CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51386 – Sandbox Accounts for Events vulnerable to privilege escalation to read running events data
https://notcve.org/view.php?id=CVE-2023-51386
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned events, timeframes, budgets and owner email addresses. This data access may allow users to get insights into upcoming events and join events which they have not been invited to. This issue has been patched in version 1.10.0. Sandbox Accounts for Events proporciona múltiples cuentas temporales de AWS a varios usuarios autenticados simultáneamente a través de una GUI basada en navegador. • https://github.com/awslabs/sandbox-accounts-for-events/commit/f30a0662f0a28734eb33c5868cccc1c319eb6e79 https://github.com/awslabs/sandbox-accounts-for-events/security/advisories/GHSA-p7w3-j66h-m7mx • CWE-269: Improper Privilege Management •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51651 – Potential URI resolution path traversal in the AWS SDK for PHP
https://notcve.org/view.php?id=CVE-2023-51651
AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer component of the AWS SDK for PHP v3 prior to 3.288.1. The `buildEndpoint` method relies on the Guzzle Psr7 UriResolver utility, which strips dot segments from the request path in accordance with RFC 3986. Under certain conditions, this could lead to an arbitrary object being accessed. • https://github.com/aws/aws-sdk-php/commit/aebc9f801438746ac4ade327551576cb75f635f2 https://github.com/aws/aws-sdk-php/releases/tag/3.288.1 https://github.com/aws/aws-sdk-php/security/advisories/GHSA-557v-xcg6-rm5m • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50928 – sandbox-accounts-for-events security misconfiguration leads to budget exceed
https://notcve.org/view.php?id=CVE-2023-50928
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0. Sandbox Accounts for Events proporciona múltiples cuentas temporales de AWS a varios usuarios autenticados simultáneamente a través de una GUI basada en navegador. • https://github.com/awslabs/sandbox-accounts-for-events/commit/f30a0662f0a28734eb33c5868cccc1c319eb6e79 https://github.com/awslabs/sandbox-accounts-for-events/security/advisories/GHSA-cg8w-7q5v-g32r • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-27504 – Texas Instruments FREERTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27504
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution. En los dispositivos de Texas Instruments que ejecutan FREERTOS, malloc devuelve un puntero válido a un pequeño búfer en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de enteros en 'malloc' para FreeRTOS, lo que resulta en la ejecución de código. • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 https://www.ti.com/tool/TI-RTOS-MCU • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45807 – OpenSearch Issue with tenant read-only permissions
https://notcve.org/view.php?id=CVE-2023-45807
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit and delete operations on index metadata of dashboards and visualizations in that tenant, potentially rendering them unavailable. This issue does not affect index data, only metadata. Dashboards correctly enforces read-only permissions when indexing and updating documents. This issue does not provide additional read access to data users don’t already have. • https://github.com/opensearch-project/security/security/advisories/GHSA-72q2-gwwf-6hrv • CWE-281: Improper Preservation of Permissions •