CVSS: 7.5EPSS: 81%CPEs: 444EXPL: 7CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4237 – Platform: ec2_key module prints out the private key directly to the standard output
https://notcve.org/view.php?id=CVE-2023-4237
A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability. Se encontró una falla en la plataforma de automatización Ansible. Al crear un nuevo par de claves, el módulo ec2_key imprime la clave privada directamente en la salida estándar. • https://access.redhat.com/errata/RHBA-2023:5653 https://access.redhat.com/errata/RHBA-2023:5666 https://access.redhat.com/security/cve/CVE-2023-4237 https://bugzilla.redhat.com/show_bug.cgi?id=2229979 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4380 – Platform: token exposed at importing project
https://notcve.org/view.php?id=CVE-2023-4380
A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability. Existe un defecto lógico en Ansible. Siempre que se crea un proyecto privado con credenciales incorrectas, se registra en texto plano. • https://access.redhat.com/errata/RHSA-2023:4693 https://access.redhat.com/security/cve/CVE-2023-4380 https://bugzilla.redhat.com/show_bug.cgi?id=2232324 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 1CVE-2023-3971 – Controller: html injection in custom login info
https://notcve.org/view.php?id=CVE-2023-3971
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise. Se encontró una falla de inyección de HTML en Controller en la configuración de la interfaz de usuario. Esta falla permite a un atacante capturar credenciales creando una página de inicio de sesión personalizada mediante la inyección de HTML, lo que resulta en un compromiso total. • https://github.com/ashangp923/CVE-2023-3971 https://access.redhat.com/errata/RHSA-2023:4340 https://access.redhat.com/errata/RHSA-2023:4590 https://access.redhat.com/security/cve/CVE-2023-3971 https://bugzilla.redhat.com/show_bug.cgi?id=2226965 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3644 – Pulp: Tokens stored in plaintext
https://notcve.org/view.php?id=CVE-2022-3644
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only. La colección remota para pulp_ansible almacena tokens en texto plano en lugar de usar el campo encriptado de pulp y los expone en modo de lectura/escritura por medio de la API () en lugar de marcarla como sólo de escritura A flaw exists in the collection remote for pulp_ansible, where tokens are stored in plaintext instead of using pulp's encrypted field. This flaw allows an attacker with sufficient privileges to read the stored tokens, resulting in the loss of confidentiality. • https://github.com/pulp/pulp_ansible/blob/main/pulp_ansible/app/models.py#L234 https://access.redhat.com/security/cve/CVE-2022-3644 https://bugzilla.redhat.com/show_bug.cgi?id=2131990 • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •