CVE-2021-31891
https://notcve.org/view.php?id=CVE-2021-31891
A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges. Se ha identificado una vulnerabilidad en Desigo CC (Todas las versiones con módulo de extensión OIS), GMA-Manager (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Operation Scheduler (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Siveillance Control (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Siveillance Control Pro (Todas las versiones). La aplicación afectada neutraliza incorrectamente elementos especiales en una petición HTTP GET específica que podría conllevar a una inyección de comandos. • https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-20228 – ansible: basic.py no_log with fallback option
https://notcve.org/view.php?id=CVE-2021-20228
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en Ansible Engine versión 2.9.18, donde la información confidencial no está enmascarada por defecto y no está protegida por la funcionalidad no_log cuando se usa la funcionalidad sub-option del módulo basic.py. Este fallo permite a un atacante obtener información confidencial. • https://bugzilla.redhat.com/show_bug.cgi?id=1925002 https://github.com/ansible/ansible/pull/73487 https://www.debian.org/security/2021/dsa-4950 https://access.redhat.com/security/cve/CVE-2021-20228 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVE-2020-27825
https://notcve.org/view.php?id=CVE-2020-27825
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. Se encontró un fallo de uso de la memoria previamente liberada en el archivo kernel/trace/ring_buffer.c en el kernel de Linux (anteriores a la versión 5.10-rc1). Se presentó un problema de carrera en trace_open y el cambio de tamaño del búfer de la CPU ejecutándose paralelamente en diferentes CPUs, puede causar un problema de Denegación de Servicio (DOS). • https://bugzilla.redhat.com/show_bug.cgi?id=1905155 https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://security.netapp.com/advisory/ntap-20210521-0008 https://www.debian.org/security/2021/dsa-4843 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2020-25626 – django-rest-framework: XSS Vulnerability in API viewer
https://notcve.org/view.php?id=CVE-2020-25626
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious <script> tags, leading to a cross-site-scripting (XSS) vulnerability. Se encontró un fallo en Django REST Framework versiones anteriores a 3.12.0 y anteriores a 3.11.2. Cuando se usa el visor de la API navegable, Django REST Framework no puede escapar correctamente determinadas cadenas que pueden provenir de la entrada del usuario. • https://bugzilla.redhat.com/show_bug.cgi?id=1878635 https://security.netapp.com/advisory/ntap-20201016-0003 https://www.debian.org/security/2022/dsa-5186 https://access.redhat.com/security/cve/CVE-2020-25626 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-14365 – ansible: dnf module install packages with no GPG signature
https://notcve.org/view.php?id=CVE-2020-14365
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability. Se encontró un fallo en Ansible Engine, en ansible-engine versiones 2.8.x anteriores a 2.8.15 y ansible-engine versiones 2.9.x anteriores a 2.9.13, Cuando se instalan paquetes usando el módulo dnf. • https://bugzilla.redhat.com/show_bug.cgi?id=1869154 https://www.debian.org/security/2021/dsa-4950 https://access.redhat.com/security/cve/CVE-2020-14365 • CWE-347: Improper Verification of Cryptographic Signature •