SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 SQL Injection Vulnerability

Overview :
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted.You may notice when installing SuiteCRM a new panel which allows for the configuration of different collations and type-sets. This is part of our progression towards resolving issues with special characters and emojis. Currently available sets include utf8 and utf8mb4.

 

Rajaneesh
Read more

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server

 

Overview :
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique from CVE-2020-0893.

Reference Key

Each reference used in CVE has the following structure:

SOURCE: NAME

  • SOURCE is an alphanumeric keyword.
    (Examples: “BUGTRAQ”, “OVAL”, etc.)
  • NAME is a single line of ASCII text and can include colons and spaces.
    (Examples: “BUGTRAQ: Posting to Bugtraq mailing list”; “OVAL: Open Vulnerability and Assessment Language (OVAL) vulnerability definition”; etc.)

Where possible, the NAME is selected to facilitate searches on a SOURCE’s website. For references that do not have a well-defined identifier, a release date and/or subject header may be included.

Reference Order

References are typically listed in the order below:

  • Initial announcement
  • Response team advisory
  • Vendor acknowledgement/advisory
  • All other public sources
Rajaneesh
Read more

Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0

Overview :
An improper neutralization of input vulnerability in the Anomaly Detection interface of FortiWeb may allow a remote unauthenticated attacker to perform a cross site scripting attack (XSS) via a parameter of the request.An Improper Neutralization of Input vulnerability in the Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0, and 6.1.1 may allow a remote unauthenticated attacker to perform a Cross Site Scripting attack (XSS).
Affected Product(s) :
FortiWeb Versions 6.0.5 and below.

FortiWeb Versions 6.1.1 and below.

Rajaneesh
Read more

Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5

Overview :
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user’s session by persuading the victim to follow a malicious link.
References
Affected Product(s) :

CVE-2019-17653
References:

Each reference used in CVE has the following structure:

Rajaneesh
Read more

TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server

Overview :
The Spotfire library component of TIBCO Software Inc.’s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not “Script Author” group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted. This could allow an attacker to cause the Spotfire Web Player, Analyst clients, and TERR Service into executing arbitrary code with the privileges of the system account that started those processes. Affected releases are TIBCO Software Inc.’s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 10.8.0 and below and TIBCO Spotfire Server: versions 7.11.9 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, and 10.3.6, versions 10.4.0, 10.5.0, 10.6.0, 10.6.1, 10.7.0, and 10.8.0.
Affected Product(s) :
  • TIBCO Spotfire Analytics Platform for AWS Marketplace versions 10.8.0 and below
  • TIBCO Spotfire Server versions 7.11.9 and below
  • TIBCO Spotfire Server versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, and 10.3.6
  • TIBCO Spotfire Server versions 10.4.0, 10.5.0, 10.6.0, 10.6.1, 10.7.0, and 10.8.0

The following component is affected:

Rajaneesh
Read more

Apache ShardingSphere(incubator) deserialization vulnerability

Overview :
In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere’s web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE.
Affected Product(s) :
 
ShardingSphere 4.0.0-RC3, 4.0.0
 

Solution :

Rajaneesh
Read more

Puppet Server and PuppetDB may leak sensitive information via metrics API

Overview :
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as well as function names and class names. Previously, these endpoints were open to the local network. PE 2018.1.13 & 2019.4.0, Puppet Server 6.9.1 & 5.3.12, and PuppetDB 6.9.1 & 5.2.13 disable trapperkeeper-metrics /v1 metrics API and only allows /v2 access on localhost by default. This affects Puppet Enterprise 2018.1.x stream prior to 2018.1.13, and prior to 2019.4.0; Puppet Server prior to 6.9.1, and prior to 5.3.12; PuppetDB prior to 6.9.1, and prior to 5.2.13.
Affected Product(s) :
  • Puppet Enterprise 2018.1.x stream prior to 2018.1.13
  • Puppet Enterprise prior to 2019.4.0
  • Puppet Server prior to 6.9.1
  • Puppet Server prior to 5.3.12
  • PuppetDB prior to 6.9.1
  • PuppetDB prior to 5.2.13
Vulnerability Details :
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as well as function names and class names. Previously, these endpoints were open to the local network.

PE 2018.1.13 & 2019.4.0, Puppet Server 6.9.1 & 5.3.12, and PuppetDB 6.9.1 & 5.2.13 disable trapperkeeper-metrics /v1 metrics API and only allows /v2 access on localhost by default.

Rajaneesh
Read more

vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020

Overview :
An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
Affected Product(s) :

  • XML External Entity (XXE) Vulnerability (CVE-2020-8540)

    This document will explain about the XML External Entity (XXE) (CVE-2020-8540) vulnerability on agent servlet, which was reported by kalimer0x00.

Rajaneesh
Read more