the fact that the network system or product did not properly filter the special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands
| VAR-202004-1332 | CVE-2017-18860 | plural NETGEAR Injection vulnerabilities in devices |
CVSS V2: 3.6 CVSS V3: 7.7 Severity: HIGH |
Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier. plural NETGEAR A device contains an injection vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. NETGEAR FS752TP, etc. are all products of NETGEAR. NETGEAR FS752TP is a stackable smart switch. NETGEAR GS108T is an intelligent management switch. NETGEAR M6100 is a fully managed switch.
There are security holes in many NETGEAR products. Attackers can use the specially crafted URL to exploit the vulnerability to execute commands on the switch. This affects FS752TP 5.4.2.19 and previous versions, GS108Tv2 5.4.2.29 and previous versions, GS110TP 5.4.2.29 and previous versions, GS418TPP 6.6.2.6 and previous versions, GS510TLP 6.6.2.6 and previous versions, GS510TP 5.04.2.27 and previous versions, GS510TPP 6.6.2.6 and previous versions, GS716Tv2 5.4.2.27 and previous versions, GS716Tv3 6.3.1.16 and previous versions, GS724Tv3 5.4.2.27 and previous versions, GS724Tv4 6.3.1.16 and previous versions, GS728TPSB 5.3.0.29 and previous versions, GS728TSB 5.3.0.29 and previous versions, GS728TXS 6.1.0.35 and previous versions, GS748Tv4 5.4.2.27 and previous versions, GS748Tv5 6.3.1.16 and previous versions, GS752TPSB 5.3.0.29 and previous versions, GS752TSB 5.3.0.29 and previous versions, GS752TXS 6.1.0.35 and previous versions, M4200 12.0.2.10 and previous versions, M4300 12.0.2.10 and previous versions, M5300 11.0.0.28 and previous versions, M6100 11.0.0.28 and previous versions, M7100 11.0.0.28 and previous versions, S3300 6.6.1.4 and previous versions, XS708T 6.6.0.11 and previous versions, XS712T 6.1.0.34 and previous versions, and XS716T 6.6.0.11 and previous versions
| VAR-202004-1325 | CVE-2017-18853 | plural NETGEAR Information leakage vulnerabilities in devices |
CVSS V2: 5.0 CVSS V3: 6.5 Severity: MEDIUM |
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R7000 is a wireless router. NETGEAR R6900 is a wireless router.
There are security holes in many NETGEAR products. Attackers can use this vulnerability to recover passwords and access files. This affects D8500 1.0.3.27 and previous versions, DGN2200v4 1.0.0.82 and previous versions, R6300v2 1.0.4.06 and previous versions, R6400 1.0.1.20 and previous versions, R6400v2 1.0.2.18 and previous versions, R6700 1.0.1.22 and previous versions, R6900 1.0.1.20 and previous versions, R7000 1.0.7.10 and previous versions, R7000P 1.0.0.58 and previous versions, R7100LG 1.0.0.28 and previous versions, R7300DST 1.0.0.52 and previous versions, R7900 1.0.1.12 and previous versions, R8000 1.0.3.46 and previous versions, R8300 1.0.2.86 and previous versions, R8500 1.0.2.86 and previous versions, WNDR3400v3 1.0.1.8 and previous versions, and WNDR4500v2 1.0.0.62 and previous versions
| VAR-202004-0657 | CVE-2019-5620 | ABB MicroSCADA Pro SYS600 Access Control Error Vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. (DoS) It may be put into a state. ABB MicroSCADA Pro SYS600 is a set of monitoring and data acquisition software of Swiss ABB company. The software is mainly used for substation automation, SCADA electrical, distribution management applications and industrial power management.
ABB MicroSCADA Pro SYS600 version 9.3 has an access control error vulnerability, which originated from a network system or product incorrectly restricting access to resources from unauthorized roles. No detailed vulnerability details are currently available
| VAR-202004-2184 | CVE-2020-11024 | Moonlight iOS/tvOS Certificate validation vulnerabilities in |
CVSS V2: 4.9 CVSS V3: 8.2 Severity: HIGH |
In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS. Moonlight iOS/tvOS Exists in a certificate validation vulnerability.Information may be obtained and tampered with. Moonlight is an open source implementation of the NVIDIA GameStream protocol based on iOS and tvOS platforms. It is mainly used to stream game video to supported devices.
There are security vulnerabilities in Moonlight versions prior to 4.0.1 (iOS/tvOS). An attacker can use this vulnerability to induce an attacker to connect to a server controlled by the attacker by implementing a man-in-the-middle attack
| VAR-202004-2199 | CVE-2020-11023 | jQuery Cross-site scripting vulnerability in |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. jQuery Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java
applications based on the WildFly application runtime.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests
(CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent
attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter
method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of
scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt
UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new
JSONObject(map) cause StackOverflowError which may lead to dos
(CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests
1553413 - CVE-2017-18214 nodejs-moment: Regular expression denial of service
1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
1601616 - CVE-2018-14041 bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute
1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute
1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1850004 - CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
2124682 - CVE-2022-3143 wildfly-elytron: possible timing attacks via use of unsafe comparator
2134291 - CVE-2022-40152 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays
2135770 - CVE-2022-40150 jettison: memory exhaustion via user-supplied XML or JSON data
2135771 - CVE-2022-40149 jettison: parser crash by stackoverflow
2145194 - CVE-2022-45047 mina-sshd: Java unsafe deserialization vulnerability
2155682 - CVE-2022-46364 Apache CXF: SSRF Vulnerability
2155970 - CVE-2022-45693 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos
6. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001
JBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001
JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001
JBEAP-23928 - Tracker bug for the EAP 7.4.9 release for RHEL-9
JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001
JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001
JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001
JBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001
JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value
JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001
JBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001
JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001
JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002
JBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001
JBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001
JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003
JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2
JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001
JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001
7. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
Advisory ID: RHSA-2021:1846-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1846
Issue date: 2021-05-18
CVE Names: CVE-2020-11023
====================================================================
1. Summary:
An update for the idm:DL1 and idm:client modules is now available for Red
Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
Red Hat Identity Management (IdM) is a centralized authentication, identity
management, and authorization solution for both traditional and cloud-based
enterprise environments.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
871208 - ipa sudorule-add-user should accept external users
1340463 - [RFE] Implement pam_pwquality featureset in IPA password policies
1357495 - ipa command provides stack trace when provided with single hypen commands
1484088 - [RFE]: Able to browse different links from IPA web gui in new tabs
1542737 - Incorrect certs are being updated with "ipa-certupdate"
1544379 - ipa-client-install changes system wide ssh configuration
1660877 - kinit is failing due to overflow in Root CA certificate's timestamp
1779981 - ipa-cert-fix warning message should use commercial name for the product.
1780328 - ipa-healthcheck - Mention that the default output format is JSON.
1780510 - Source 'ipahealthcheck.ipa.topology' not found is displayed when ipactl service is stopped
1780782 - ipa-cert-fix tool fails when the Dogtag CA SSL CSR is missing from CS.cfg
1784657 - Unlock user accounts after a password reset and replicate that unlock to all IdM servers
1809215 - Man page has incorrect examples; log location for healthcheck tool
1810148 - ipa-server-certinstall raises exception when installing IPA-issued web server cert
1812871 - Intermittent IdM Client Registration Failures
1824193 - Add Directory Server Healthchecks from lib389
1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution
1851835 - [RFE] IdM short-term certificates ACME provider
1857272 - negative option for token.mechanism not working correctly
1860129 - ipa trust-add fails when FIPS enabled
1866558 - ipa-healthcheck --input-file returns 1 on exit
1872603 - KRA Transport and Storage Certificates do not renew
1875001 - It is not possible to edit KDC database when the FreeIPA server is running
1882340 - nsslapd-db-locks patching no longer works
1891056 - ipa-kdb: support subordinate/superior UPN suffixes
1891505 - ipa-healthcheck returns msg": "{sssctl} {key} reports mismatch: sssd domains {sssd_domains} trust domains {trust_domains}"
1891735 - [Rebase] Rebase bind-dyndb-ldap to the recent upstream release
1891741 - [Rebase] Rebase slapi-nis to recent upstream release
1891832 - [Rebase] Rebase FreeIPA to a recent upstream release
1891850 - [Rebase] Rebase ipa-healthcheck to 0.7 upstream release
1894800 - IPA WebUI inaccessible after upgrading to RHEL 8.3.- idoverride-memberof.js missing
1901068 - Traceback while doing ipa-backup
1902173 - Uninstallation of IPA server with KRA installed displays 'ERROR: subprocess.CalledProcessError:'
1902727 - ipa-acme-manage enable fails after upgrade
1903025 - test failure in test_acme.py::TestACME::test_third_party_certs
1904484 - [Rebase] Rebase opendnssec to 2.1.7
1904612 - bind-dyndb-ldap: Rebased bind modifies so versions
1905919 - ipa-server-upgrade fails with traceback "exception: KeyError: 'DOMAIN'"
1909876 - ipa uninstall fails when dns not installed
1912845 - ipa-certupdate drops profile from the caSigningCert tracking
1922955 - Resubmitting KDC cert fails with internal server error
1923900 - Samba on IdM member failure
1924026 - Fix upstream test test_trust.py::test_subordinate_suffix
1924501 - ipa-client-install: Error trying to clean keytab: /usr/sbin/ipa-rmkeytab returned 7
1924812 - Fix upstream test test_smb.py::TestSMB::test_authentication_with_smb_cifs_principal_alias
1925410 - Cannot delete sudocmd with typo error e.g. "/usr/sbin/reboot."
1926699 - avc denial for gpg-agent with systemd-run
1926910 - ipa cert-remove-hold <invalid_cert_id> returns an incorrect error message
1928900 - Support new baseURL config option for ACME
1930426 - IPA krb5kdc crash possible doublefree ipadb_mspac_struct_free finish_process_as_req
1932289 - Sync ipatests from upstream to RHEL packages for FreeIPA 4.9 branch
1939371 - ipa-client-install displays false message 'sudo binary does not seem to be present on this system'
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.src.rpm
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm
ipa-4.9.2-3.module+el8.4.0+10412+5ecb5b37.src.rpm
ipa-4.9.2-3.module+el8.4.0+10413+a92f1bfa.src.rpm
ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8.src.rpm
ipa-healthcheck-0.7-3.module+el8.4.0+9008+94c5103b.src.rpm
opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm
python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm
slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.src.rpm
softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.src.rpm
aarch64:
bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm
bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm
bind-dyndb-ldap-debugsource-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm
ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-client-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10413+a92f1bfa.aarch64.rpm
ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-server-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
ipa-server-trust-ad-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.aarch64.rpm
opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64.rpm
opendnssec-debuginfo-2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64.rpm
opendnssec-debugsource-2.1.7-1.module+el8.4.0+9007+5084bdd8.aarch64.rpm
slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64.rpm
slapi-nis-debuginfo-0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64.rpm
slapi-nis-debugsource-0.56.6-1.module+el8.4.0+9005+f55ff3e7.aarch64.rpm
softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.aarch64.rpm
softhsm-debuginfo-2.6.0-5.module+el8.4.0+10227+076cd560.aarch64.rpm
softhsm-debugsource-2.6.0-5.module+el8.4.0+10227+076cd560.aarch64.rpm
softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560.aarch64.rpm
noarch:
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
ipa-client-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
ipa-client-common-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
ipa-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
ipa-common-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8.noarch.rpm
ipa-healthcheck-core-0.7-3.module+el8.4.0+9007+5084bdd8.noarch.rpm
ipa-healthcheck-core-0.7-3.module+el8.4.0+9008+94c5103b.noarch.rpm
ipa-python-compat-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
ipa-python-compat-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
ipa-selinux-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
ipa-selinux-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
ipa-server-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
ipa-server-dns-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
python3-ipaclient-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
python3-ipaclient-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
python3-ipalib-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
python3-ipalib-4.9.2-3.module+el8.4.0+10413+a92f1bfa.noarch.rpm
python3-ipaserver-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
python3-ipatests-4.9.2-3.module+el8.4.0+10412+5ecb5b37.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
ppc64le:
bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le.rpm
bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le.rpm
bind-dyndb-ldap-debugsource-11.6-2.module+el8.4.0+9328+4ec4e316.ppc64le.rpm
ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-client-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10413+a92f1bfa.ppc64le.rpm
ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-server-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
ipa-server-trust-ad-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.ppc64le.rpm
opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le.rpm
opendnssec-debuginfo-2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le.rpm
opendnssec-debugsource-2.1.7-1.module+el8.4.0+9007+5084bdd8.ppc64le.rpm
slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le.rpm
slapi-nis-debuginfo-0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le.rpm
slapi-nis-debugsource-0.56.6-1.module+el8.4.0+9005+f55ff3e7.ppc64le.rpm
softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le.rpm
softhsm-debuginfo-2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le.rpm
softhsm-debugsource-2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le.rpm
softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560.ppc64le.rpm
s390x:
bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.s390x.rpm
bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.s390x.rpm
bind-dyndb-ldap-debugsource-11.6-2.module+el8.4.0+9328+4ec4e316.s390x.rpm
ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-client-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10413+a92f1bfa.s390x.rpm
ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-server-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
ipa-server-trust-ad-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.s390x.rpm
opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x.rpm
opendnssec-debuginfo-2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x.rpm
opendnssec-debugsource-2.1.7-1.module+el8.4.0+9007+5084bdd8.s390x.rpm
slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x.rpm
slapi-nis-debuginfo-0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x.rpm
slapi-nis-debugsource-0.56.6-1.module+el8.4.0+9005+f55ff3e7.s390x.rpm
softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.s390x.rpm
softhsm-debuginfo-2.6.0-5.module+el8.4.0+10227+076cd560.s390x.rpm
softhsm-debugsource-2.6.0-5.module+el8.4.0+10227+076cd560.s390x.rpm
softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560.s390x.rpm
x86_64:
bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.x86_64.rpm
bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.x86_64.rpm
bind-dyndb-ldap-debugsource-11.6-2.module+el8.4.0+9328+4ec4e316.x86_64.rpm
ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-client-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-client-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-client-epn-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-client-samba-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-debuginfo-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-debugsource-4.9.2-3.module+el8.4.0+10413+a92f1bfa.x86_64.rpm
ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-server-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
ipa-server-trust-ad-debuginfo-4.9.2-3.module+el8.4.0+10412+5ecb5b37.x86_64.rpm
opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64.rpm
opendnssec-debuginfo-2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64.rpm
opendnssec-debugsource-2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64.rpm
slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64.rpm
slapi-nis-debuginfo-0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64.rpm
slapi-nis-debugsource-0.56.6-1.module+el8.4.0+9005+f55ff3e7.x86_64.rpm
softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64.rpm
softhsm-debuginfo-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64.rpm
softhsm-debugsource-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64.rpm
softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-11023
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYKPw+NzjgjWX9erEAQgLfw/9E1NpAyu3mF6dxWjh4ToapdkcAwPCcq1S
3iF/N4LrrpTfh6k+1H7OkYJ/pKp/DIbdTvJMpk7jsye7qAQZfpBxLr77zhvYFXeA
2ExnOgb/RM/6aVZ09SnlppJk10T6r+WNlmuBLFPejlX3JWTU0uvrK5LJvnlYctqF
+WymKWqlVs//iumxeAcZGIuRJToBVyTMr8+pAkkpTHd+gWzwNdOnABk5etgqnHhQ
NCyh4pEuYzcAE0T9TIrYAlPON9ejIVSgGLedsSWvBZln4gVcBx+L4gObnCu00Vgd
fe0q6gUTonlU2yBeRNuDw41cimTxmow9A4epcmiLFY2GAwM4RuWG+i4P1lnb0wYv
AxilFujIr/WPYtJIfHlFALJ2WQvjl25DHZ7IbldnhfmdS2nX6rY5P5sj/AgfNCmJ
hFObeg6V6h0t2R0om0OsQqCaewx1fJoSlelvhg06WQDuZKW0lFiPeXQCVlojptTC
H6iZ9/Yp1VzSwnu9u/TtYsRbZM0MSlBZrk9hXFH4H0IW4ZyWx8HABu83wLMA9+E0
FHdRhNLOeWF3aFk3QfA+LVRDLpOw5tmaMHZ1ezTsAYiBg/rzWDY0n9zLr8DJ6iKL
GIDysRlAIIivbw8nVSllT1ENHAO6hjkw0Ek/Ke2C4fWPLLSshmvPRxsW3TT34MsD
S706EKr7y88=PLEr
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
. Solution:
For information on upgrading Ansible Tower, reference the Ansible Tower
Upgrade and Migration Guide:
https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/
index.html
4. Description:
* Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)
* Improved Ansible Tower's web service configuration to allow for
processing more simultaneous HTTP(s) requests by default
* Updated several dependencies of Ansible Tower's User Interface to address
(CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)
* Updated to the latest version of python-psutil to address CVE-2019-18874
* Added several optimizations to improve performance for a variety of
high-load simultaneous job launch use cases
* Fixed workflows to no longer prevent certain users from being able to
edit approval nodes
* Fixed confusing behavior for social auth logins across distinct browser
tabs
* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault
credentials
3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202007-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/ <https://security.gentoo.org/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Cacti: Multiple vulnerabilities
Date: July 26, 2020
Bugs: #728678, #732522
ID: 202007-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Cacti, the worst of which
could result in the arbitrary execution of code.
Background
==========
Cacti is a complete frontend to rrdtool.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-analyzer/cacti < 1.2.13 >= 1.2.13
2 net-analyzer/cacti-spine
< 1.2.13 >= 1.2.13
-------------------------------------------------------------------
2 affected packages
Description
===========
Multiple vulnerabilities have been discovered in Cacti. Please review
the CVE identifiers referenced below for details.
Impact
======
Please review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Cacti users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/cacti-1.2.13"
All Cacti Spine users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=net-analyzer/cacti-spine-1.2.13"
References
==========
[ 1 ] CVE-2020-11022
https://nvd.nist.gov/vuln/detail/CVE-2020-11022 <https://nvd.nist.gov/vuln/detail/CVE-2020-11022>
[ 2 ] CVE-2020-11023
https://nvd.nist.gov/vuln/detail/CVE-2020-11023 <https://nvd.nist.gov/vuln/detail/CVE-2020-11023>
[ 3 ] CVE-2020-14295
https://nvd.nist.gov/vuln/detail/CVE-2020-14295 <https://nvd.nist.gov/vuln/detail/CVE-2020-14295>
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202007-03 <https://security.gentoo.org/glsa/202007-03>
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org <mailto:security@gentoo.org> or alternatively, you may file a bug at
https://bugs.gentoo.org <https://bugs.gentoo.org/>.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 <https://creativecommons.org/licenses/by-sa/2.5>
. Solution:
For OpenShift Container Platform 4.5 see the following documentation, which
will be updated shortly for release 4.5.1, for important instructions on
how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster
- -cli.html
| VAR-202004-1000 | CVE-2020-1817 | Huawei PCManager Vulnerability related to authority management in |
CVSS V2: 4.6 CVSS V3: 7.8 Severity: HIGH |
Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Due to improper permission management of specific files, local attackers with low permissions can inject commands to exploit this vulnerability. Successful exploit may cause privilege escalation. Huawei PCManager Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei PCManager is a set of computer management software developed by China Huawei (Huawei)
| VAR-202005-0050 | CVE-2020-10622 | LAquis SCADA LGX File Insufficient UI Warning Information Disclosure Vulnerability |
CVSS V2: 6.8 CVSS V3: 5.5 Severity: MEDIUM |
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users. LCDS LAquis SCADA There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the File.Read method when processing LGX files. When opening an LGX file, the user interface fails to warn the user of unsafe actions. An attacker can leverage this vulnerability to disclose information in the context of the current user. LCDS LAquis SCADA is a set of SCADA (Data Acquisition and Monitoring Control) system of Brazilian LCDS company. The system is mainly used for data collection and process control of equipment with communication technology.
LCDS LAquis SCADA 4.3.1 and previous versions have input validation error vulnerabilities that attackers can use to create arbitrary files. LCDS LAquis SCADA could allow a local authenticated malicious user to bypass security restrictions, caused by improper input validation
| VAR-202005-0047 | CVE-2020-10618 | LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
CVSS V2: 4.3 CVSS V3: 7.8 Severity: HIGH |
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users. LCDS LAquis SCADA There is an information leakage vulnerability in.Information may be obtained. This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the AddComboFile method when processing LGX files. When opening an LGX file, the user interface fails to warn the user of unsafe actions. An attacker can leverage this vulnerability to execute code in the context of the current user. LCDS LAquis SCADA is a set of SCADA (Data Acquisition and Monitoring Control) system of Brazilian LCDS company. The system is mainly used for data collection and process control of equipment with communication technology.
LCDS LAquis SCADA 4.3.1 and previous versions have information disclosure vulnerabilities that attackers can use to obtain sensitive information
| VAR-202005-0074 | CVE-2020-10916 | TP-Link TL-WA855RE Authentication vulnerability in firmware |
CVSS V2: 5.2 CVSS V3: 8.0 Severity: HIGH |
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. Was ZDI-CAN-10003. Zero Day Initiative To this vulnerability ZDI-CAN-10003 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. TP-Link TL-WA855RE is a wireless network signal extender of China TP-Link company. The vulnerability stems from the program's failure to properly verify the initial setup request
| VAR-202004-2160 | CVE-2020-8478 | plural ABB System 800xA Product injection vulnerabilities |
CVSS V2: 2.1 CVSS V3: 3.3 Severity: LOW |
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder. ABB System 800xA OPC Server , MMS Server , Base Software There is an injection vulnerability in.Information may be tampered with. ABB Ability System 800xA is a set of distributed control system for industrial control industry of Swiss ABB company.
ABB System 800xA (all versions) has a vulnerability in permissions and access control issues. Local attackers can use this vulnerability to inject data and affect the runtime data view displayed in Control Builder
| VAR-202004-1713 | CVE-2018-21202 | plural NETGEAR Out-of-bounds write vulnerabilities in devices |
CVSS V2: 5.8 CVSS V3: 8.8 Severity: HIGH |
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, and WNDR4500v3 prior to 1.0.0.54
| VAR-202004-1664 | CVE-2018-21218 | plural NETGEAR Classic buffer overflow vulnerability in the product |
CVSS V2: 5.8 CVSS V3: 8.8 Severity: HIGH |
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
| VAR-202004-1706 | CVE-2018-21195 | plural NETGEAR Out-of-bounds write vulnerabilities in devices |
CVSS V2: 5.2 CVSS V3: 6.8 Severity: MEDIUM |
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
| VAR-202004-2162 | CVE-2020-8481 | plural ABB Information leakage vulnerabilities in products |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer. plural ABB The product contains a vulnerability related to information leakage.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ABB Ability System 800xA and others are products of Swiss ABB company. ABB Ability System 800xA is a distributed control system for industrial control industry. ABB Compact HMI is a monitoring and data acquisition system. ABB Control Builder Safe is an engineering tool for configuring and downloading the AC 800M High Integrity security application.
There are information disclosure vulnerabilities in many ABB products. The vulnerability stems from programs writing sensitive information to unprotected files
| VAR-202004-1261 | CVE-2016-11058 | NETGEAR genie Application deadline vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs. Netgear genie is a program of Netgear Corporation that presents itself as a dashboard. Attackers can use this vulnerability to add and delete devices