CVSS: 8.5EPSS: 0%CPEs: 17EXPL: 0CVE-2018-10915 – postgresql: Certain host connection parameters defeat client-side security defenses
https://notcve.org/view.php?id=CVE-2018-10915
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. Se ha encontrado una vulnerabilidad en qemu-img, la biblioteca de cliente por defecto de PostgreSQL por la que libpq fracasa a la hora de restablecer su estado interno entre conexiones. Si se emplea una versión afectada de libpq se emplea con parámetros de conexión "host" o "hostaddr" desde entradas no fiables, los atacantes podrían omitir características de seguridad de conexión del lado del cliente, obtener acceso a conexiones con mayores privilegios o, posiblemente, provocar otro tipo de impacto mediante una inyección SQL. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html http://www.securityfocus.com/bid/105054 http://www.securitytracker.com/id/1041446 https://access.redhat.com/errata/RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2557 https://access.redhat.com/errata/RHSA-2018:2565 https://access.redhat.com/errata/RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2018:2721 https://access.redhat.com/errata&#x • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-14432 – openstack-keystone: Information Exposure through /v3/OS-FEDERATION/projects
https://notcve.org/view.php?id=CVE-2018-14432
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected. En el componente Federation de OpenStack Keystone en versiones anteriores a la 11.0.4, 12.0.0 y 13.0.0, una petición "GET /v3/OS-FEDERATION/projects" autenticada podría omitir las restricciones de acceso planeadas en los proyectos en lista. Un usuario autenticado podría descubrir proyectos a los que no están autorizados a acceder, filtrando todos los proyectos desplegados y sus atributos. • http://www.openwall.com/lists/oss-security/2018/07/25/2 http://www.securityfocus.com/bid/104930 https://access.redhat.com/errata/RHSA-2018:2523 https://access.redhat.com/errata/RHSA-2018:2533 https://access.redhat.com/errata/RHSA-2018:2543 https://www.debian.org/security/2018/dsa-4275 https://access.redhat.com/security/cve/CVE-2018-14432 https://bugzilla.redhat.com/show_bug.cgi?id=1606868 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10903 – python-cryptography: GCM tag forgery via truncated tag in finalize_with_tag API
https://notcve.org/view.php?id=CVE-2018-10903
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage. Se ha encontrado un error en python-cryptography, desde la versión 1.9.0 hasta la 2.3. • https://access.redhat.com/errata/RHSA-2018:3600 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10903 https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef https://usn.ubuntu.com/3720-1 https://access.redhat.com/security/cve/CVE-2018-10903 https://bugzilla.redhat.com/show_bug.cgi?id=1602931 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10898 – openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials
https://notcve.org/view.php?id=CVE-2018-10898
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials. Se ha detectado una vulnerabilidad en openstack-tripleo-heat-templates en versiones anteriores a la 8.0.2-40. Al implementarse mediante Director con la configuración por defecto, Opendaylight en RHOSP13 se configura con credenciales por defecto fácilmente adivinables. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials. • https://access.redhat.com/errata/RHSA-2018:2214 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10898 https://access.redhat.com/security/cve/CVE-2018-10898 https://bugzilla.redhat.com/show_bug.cgi?id=1600360 • CWE-798: Use of Hard-coded Credentials •
CVSS: 3.5EPSS: 0%CPEs: 27EXPL: 0CVE-2018-2767 – mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM)
https://notcve.org/view.php?id=CVE-2018-2767
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.securityfocus.com/bid/103954 http://www.securitytracker.com/id/1041294 https://access.redhat.com/errata/RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2729 https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html https://security.netapp.com/advisory/ntap-20180726-0002 https://usn.ubuntu.com/3725-1 https://usn.ubuntu.com/3725-2 https://www.debian.org/security/2018/dsa& • CWE-325: Missing Cryptographic Step •