CVE-2023-6578 – Software AG WebMethods access control
https://notcve.org/view.php?id=CVE-2023-6578
A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup may request username and password. • https://vuldb.com/?ctiid.247158 https://vuldb.com/?id.247158 • CWE-284: Improper Access Control •
CVE-2023-0925 – Software AG webMethods OneData Deserialization Vulnerability
https://notcve.org/view.php?id=CVE-2023-0925
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port). Port 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows. La versión 10.11 de webMethods OneData ejecuta una instancia integrada de Azul Zulu Java 11.0.15 que aloja un registro de Java RMI (que escucha en el puerto TCP 2099 de forma predeterminada) y dos interfaces RMI (que escucha en un único puerto alto TCP asignado dinámicamente). El puerto 2099 sirve como Java Remote Method Invocation (RMI) registro que permite cargar y procesar datos de forma remota a través de interfaces RMI. • https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html • CWE-502: Deserialization of Untrusted Data •
CVE-2023-39017
https://notcve.org/view.php?id=CVE-2023-39017
quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not plausible that untrusted user input would reach the code location where injection must occur. Se ha descubierto que Quartz-jobs v2.3.2 e inferiores contienen una vulnerabilidad de inyección de código en el componente "org.quartz.jobs.ee.jms.SendQueueMessageJob.execute". Esta vulnerabilidad se aprovecha pasando un argumento no comprobado. • https://github.com/quartz-scheduler/quartz/issues/943 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2021-40650
https://notcve.org/view.php?id=CVE-2021-40650
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. En Connx Versión 6.2.0.1269 (20210623), una cookie puede ser emitida por la aplicación y no tener el flag seguro establecido • https://github.com/l00neyhacker/CVE-2021-40650 http://connx.com • CWE-311: Missing Encryption of Sensitive Data •
CVE-2021-40649
https://notcve.org/view.php?id=CVE-2021-40649
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. En Connx Versión 6.2.0.1269 (20210623), una cookie puede ser emitida por la aplicación y no tener el flag HttpOnly establecido • https://github.com/l00neyhacker/CVE-2021-40649 http://connx.com • CWE-732: Incorrect Permission Assignment for Critical Resource •