| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Dell EMC Unisphere
PostgreSQL: SQL injection via pg_upgrade/pg_dump
Synthesis of the vulnerability
An attacker can use a SQL injection via pg_upgrade/pg_dump of PostgreSQL, in order to read or alter data.
Impacted products: Debian, Unisphere EMC, openSUSE Leap, PostgreSQL, Puppet, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: user account.
Creation date: 08/11/2018.
Revision date: 09/11/2018.
Identifiers: 528379, CVE-2018-16850, DLA-1642-1, DSA-2018-208, openSUSE-SU-2018:3893-1, openSUSE-SU-2018:4031-1, RHSA-2018:3757-01, SUSE-SU-2018:3770-1, SUSE-SU-2018:3770-2, USN-3818-1, VIGILANCE-VUL-27738.
Description of the vulnerability
The PostgreSQL product uses a database.
However, user's data are directly inserted in a SQL query.
An attacker can therefore use a SQL injection via pg_upgrade/pg_dump of PostgreSQL, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial) |
Oracle Java: vulnerabilities of October 2018
Synthesis of the vulnerability
Several vulnerabilities were announced in Oracle products.
Impacted products: Debian, Unisphere EMC, Fedora, AIX, IBM API Connect, DB2 UDB, IBM i, IRAD, Rational ClearCase, Security Directory Server, Tivoli System Automation, WebSphere AS Liberty, WebSphere AS Traditional, McAfee Web Gateway, Java OpenJDK, openSUSE Leap, Java Oracle, Puppet, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 17/10/2018.
Identifiers: 528379, CERTFR-2018-AVI-495, cpuoct2018, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3157, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3209, CVE-2018-3211, CVE-2018-3214, DLA-1590-1, DSA-2018-208, DSA-4326-1, FEDORA-2018-209371341e, FEDORA-2018-369ab0efc9, FEDORA-2018-5857f28069, FEDORA-2018-cca64e06ba, FEDORA-2018-ce61c1147d, ibm10729607, ibm10741443, ibm10742147, ibm10742149, ibm10743955, ibm10793419, ibm10796096, ibm10875314, ibm10881644, ibm10882604, ibm10883400, openSUSE-SU-2018:3235-1, openSUSE-SU-2019:0042-1, openSUSE-SU-2019:0043-1, RHSA-2018:2942-01, RHSA-2018:2943-01, RHSA-2018:3000-01, RHSA-2018:3001-01, RHSA-2018:3002-01, RHSA-2018:3003-01, RHSA-2018:3007-01, RHSA-2018:3008-01, RHSA-2018:3350-01, RHSA-2018:3409-01, RHSA-2018:3521-01, RHSA-2018:3533-01, RHSA-2018:3534-01, RHSA-2018:3671-01, RHSA-2018:3672-01, SB10255, SUSE-SU-2018:3868-1, SUSE-SU-2018:3920-1, SUSE-SU-2018:3921-1, SUSE-SU-2018:3933-1, SUSE-SU-2018:4064-1, SUSE-SU-2019:0049-1, SUSE-SU-2019:0057-1, SUSE-SU-2019:0057-2, SUSE-SU-2019:0058-1, USN-3804-1, USN-3824-1, USN-3830-1, VIGILANCE-VUL-27509, ZDI-18-1263.
Description of the vulnerability
Several vulnerabilities were announced in Oracle products.
Full Vigil@nce bulletin... (Free trial) |
Intel processors: information disclosure via Foreshadow L1TF Virtualization
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via L1TF Virtualization on Intel processors, in order to obtain sensitive information.
Impacted products: SNS, Mac OS X, Arkoon FAST360, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, XenServer, Debian, Avamar, NetWorker, Unisphere EMC, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, HP ProLiant, QRadar SIEM, Juniper EX-Series, Juniper J-Series, Junos OS, SRX-Series, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, Solaris, pfSense, RHEL, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere Hypervisor, VMware Workstation, Xen.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 16/08/2018.
Identifiers: 525211, 528031, ADV180018, CERTFR-2018-AVI-385, CERTFR-2018-AVI-386, CERTFR-2018-AVI-387, CERTFR-2018-AVI-388, CERTFR-2018-AVI-390, CERTFR-2018-AVI-391, CERTFR-2018-AVI-392, CERTFR-2018-AVI-416, CERTFR-2018-AVI-419, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2018-AVI-584, CERTFR-2019-AVI-169, CERTFR-2019-AVI-242, cisco-sa-20180814-cpusidechannel, cpuapr2019, cpujan2019, CTX236548, CVE-2018-3646, DLA-1481-1, DLA-1506-1, DSA-2018-170, DSA-2018-217, DSA-2019-030, DSA-4274-1, DSA-4279-1, DSA-4279-2, FEDORA-2018-1c80fea1cd, FEDORA-2018-f8cba144ae, FG-IR-18-002, Foreshadow, FreeBSD-SA-18:09.l1tf, HPESBHF03874, HT209139, HT209193, ibm10742755, INTEL-SA-00161, JSA10937, K31300402, openSUSE-SU-2018:2399-1, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2018:2434-1, openSUSE-SU-2018:2436-1, openSUSE-SU-2018:4304-1, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2388-01, RHSA-2018:2389-01, RHSA-2018:2390-01, RHSA-2018:2391-01, RHSA-2018:2392-01, RHSA-2018:2393-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2602-01, RHSA-2018:2603-01, SSA-254686, STORM-2018-005, SUSE-SU-2018:2328-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2394-1, SUSE-SU-2018:2401-1, SUSE-SU-2018:2409-1, SUSE-SU-2018:2410-1, SUSE-SU-2018:2480-1, SUSE-SU-2018:2482-1, SUSE-SU-2018:2483-1, SUSE-SU-2018:2528-1, SUSE-SU-2018:2596-1, SUSE-SU-2018:2637-1, SUSE-SU-2018:3490-1, SUSE-SU-2018:4300-1, Synology-SA-18:45, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3756-1, USN-3823-1, VIGILANCE-VUL-26999, VMSA-2018-0020, VU#982149, XSA-273, XSA-289.
Description of the vulnerability
An attacker can bypass access restrictions to data via L1TF Virtualization on Intel processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Intel processors: information disclosure via Foreshadow L1TF OS/SMM
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via L1TF OS/SMM on Intel processors, in order to obtain sensitive information.
Impacted products: SNS, Arkoon FAST360, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, XenServer, Debian, Avamar, NetWorker, Unisphere EMC, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, HP ProLiant, QRadar SIEM, Juniper EX-Series, Juniper J-Series, Junos OS, Junos Space, SRX-Series, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, OpenBSD, openSUSE Leap, Oracle Communications, pfSense, RHEL, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, vCenter Server, Xen.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 16/08/2018.
Identifiers: 525211, 528031, ADV180018, CERTFR-2018-AVI-385, CERTFR-2018-AVI-386, CERTFR-2018-AVI-387, CERTFR-2018-AVI-388, CERTFR-2018-AVI-390, CERTFR-2018-AVI-391, CERTFR-2018-AVI-392, CERTFR-2018-AVI-416, CERTFR-2018-AVI-419, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2018-AVI-584, CERTFR-2019-AVI-169, CERTFR-2019-AVI-242, cisco-sa-20180814-cpusidechannel, cpuapr2019, CTX236548, CVE-2018-3620, DLA-1481-1, DLA-1506-1, DLA-1529-1, DSA-2018-170, DSA-2018-217, DSA-2019-030, DSA-4274-1, DSA-4279-1, DSA-4279-2, FEDORA-2018-1c80fea1cd, FEDORA-2018-f8cba144ae, FG-IR-18-002, Foreshadow, FreeBSD-SA-18:09.l1tf, HPESBHF03874, ibm10742755, INTEL-SA-00161, JSA10917, JSA10937, K95275140, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2388-01, RHSA-2018:2389-01, RHSA-2018:2390-01, RHSA-2018:2391-01, RHSA-2018:2392-01, RHSA-2018:2393-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2602-01, RHSA-2018:2603-01, SSA:2018-240-01, SSA-254686, STORM-2018-005, SUSE-SU-2018:2328-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2596-1, SUSE-SU-2018:2637-1, Synology-SA-18:45, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3823-1, VIGILANCE-VUL-26998, VMSA-2018-0021, VU#982149, XSA-273, XSA-289.
Description of the vulnerability
An attacker can bypass access restrictions to data via L1TF OS/SMM on Intel processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
PostgreSQL: information disclosure via CONFLICT DO UPDATE
Synthesis of the vulnerability
A local attacker can read a memory fragment via CONFLICT DO UPDATE of PostgreSQL, in order to obtain sensitive information.
Impacted products: Debian, Unisphere EMC, Fedora, openSUSE Leap, PostgreSQL, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 10/08/2018.
Identifiers: 528379, CVE-2018-10925, DSA-2018-208, DSA-4269-1, FEDORA-2018-d8f5aea89d, openSUSE-SU-2018:2599-1, openSUSE-SU-2018:3449-1, RHSA-2018:2511-01, RHSA-2018:2565-01, RHSA-2018:2566-01, SUSE-SU-2018:2564-1, SUSE-SU-2018:3377-1, USN-3744-1, VIGILANCE-VUL-26960.
Description of the vulnerability
A local attacker can read a memory fragment via CONFLICT DO UPDATE of PostgreSQL, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
PostgreSQL: privilege escalation via Libpq Host Connection Parameters
Synthesis of the vulnerability
An attacker can bypass restrictions via Libpq Host Connection Parameters of PostgreSQL, in order to escalate his privileges.
Impacted products: Debian, Unisphere EMC, Fedora, openSUSE Leap, PostgreSQL, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 10/08/2018.
Identifiers: 528379, CVE-2018-10915, DLA-1464-1, DSA-2018-208, DSA-4269-1, FEDORA-2018-d8f5aea89d, openSUSE-SU-2018:2599-1, openSUSE-SU-2018:3449-1, openSUSE-SU-2018:4007-1, RHSA-2018:2511-01, RHSA-2018:2557-01, RHSA-2018:2565-01, RHSA-2018:2566-01, SUSE-SU-2018:2564-1, SUSE-SU-2018:3287-1, SUSE-SU-2018:3377-1, SUSE-SU-2018:3909-1, USN-3744-1, VIGILANCE-VUL-26959.
Description of the vulnerability
An attacker can bypass restrictions via Libpq Host Connection Parameters of PostgreSQL, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Processors: information disclosure via System Register
Synthesis of the vulnerability
A local attacker can read a memory fragment via System Register of some processors, in order to obtain sensitive information.
Impacted products: Mac OS X, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, Debian, Avamar, Unisphere EMC, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, HP ProLiant, QRadar SIEM, Windows (platform) ~ not comprehensive, openSUSE Leap, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 22/05/2018.
Identifiers: 525441, ADV180013, CERTFR-2018-AVI-429, CERTFR-2019-AVI-036, cisco-sa-20180521-cpusidechannel, CVE-2018-3640, DLA-1446-1, DLA-1506-1, DSA-2018-175, DSA-2019-030, DSA-4273-1, DSA-4273-2, FG-IR-18-002, HPESBHF03850, HT209193, ibm10796076, K51801290, openSUSE-SU-2018:1904-1, openSUSE-SU-2018:2399-1, SSA-268644, SUSE-SU-2018:1926-1, SUSE-SU-2018:1935-1, SUSE-SU-2018:2076-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, TA18-141A, USN-3756-1, VIGILANCE-VUL-26184, VU#180049.
Description of the vulnerability
A local attacker can read a memory fragment via System Register of some processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Processors: information disclosure via Speculative Store
Synthesis of the vulnerability
A local attacker can read a memory fragment via Speculative Store of some processors, in order to obtain sensitive information.
Impacted products: Mac OS X, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, XenServer, Debian, Avamar, Unisphere EMC, BIG-IP Hardware, TMOS, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, HP ProLiant, AIX, IBM i, QRadar SIEM, Junos Space, Linux, Windows (platform) ~ not comprehensive, MiVoice 5000, openSUSE Leap, Solaris, oVirt, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, RHEL, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere Hypervisor, VMware Workstation, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 22/05/2018.
Identifiers: 1528, 18-0006, 525441, ADV180012, CERTFR-2018-AVI-248, CERTFR-2018-AVI-250, CERTFR-2018-AVI-256, CERTFR-2018-AVI-258, CERTFR-2018-AVI-259, CERTFR-2018-AVI-280, CERTFR-2018-AVI-306, CERTFR-2018-AVI-308, CERTFR-2018-AVI-319, CERTFR-2018-AVI-330, CERTFR-2018-AVI-346, CERTFR-2018-AVI-357, CERTFR-2018-AVI-386, CERTFR-2018-AVI-429, CERTFR-2019-AVI-036, CERTFR-2019-AVI-052, cisco-sa-20180521-cpusidechannel, cpujan2019, CTX235225, CVE-2018-3639, DLA-1423-1, DLA-1424-1, DLA-1434-1, DLA-1446-1, DLA-1506-1, DLA-1529-1, DLA-1731-1, DLA-1731-2, DSA-2018-175, DSA-2019-030, DSA-4210-1, DSA-4273-1, DSA-4273-2, FEDORA-2018-5521156807, FEDORA-2018-6367a17aa3, FEDORA-2018-aec846c0ef, FEDORA-2018-db0d3e157e, FG-IR-18-002, HPESBHF03850, HT209139, HT209193, ibm10796076, JSA10917, K29146534, K54252492, N1022433, nas8N1022433, openSUSE-SU-2018:1380-1, openSUSE-SU-2018:1418-1, openSUSE-SU-2018:1420-1, openSUSE-SU-2018:1487-1, openSUSE-SU-2018:1621-1, openSUSE-SU-2018:1623-1, openSUSE-SU-2018:1628-1, openSUSE-SU-2018:1773-1, openSUSE-SU-2018:1904-1, openSUSE-SU-2018:2306-1, openSUSE-SU-2018:2399-1, openSUSE-SU-2018:2402-1, openSUSE-SU-2018:3103-1, openSUSE-SU-2018:3709-1, openSUSE-SU-2019:0042-1, openSUSE-SU-2019:1438-1, openSUSE-SU-2019:1439-1, RHSA-2018:1629-01, RHSA-2018:1630-01, RHSA-2018:1632-01, RHSA-2018:1633-01, RHSA-2018:1635-01, RHSA-2018:1636-01, RHSA-2018:1637-01, RHSA-2018:1638-01, RHSA-2018:1639-01, RHSA-2018:1640-01, RHSA-2018:1641-01, RHSA-2018:1642-01, RHSA-2018:1647-01, RHSA-2018:1648-01, RHSA-2018:1649-01, RHSA-2018:1650-01, RHSA-2018:1651-01, RHSA-2018:1652-01, RHSA-2018:1653-01, RHSA-2018:1656-01, RHSA-2018:1657-01, RHSA-2018:1658-01, RHSA-2018:1659-01, RHSA-2018:1660-01, RHSA-2018:1661-01, RHSA-2018:1662-01, RHSA-2018:1663-01, RHSA-2018:1664-01, RHSA-2018:1665-01, RHSA-2018:1666-01, RHSA-2018:1667-01, RHSA-2018:1668-01, RHSA-2018:1669-01, RHSA-2018:1737-01, RHSA-2018:1738-01, RHSA-2018:1826-01, RHSA-2018:1965-01, RHSA-2018:1967-01, RHSA-2018:1997-01, RHSA-2018:2001-01, RHSA-2018:2003-01, RHSA-2018:2006-01, RHSA-2018:2161-01, RHSA-2018:2162-01, RHSA-2018:2164-01, RHSA-2018:2171-01, RHSA-2018:2172-01, RHSA-2018:2216-01, RHSA-2018:2250-01, RHSA-2018:2309-01, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2390-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2948-01, RHSA-2018:3396-01, RHSA-2018:3397-01, RHSA-2018:3398-01, RHSA-2018:3399-01, RHSA-2018:3400-01, RHSA-2018:3401-01, RHSA-2018:3402-01, RHSA-2018:3407-01, RHSA-2018:3423-01, RHSA-2018:3424-01, RHSA-2018:3425-01, spectre_meltdown_advisory, SSA:2018-208-01, SSA-268644, SSA-505225, SUSE-SU-2018:1362-1, SUSE-SU-2018:1363-1, SUSE-SU-2018:1366-1, SUSE-SU-2018:1368-1, SUSE-SU-2018:1374-1, SUSE-SU-2018:1375-1, SUSE-SU-2018:1376-1, SUSE-SU-2018:1377-1, SUSE-SU-2018:1378-1, SUSE-SU-2018:1386-1, SUSE-SU-2018:1389-1, SUSE-SU-2018:1452-1, SUSE-SU-2018:1456-1, SUSE-SU-2018:1475-1, SUSE-SU-2018:1479-1, SUSE-SU-2018:1482-1, SUSE-SU-2018:1582-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1614-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:1816-1, SUSE-SU-2018:1846-1, SUSE-SU-2018:1926-1, SUSE-SU-2018:1935-1, SUSE-SU-2018:2076-1, SUSE-SU-2018:2082-1, SUSE-SU-2018:2141-1, SUSE-SU-2018:2304-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, SUSE-SU-2018:2340-1, SUSE-SU-2018:2528-1, SUSE-SU-2018:2556-1, SUSE-SU-2018:2565-1, SUSE-SU-2018:2615-1, SUSE-SU-2018:2650-1, SUSE-SU-2018:2973-1, SUSE-SU-2018:3064-1, SUSE-SU-2018:3064-3, SUSE-SU-2018:3555-1, SUSE-SU-2019:0049-1, SUSE-SU-2019:0148-1, SUSE-SU-2019:1211-2, TA18-141A, USN-3651-1, USN-3652-1, USN-3653-1, USN-3653-2, USN-3654-1, USN-3654-2, USN-3655-1, USN-3655-2, USN-3679-1, USN-3680-1, USN-3756-1, VIGILANCE-VUL-26183, VMSA-2018-0012, VMSA-2018-0012.1, VU#180049, XSA-263.
Description of the vulnerability
A local attacker can read a memory fragment via Speculative Store of some processors, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
jackson-databind: code execution via Deserializing
Synthesis of the vulnerability
An attacker can use a vulnerability via Deserializing of jackson-databind, in order to run code.
Impacted products: Debian, Avamar, NetWorker, Unisphere EMC, Oracle Communications, Oracle DB, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle Internet Directory, Tuxedo, Oracle Virtual Directory, WebLogic, Puppet, JBoss EAP by Red Hat.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 04/05/2018.
Identifiers: 521680, 521682, 527583, cpuapr2019, cpujan2019, cpujul2018, cpuoct2018, CVE-2018-7489, DSA-2018-096, DSA-2018-102, DSA-2018-207, DSA-4190-1, RHSA-2018:1447-01, RHSA-2018:1448-01, RHSA-2018:1449-01, RHSA-2018:1450-01, RHSA-2018:1451-01, RHSA-2018:2088-01, RHSA-2018:2089-01, RHSA-2018:2090-01, VIGILANCE-VUL-26043.
Description of the vulnerability
An attacker can use a vulnerability via Deserializing of jackson-databind, in order to run code.
Full Vigil@nce bulletin... (Free trial) |
EMC VNX/Unisphere: external XML entity injection
Synthesis of the vulnerability
An attacker can transmit malicious XML data to EMC VNX/Unisphere, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Unisphere EMC, VNX Operating Environment, VNX Series.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 26/04/2018.
Identifiers: CVE-2018-1183, DSA-2018-013, VIGILANCE-VUL-25984.
Description of the vulnerability
XML data can contain external entities (DTD):
<!ENTITY name SYSTEM "file">
<!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
- content disclosure from files of the server
- private web site scan
- a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.
However, the EMC VNX/Unisphere parser allows external entities.
An attacker can therefore transmit malicious XML data to EMC VNX/Unisphere, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
|