CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10689 – puppet: Unpacking of tarballs in tar/mini.rb can create files with insecure permissions
https://notcve.org/view.php?id=CVE-2017-10689
09 Feb 2018 — In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. En versiones anteriores de Puppet Agent, era posible instalar un módulo con permisos de modificación para cualquier usuario. Puppet Agent 5.3.4 y 1.10.10 incluían una solución para esta vulnerabilidad. Red Hat Satellite is a systems management tool for Linux-based infrastructure. • https://access.redhat.com/errata/RHSA-2018:2927 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-10690 – puppet: Environment leakage in puppet-agent
https://notcve.org/view.php?id=CVE-2017-10690
09 Feb 2018 — In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4 En versiones anteriores de Puppet Agent, era posible que el agente recuperase hechos de un entorno para el que no estaba clasificado. Esto se solucionó en Puppet Agent 5.3.4, incluido en Puppet Enterprise 2017.3.4. Red Hat Satellite is a systems management tool for Linux-based infr... • https://access.redhat.com/errata/RHSA-2018:2927 • CWE-203: Observable Discrepancy CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15100 – foreman: Stored XSS in fact name or value
https://notcve.org/view.php?id=CVE-2017-15100
27 Nov 2017 — An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page. Un atacante que envíe hechos que contienen HTML al servidor Foreman puede provocar Cross-Site Scripting (XSS) persistente en ciertas páginas: (1) La página Facts, al hacer clic en el ... • http://projects.theforeman.org/issues/21519 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 6%CPEs: 58EXPL: 0CVE-2017-15095 – jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)
https://notcve.org/view.php?id=CVE-2017-15095
13 Nov 2017 — A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. Se ha descubierto un error de deserialización en jackson-databind, en versiones anteriores a la 2.8.10 y a la 2.9.1, que podría permitir que un usu... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-184: Incomplete List of Disallowed Inputs CWE-502: Deserialization of Untrusted Data •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 0CVE-2017-7536 – hibernate-validator: Privilege escalation when running under the security manager
https://notcve.org/view.php?id=CVE-2017-7536
26 Sep 2017 — In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). En Hibernate Val... • http://www.securityfocus.com/bid/101048 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 9.8EPSS: 16%CPEs: 3EXPL: 0CVE-2017-5929 – logback: Serialization vulnerability in SocketServer and ServerSocketReceiver
https://notcve.org/view.php?id=CVE-2017-5929
13 Mar 2017 — QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. QOS.ch Logback en versiones anteriores a 1.2.0 tiene una vulnerabilidad de serialización que afecta a los componentes SocketServer y ServerSocketReceiver. It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated att... • https://access.redhat.com/errata/RHSA-2017:1675 • CWE-502: Deserialization of Untrusted Data •