High Vulnerabilities
Total Page:16
File Type:pdf, Size:1020Kb
Vulnerability Summary for the Week of April 26, 2021 The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9 • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9 Entries may include additional information provided by organizations and efforts sponsored by Ug-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of Ug-CERT analysis. High Vulnerabilities CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an CVE- avaya -- authenticated, remote attacker to send specially 2020- 2021- session_border_controller_for_en crafted messages and execute arbitrary commands 9 7034 04-23 terprise with the affected system privileges. Affected versions CONFIR of Avaya Session Border Controller for Enterprise M include 7.x, 8.0 through 8.1.1.x ibm -- spectrum_protect_backup- IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 2021- CVE- 7.2 archive_client could allow a local user to escalate their privileges to 04-26 2021- CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e take full control of the system due to insecure 20532 directory permissions. IBM X-Force ID: 198811. CONFIR M XF IBM Spectrum Protect Client 8.1.0.0-8 through CVE- 1.11.0 is vulnerable to a stack-based buffer overflow, 2021- caused by improper bounds checking when 2021- 29672 ibm -- spectrum_protect_client processing the current locale settings. A local attacker 7.2 04-26 CONFIR could overflow a buffer and execute arbitrary code on M the system with elevated privileges or cause the XF application to crash. IBM X-Force ID: 199479 SQL Injection in CVE- com/inxedu/OS/edu/controller/letter/AdminMsgSyste 2021- 2020- inxedu -- inxedu 7.5 mController in Inxedu v2.0.6 via the ids parameter to 04-29 35430 admin/letter/delsystem. MISC Improperly Controlled Modification of Object CVE- Prototype Attributes ('Prototype Pollution') in jquery- 2021- 2021- jquery-bbq_project -- jquery-bbq 7.5 bbq 1.2.1 allows a malicious user to inject properties 04-23 20086 into Object.prototype. MISC CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e CVE- Prototype pollution vulnerability in 'safe-obj' versions 2021- 1.0.0 through 1.0.2 allows an attacker to cause a 2021- manta -- safe-obj 7.5 25928 denial of service and may lead to remote code 04-26 MISC execution. MISC CVE- Aterm WG2600HS firmware Ver1.5.1 and earlier 2021- nec -- 2021- allows an attacker to execute arbitrary OS commands 10 20711 aterm_wg2600hs_firmware 04-26 via unspecified vectors. MISC MISC CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound 7.5 the regional allocator via regional_alloc. 04-27 25032 MISC CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound 7.5 the regional allocator via the ALIGN_UP macro. 04-27 25033 MISC CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound sldns_str2wire_dname_buf_origin, leading to an out- 7.5 04-27 25034 of-bounds write. MISC CVE- Unbound before 1.9.5 allows an out-of-bounds write 2021- 2019- nlnetlabs -- unbound 7.5 in sldns_bget_token_par. 04-27 25035 MISC CVE- Unbound before 1.9.5 allows an integer overflow in a 2021- 2019- nlnetlabs -- unbound 7.5 size calculation in dnscrypt/dnscrypt.c. 04-27 25038 MISC CVE- Unbound before 1.9.5 allows an integer overflow in a 2021- 2019- nlnetlabs -- unbound 7.5 size calculation in respip/respip.c. 04-27 25039 MISC Unbound before 1.9.5 allows an out-of-bounds write 2021- CVE- nlnetlabs -- unbound 7.5 via a compressed name in rdata_copy. 04-27 2019- CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e 25042 MISC Pulse Connect Secure 9.0R3/9.1R1 and higher is CVE- vulnerable to an authentication bypass vulnerability 2021- exposed by the Windows File Share Browser and 22893 pulsesecure -- Pulse Secure Collaboration features of Pulse Connect 2021- 7.5 MISC pulse_connect_secure Secure that can allow an unauthenticated user to 04-23 MISC perform remote arbitrary code execution on the Pulse MISC Connect Secure gateway. This vulnerability has been MISC exploited in the wild. Improperly Controlled Modification of Object CVE- Prototype Attributes ('Prototype Pollution') in purl 2021- 2021- purl_project -- purl 7.5 2.3.2 allows a malicious user to inject properties into 04-23 20089 Object.prototype. MISC Medium Vulnerabilities Primary CVSS Source & Description Published Vendor -- Product Score Patch Info Improperly Controlled Modification of Object CVE-2021- acemetrix -- jquery- Prototype Attributes ('Prototype Pollution') in jquery- 2021-04- 6.5 20087 deparam deparam 0.5.1 allows a malicious user to inject 23 MISC properties into Object.prototype. Cross-site scripting vulnerability in Aterm CVE-2021- aterm -- WG2600HS firmware Ver1.5.1 and earlier allows 2021-04- 20710 4.3 wg2600hs_firmware remote attackers to inject an arbitrary script via 26 MISC unspecified vectors. MISC An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, CVE-2020- avaya -- 2021-04- remote attacker to gain read access to information 4 7035 aura_orchestration_designer 23 that is stored on an affected system. The affected CONFIRM versions of Orchestration Designer includes all 7.x versions before 7.2.3. An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote CVE-2020- attacker to gain read access to information that is 2021-04- avaya -- callback_assist 4 7036 stored on an affected system. The affected versions of 23 CONFIRM Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info Improperly Controlled Modification of Object backbone-query- CVE-2021- Prototype Attributes ('Prototype Pollution') in 2021-04- parameters_project -- 6.5 20085 backbone-query-parameters 0.4.0 allows a malicious 23 backbone-query-parameters MISC user to inject properties into Object.prototype. CVE-2021- CNCSoft-B Versions 1.0.0.3 and prior is vulnerable criticalmanufacturing -- 2021-04- 22664 to an out-of-bounds write, which may allow an 6.8 cncsoft-b 27 MISC attacker to execute arbitrary code. MISC CVE-2021- Settings.aspx?view=About in Directum 5.8.2 allows 2021-04- 31794 directum -- directum 4.3 XSS via the HTTP User-Agent header. 24 MISC MISC An issue has been discovered in GitLab CE/EE CVE-2021- affecting all versions starting from 11.9. GitLab was 22205 2021-04- gitlab -- gitlab not properly validating image files that were passed 6.5 MISC 23 to a file parser which resulted in a remote command MISC execution. CONFIRM Insufficient data validation in V8 in Google Chrome CVE-2021- prior to 90.0.4430.93 allowed a remote attacker to 2021-04- google -- chrome 6.8 21227 potentially exploit heap corruption via a crafted 30 MISC HTML page. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info MISC GENTOO CVE-2021- Type confusion in V8 in Google Chrome prior to 21230 2021-04- google -- chrome 90.0.4430.93 allowed a remote attacker to potentially 6.8 MISC 30 exploit heap corruption via a crafted HTML page. MISC GENTOO CVE-2021- Use after free in Dev Tools in Google Chrome prior 21232 to 90.0.4430.93 allowed a remote attacker to 2021-04- google -- chrome 6.8 MISC potentially exploit heap corruption via a crafted 30 MISC HTML page. GENTOO CVE-2021- Type confusion in V8 in Google Chrome prior to 21224 90.0.4430.85 allowed a remote attacker to execute 2021-04- MISC google -- chrome 6.8 arbitrary code inside a sandbox via a crafted HTML 26 MISC page. DEBIAN GENTOO CVE-2021- Integer overflow in Mojo in Google Chrome prior to 2021-04- google -- chrome 6.8 21223 90.0.4430.85 allowed a remote attacker who had 26 MISC Primary CVSS Source & Description Published Vendor -- Product Score Patch Info compromised the renderer process to potentially MISC perform a sandbox escape via a crafted HTML page. DEBIAN GENTOO CVE-2021- Use after free in Blink in Google Chrome prior to 21206 89.0.4389.128 allowed a remote attacker to 2021-04- google -- chrome 6.8 MISC potentially exploit heap corruption via a crafted 26 MISC HTML page. GENTOO CVE-2021- Insufficient validation of untrusted input in V8 in 21220 Google Chrome prior to 89.0.4389.128 allowed a 2021-04- google -- chrome 6.8 MISC remote attacker to potentially exploit heap corruption 26 MISC via a crafted HTML page. GENTOO CVE-2021- Use after free in WebMIDI in Google Chrome prior 21213 to 90.0.4430.72 allowed a remote attacker to 2021-04- MISC google -- chrome 6.8 potentially exploit heap corruption via a crafted 26 MISC HTML page. DEBIAN GENTOO Use after free in IndexedDB in Google Chrome prior 2021-04- CVE-2021- google -- chrome 6.8 to 90.0.4430.72 allowed an attacker who convinced a 26 21207 Primary CVSS Source & Description Published Vendor -- Product Score Patch Info user to install a malicious extension to potentially MISC perform a sandbox escape via a crafted Chrome MISC Extension.