CVSS: 7.8EPSS: 0%CPEs: 49EXPL: 0CVE-2021-22118 – spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application
https://notcve.org/view.php?id=CVE-2021-22118
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. En Spring Framework, versiones 5.2.x anteriores a 5.2.15 y versiones 5.3.x anteriores a 5.3.7, una aplicación WebFlux es vulnerable a una escalada de privilegios: al (re)crear el directorio de almacenamiento temporal, un usuario malicioso autenticado localmente puede leer o modificar archivos que han sido subidos a la aplicación WebFlux, o sobrescribir archivos arbitrarios con petición de datos de múltiples partes • https://security.netapp.com/advisory/ntap-20210713-0005 https://tanzu.vmware.com/security/cve-2021-22118 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-22118 https://bugzilla.redhat.com/show_bug.cgi?id=1974854 • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.4EPSS: 0%CPEs: 56EXPL: 0CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mc • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-5360
https://notcve.org/view.php?id=CVE-2020-5360
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems. Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5, son susceptibles a una Vulnerabilidad de Lectura Insuficiente del Búfer. Un atacante remoto no autenticado podría explotar esta vulnerabilidad resultando en un comportamiento indefinido o un bloqueo de los sistemas afectados • https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpuApr2021.html • CWE-125: Out-of-bounds Read CWE-127: Buffer Under-read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-14655
https://notcve.org/view.php?id=CVE-2020-14655
Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: SSL API). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Security Service accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 4.3EPSS: 0%CPEs: 101EXPL: 0CVE-2020-9488 – log4j: improper validation of certificate with host mismatch in SMTP appender
https://notcve.org/view.php?id=CVE-2020-9488
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1 Validación incorrecta del certificado con desajuste de host en el apéndice SMTP de Apache Log4j. Esto podría permitir que una conexión SMTPS fuera interceptada por un ataque de tipo man-in-the-middle que podría filtrar cualquier mensaje de registro enviado a través de ese appender. Corregido en Apache Log4j 2.12.3 y 2.13.1 • https://issues.apache.org/jira/browse/LOG4J2-2819 https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05%40%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f%40%3Cissues.hive.apache.org%3E https://lists.apache.o • CWE-295: Improper Certificate Validation •