CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 1CVE-2021-3656 – kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
https://notcve.org/view.php?id=CVE-2021-3656
09 Sep 2021 — A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the en... • https://github.com/rami08448/CVE-2021-3656-Demo • CWE-862: Missing Authorization •
CVSS: 7.0EPSS: 0%CPEs: 68EXPL: 1CVE-2021-3609 – kernel: race condition in net/can/bcm.c leads to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-3609
23 Jun 2021 — .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Se ha encontrado un fallo en el protocolo de red CAN BCM en el kernel de Linux, donde un atacante local puede abusar de un fallo en el subsistema CAN para corromper la memoria, bloquear el sistema o escalar privil... • https://bugzilla.redhat.com/show_bug.cgi?id=1971651 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14388
https://notcve.org/view.php?id=CVE-2020-14388
02 Jun 2021 — A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission. Se ha detectado un fallo en Red Hat 3scale API Management Platform, en el que los permisos de los miembros del portal de administración de una API no son aplicados apropiadamente. Este fallo permite a un usuario autenticado omitir la... • https://bugzilla.redhat.com/show_bug.cgi?id=1875553 • CWE-284: Improper Access Control •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3412
https://notcve.org/view.php?id=CVE-2021-3412
01 Jun 2021 — It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks. Se detectó que todas las versiones del portal de desarrollo de3Scale, carecen de protecciones contra la fuerza bruta. Un atacante podría usar esta brecha para omitir los controles de inicio de sesión y acceder a información privilegiada, o posiblemente conducir más ataques • https://bugzilla.redhat.com/show_bug.cgi?id=1928301 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25634
https://notcve.org/view.php?id=CVE-2020-25634
26 May 2021 — A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected. Se encontró un fallo en la URL de documentos de la API de Red Hat 3scale, donde puede acceder sin credenciales. Este fallo permite a un atacante visualizar información confidencial o modificar las API de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1880201 • CWE-284: Improper Access Control CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14836 – 3scale: dev portal missing protection against login CSRF
https://notcve.org/view.php?id=CVE-2019-14836
26 May 2021 — A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. Se ha encontrado una vulnerabilidad en el portal de desarrollo de 3scale que no emplea mecanismos de protección contra el CSRF de inicio de sesión. Un atacante podría utilizar este fallo para acceder a información no autorizada o realizar otros ataques It was found that the 3scale dev portal does not ... • https://bugzilla.redhat.com/show_bug.cgi?id=1847605 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14852
https://notcve.org/view.php?id=CVE-2019-14852
18 Mar 2021 — A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could target traffic using this weaker protocol and break its encryption, gaining access to unauthorized information. Version shipped in Red Hat 3scale API Management Platform is vulnerable to this issue. Se encontró un fallo en la puerta de enlace de APIcast de 3scale que habilitó el protocolo TLS versión 1.0. Un atacante podría apuntar al tráfico usando este protocolo más débil y romper su cifrado, consiguiend... • https://bugzilla.redhat.com/show_bug.cgi?id=1758208 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20252
https://notcve.org/view.php?id=CVE-2021-20252
23 Feb 2021 — A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en Red Hat 3scale API Management Platform versión 2. El backend 3scale no lleva ... • https://bugzilla.redhat.com/show_bug.cgi?id=1928302 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 20EXPL: 0CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
12 May 2020 — A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NU... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14849 – 3scale: user session cookie does not set HTTPOnly
https://notcve.org/view.php?id=CVE-2019-14849
12 Dec 2019 — A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker could use this to conduct cross site scripting attacks and gain access to unauthorized information. Se encontró una vulnerabilidad en 3scale versión anterior a 2.6, no estableció el atributo HTTPOnly en la cookie de sesión del usuario. Un atacante podría usar esto para conducir ataques de tipo cross site scripting y conseguir acceso a información no autorizada. A flaw was found ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14849 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-201: Insertion of Sensitive Information Into Sent Data •