Vulnerability Details

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current cyber security threat.  Any increase in an alert state will occur immediately an issue is detected and it will drop again by one level each working day

Our rationale for this agility is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product. Daily reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

Friday 15 January 2021


FiberHome

Exploit

Researchers have identified a number of vulnerabilities, including backdoors, hardcoded credentials, authentication bypass, and unauthorized access.  FiberHome websites are unresponsive at the moment.
More info.


IBM

Patch

There is a missing authorization vulnerability in the Apache Solr service that is distributed as part of Watson Knowledge Catalog for IBM Cloud Pak for Data. CVSSv3 score of 9.4
More info.


NetApp

New

NetApp has published 8 new bulletins identifying vulnerabilities in third-party software included in their products.
More info.


Apache

Patch

Apache Tomcat could allow a remote attacker to obtain sensitive information. By sending a specially-crafted request, an attacker can view the source code for JSPs in some configurations, and use this information to launch further attacks against the affected system.
More info.


Linux

Patch

SUSE has updated the kernel and several other packages. More info.
Ubuntu has updated the kernel and several other packages. More info.
RedHat has updated the kernel and openshift. More info.
Mageia has updated the kernel. More info.
Amazon Linux has updated the kernel and several other packages. More info.
Alpine Linux has released version 3.13.0. More info.


  

Thursday 14 January 2021


Palo Alto
Networks

Patch

Palo Alto Networks Monthly patches are two vulnerability bulletins and one informational. Highest CVSSv3 score of 4.4
More info.


Juniper

Patch

Juniper Quarterly Patches are out, with 23 bulletins.  Several remote, unauthenticated DoS vulnerabilities are addressed, as well as third-party software vulnerabilities in the products.
More info.

A vulnerability that allows an unauthenticated remote attacker to obtain access that would otherwise be denied in the Simple Authentication and Security Layer (SASL) implementation that is part of the OpenLDAP third party software package has been resolved in Juniper Networks SRX Series configured with Integrated User Firewall. CVSSv3 score of 7.4
More info.

An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. CVSSv3 score of 6.8
More info.


Cisco

Patch

Cisco has published 23 new bulletins, four are rated High.
More info.


Nagios

Patch

A remote, authenticated or anonymous attacker can exploit a vulnerability in Nagios Enterprises Nagios XI to execute arbitrary program code with administrator rights, to reveal information and to carry out a cross-site scripting attack.
More info.


IBM

Patch

IBM has published new bulletins, seven with a Critical rating. All the Critical bulletins have CVSSv3 scores of 9.8.  Products include MaaS360 Cloud Extender, App Connect Enterprise, Integration Bus, Guardium Data Encryption, and Security Privileged Identity Manager.
More info.


HPE

Patch

Multiple security vulnerabilities (Ripple20) have been identified in the optional HP/HPE R7000 and R5000 Uninterruptable Power System Network Module Firmware (AF465A). The vulnerabilities could be remotely exploited to execute code, cause denial of service, and expose sensitive information.
More info.


  

Wednesday 13 January 2021


Dell

Patch

Dell has updated EMC Enterprise Hybrid Cloud to patch multiple VMWare vulnerabilities. Dell rates this Critical.
More info.

Dell EMC Avamar Server contains remediation for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. Dell rates this Critical. Highest CVSSv3 score of 10
More info.


Aruba

Patch

Aruba has released updates to Airwave Glass that address multiple security vulnerabilities that would allow an unauthenticated remote attacker to bypass authentication, arbitrary code execution, and arbitrary command execution. Highest CVSSv3 score of 9.8
More info.


Huawei

Patch

Huawei has updated their products to fix an Apache Struts2 remote code execution vulnerability.  CVSSv3 score of 9.8
More info.


Linux

Patch

SUSE has updated the kernel, crmsh, and others. More info.
Arch Linux has updated nodejs, atftp, and several others.  More info.
Oracle Linux has updated the kernel. More info.
RedHat has updated the kernel and others. More info.


  

Tuesday 12 January 2021 - Part 2


Microsoft

Patch

Microsoft Monthly Patches are out, with patches for 83 vulnerabilities, 10 of which are rated Critical, one has been previously disclosed, and one is actively being exploited.  Highest CVSSv3 score of 8.8
There are security updates for Windows, Edge (EdgeHTML-based), Office and Office Services and Web Apps, Windows Codecs Library, Visual Studio, SQL Server, Malware Protection Engine, .NET Core, .NET Repository, ASP .NET, and Azure.
More info. And here. And here.


  

Tuesday 12 January 2021


SAP

Patch

SAP Monthly Patches are out, with 10 new Security Notes and 7 updated Notes.  Five are rated Hot News, 1 High, 10 Medium, and 1 Low.  Four address missing authorization vulnerabilities.
More info.


Adobe

Patch

It's Adobe Patch Day, and they have published seven updates, including updates for Bridge, Captivate, InCopy, Campaign Classic, Animate, Illustrator, and Photoshop.  All the vulnerabilities are rate Critical.
More info.


Siemens

Patch

Siemens Monthly Patches have been published, with four new bulletins and eight updated bulletins. 
More info.

Several SCALANCE X switches contain vulnerabilities in the web server of the affected devices.An unauthenticated attacker could reboot, cause denial-of-service conditions and potentially impact thesystem by other means through heap and buffer overflow vulnerabilities. CVSSv3 score of 9.8
More info.

Scalance X devices might not generate a unique random key after factory reset, and use a private keyshipped with the firmware. CVSSv3 score of 9.1
More info.


Schneider
Electric

Patch

Schneider Electric Monthly Patches consist of three new bulletins and four updated bulletins.
More info.

Schneider Electric uses Treck Inc.’s HTTP Server component in the Sepam ACE850, which contains a heap-based buffer overflow.  CVSSv3 score of 10
More info.

EcoStruxure Operator Terminal Expert (formerly known as Vijeo XD) and Pro-face BLUE products contain an Improper Input Validation vulnerability exists that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI. CVSSv3 score of 8.8
More info.


Mozilla

Patch

Mozilla has published an update for Thunderbird, rated Critical, which could be used for RCE.
More info.


HCL Software

Patch

HCL Commerce contains an unspecified vulnerability that could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. CVSSv3 score of 9.8
More info.

HCL Commerce contains an information disclosure vulnerability that could allow a remote attacker to obtain user personal data. CVSSv3 score of 7.5
More info.


  

Monday 11 January 2021


QNAP

Patch

A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. 
More info.


Linux

Patch

Gentoo Linux has published 8 new security updates. More info.


  

Friday 8 January 2021


Microsoft

Patch

Microsoft has updated chromium-based Edge with the latest chromium patches.
More info.


Hitachi ABB

Patch

Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer contain a vulnerability in the libssh library that allows an attacker to send a specially crafted message to the device, causing it to open a communication channel without first performing authentication which may allow an attacker to execute arbitrary commands. CVSSv3 score of 9.1
More info.


IBM

Patch

IBM has published updates to Netcool Operations Insight that fixes vulnerabilities in node.js. CVSSv3 score of 9.8
More info.


NetApp

Patch

NetApp has published seven new bulletins regarding vulnerabilities in third-party software included in NetApp products.  Few patches available.
More info.

Element OS is susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code. Vulnerable versions are only exploitable for a limited window during the boot process. CVSSv3 score of 7.5
More info.


Linux

Patch

Oracle Linux has updated the kernel. More info.


  

Thursday 7 January 2021


Mozilla

Patch

A vulnerability has been discovered in Firefox, Firefox ESR and Firefox for Android, which could allow for arbitrary code execution.
More info.


Google

Patch

Google has updated Chrome for Desktop to include 16 security fixes, most rated High.
More info.


PHP

Patch

PHP has been patched to correct a vulnerability where PHP accepts URLs with invalid userinfo.
More info. And here.


IBM

Patch

IBM has addressed Critical vulnerabilities in third-party software included in their products.  NGINX, Golang, jackson-databind, and Docker vulnerabilities are patched in Spectrum Discover, Event Streams, IBP, and Aspera High-Speed Sync. Highest CVSSv3 score of 9.8
More info.


  

Wednesday 6 January 2021


Fortinet

Patch

A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement. CVSSv3 score of 6.4
More info.

A stack-based buffer overflow vulnerability in FortiWeb may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname. CVSSv3 score of 6.4
More info.


Red Lion

Patch

Red Lion has reported two vulnerabilities in Crimson.  A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device, and the default configuration of the affected product allows a user to be able to read and modify the database without authentication. Highest CVSSv3 score of 7.5
More info.


Meinberg

Patch

Meinberg has patched the LANTIME products to fix a vulnerability in OpenSSL.  CVSSv3 score of 5.9
More info.


Linux

Patch

SUSE has updated python, java, and others. More info.
Ubuntu has updated the kernel and others. More info.


  

Tuesday 5 January 2021


Qualcomm

Patch

Qualcomm Monthly Patches are out with 17 CVEs addressed.  Six are rated Critical, 10 rated High, and one rated Moderate. Highest CVSSv3 score of 9.8
More info.


Google

Patch

It's Android Patch Day, with 27 addressed vulnerabilities plus the Qualcomm patch set.  Two are rated Critical, 24 are rated High, and one Moderate.  Of note, the most severe vulnerabilities could enable a remote attacker to execute arbitrary code or cause a permanent denial of service.
More info.

Pixel monthly patches add four more vulnerabilities, one rated High and the rest Moderate.
More info.


Samsung

Patch

Samsung has published their Monthly Patches.  In addition to the Google Android patches there are nine Samsung vulnerabilities addressed, but only four are disclosed.  One of those is rated High and three Moderate.
More info.


NEC

Patch

NEC Platforms UNIVERGE SV9500/SV8500 series products could allow a remote attacker to execute arbitrary commands on the system, caused by an OS command injection flaw. CVSSv3 score of 8.8
More info.


Linux

Patch

Arch Linux has updated rsync and others. More info.
RedHat has updated the kernel. More info.
Oracle Linux has updated the kernel. More info.


  

Monday 4 January 2021


Pepperl+Fuchs

Patch

PEPPERL+FUCHS multiple Comtrol IO-LInk Master products contain multiple vulnerabilities that allow remote attackers to gain access to the device and execute any program and tap information. Highest CVSSv3 score of 8.8
More info.


yCREDIT

Exploit

A security restrictions bypass vulnerability exists in Stable Yield Credit (yCREDIT). The vulnerability allows a remote attacker to bypass implemented security restrictions and obtain more yCREDIT tokens than they should. CVSSv3 score of 7.2  This has been exploited in the wild.
More info.


Linux

Patch

Ubuntu has updated libproxy. More info.
Mageia has updated libxml2, ethtool, and others. More info.


  

Friday 1 January 2021


McAfee

Patch

Cross Site Request Forgery on previous versions of NSM might allow an attacker to change the configuration in the NSM UI. CVSSv3 score of 6.6
More info.


F5

New

Traffix SDC uses Apache Tomcat which contains a HTTP request header re-use vulnerability.  A remote attacker can exploit this vulnerability to obtain sensitive data from information leakage between HTTP requests. CVSSv3 score of 7.5
More info.


Synology

Patch

A vulnerability allows remote attackers to obtain sensitive information via a susceptible version of Synology Router Manager (SRM).
More info.


Linux

Patch

Mageia has updated curl. More info.


  

Wednesday 30 December 2020


QNAP

Patch

A vulnerability has been reported in QNAP NAS software which allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. 
More info.

A vulnerability has been reported to affect QNAP devices which allows a remote attacker to gain access to sensitive information during cleartext transmission.
More info.


HCL

Patch

HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An unauthenticated attacker could could exploit this vulnerability to crash the Domino server.  CVSSv3 score of 5.3
More info.


Linux

Patch

SUSE has updated squid and others. More info.


  

Tuesday 29 December 2020


SolarWinds

Patch

The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API commands.
More info. And here.


Rockwell
Automation

New

Rockwell Automation reports vulnerabilities within FactoryTalk Linx software and FactoryTalk Services Platform. If successfully exploited, these vulnerabilities may result in denial-of-service conditions. Highest CVSSv3 score of 7.5  No patches yet.
More info. And here.


Linux

Patch

SUSE has updated gimp, cyrus-sasl, and others. More info.
Debian has updated roundcube and horizon.  More info.
Mageia has updated roundcube, python, and others. More info.


  

Monday 28 December 2020


HP

New

HP has identified a potential security vulnerability with the IPv6 network stack of certain HP and Samsung branded printers that could result in a denial of service. CVSSv3 score of 5.3   No patches yet.
More info.


Linux

Patch

SUSE has updated thunderbird and others. More info.
Gentoo Linux has updated haproxy, apache tomcat, and samba. More info.
Mageia has updated erlang-rebar3. More info.


  

ALERT DEFINITIONS

PRODUCT

GUARDED 

This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.


PRODUCT

INCREASED 

This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.


PRODUCT

HIGH 

This alert state indicates a more serious vulnerability which is exploitable.


PRODUCT

CRITICAL 

This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.


NEW

NEW 

This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.


+24hrs

+24hrs

 This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.


Patch

PATCH 

This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.


Exploit

EXPLOIT 

This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.


ZERO

ZERO DAY 

This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.


© Computer Network Defence Limited 2021