CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38286 – Apache Tomcat: Denial of Service
https://notcve.org/view.php?id=CVE-2024-38286
30 Oct 2024 — Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. • https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45477 – Apache NiFi: Improper Neutralization of Input in Parameter Description
https://notcve.org/view.php?id=CVE-2024-45477
29 Oct 2024 — Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenticated user, authorized to configure a Parameter Context, can enter arbitrary JavaScript code, which the client browser will execute within the session context of the authenticated user. Upgrading to Apache NiFi 1.28.0 or 2.0.0-M4 is the recommended mitigation. Apache NiFi 1.10.0 a 1.27.0 y 2.0.0-M1 a 2.0.0-M3 ad... • https://lists.apache.org/thread/shdv0tw9hggj7tx9pl7g93mgok2lwbj9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45031 – Apache Syncope: Stored XSS in Console and Enduser
https://notcve.org/view.php?id=CVE-2024-45031
24 Oct 2024 — When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application. XSS payloads could also be injected in Syncope Enduser when editing “Personal Information” or “User Requests”: such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking. Users are recommended to upgrade to version 3.0.9, which fixes... • https://lists.apache.org/thread/fn567pfmo3s55ofkc42drz8b4kgbhp9m • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 1%CPEs: 2EXPL: 0CVE-2024-45219 – Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure
https://notcve.org/view.php?id=CVE-2024-45219
16 Oct 2024 — Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2.3 and 4.19.0.0 through 4.19.1.1, an attacker that can upload or register templates and volumes, can use them to deploy malicious instances or attach uploaded volumes to their existing instances on KVM-based environm... • https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2 • CWE-20: Improper Input Validation CWE-116: Improper Encoding or Escaping of Output •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45461 – Apache CloudStack Quota plugin: Access checks not enforced in Quota
https://notcve.org/view.php?id=CVE-2024-45461
16 Oct 2024 — The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by default. In environments where the feature is enabled, due to missing access check enforcements, non-administrative CloudStack user accounts are able to access and modify quota-related configurations and data. This issue affects Apache CloudStack from 4.7.0 through 4.18.2.3; and from 4.19.0.0 through 4.19.1.1, where the Quota feature is enabled. Users are recommended to... • https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2 • CWE-269: Improper Privilege Management CWE-862: Missing Authorization •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45462 – Apache CloudStack: Incomplete session invalidation on web interface logout
https://notcve.org/view.php?id=CVE-2024-45462
16 Oct 2024 — The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the backend service. An attacker that has access to a user's browser can use an unexpired session to gain access to resources owned by the logged out user account. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3; and from 4.19.0.0 through 4.19.1.1. Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addr... • https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2 • CWE-613: Insufficient Session Expiration •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45693 – Apache CloudStack: Request origin validation bypass makes account takeover possible
https://notcve.org/view.php?id=CVE-2024-45693
16 Oct 2024 — Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requests due to missing validation of the origin of the requests. This can allow an attacker to gain privileges and access to resources of the authenticated users and may lead to account takeover, disruption, exposure of sensitive data and compromise integrity of the resources owned by the user account that are managed by the platform. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3 and 4.19.0... • https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.4-4.19.1.2 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45217 – Apache Solr: ConfigSets created during a backup restore command are trusted implicitly
https://notcve.org/view.php?id=CVE-2024-45217
16 Oct 2024 — Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to "trusted" ConfigSets that may not have been created with an Authenticated request. "trusted" ConfigSets are able to load custom code into classloaders, t... • https://solr.apache.org/security.html#cve-2024-45217-apache-solr-configsets-created-during-a-backup-restore-command-are-trusted-implicitly • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.8EPSS: 93%CPEs: 2EXPL: 2CVE-2024-45216 – Apache Solr: Authentication bypass possible using a fake URL Path ending
https://notcve.org/view.php?id=CVE-2024-45216
16 Oct 2024 — Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication while maintaining the API contract with the original URL Path. This fake ending looks like an unprotected API path, however it is stripped off internally after authentication but before API routing. This issue a... • https://github.com/congdong007/CVE-2024-45216-Poc • CWE-287: Improper Authentication CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50780 – Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
https://notcve.org/view.php?id=CVE-2023-50780
14 Oct 2024 — Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE. Users are recommended to upgrade to version 2.29.0 or later, which fixes the issue. • https://github.com/mbadanoiu/CVE-2023-50780 • CWE-285: Improper Authorization •