CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-22119 – spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request
https://notcve.org/view.php?id=CVE-2021-22119
Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions. Spring Security versiones 5.5.x anteriores a 5.5.1, versiones 5.4.x anteriores a 5.4.7, versiones 5.3.x anteriores a 5.3.10 y versiones 5.2.x anteriores a 5.2.11 son susceptibles a un ataque de Denegación de Servicio (DoS) por medio de la iniciación de la Petición de Autorización en una Aplicación OAuth versión 2.0 Client Web y WebFlux. Un usuario o atacante malicioso puede enviar múltiples peticiones iniciando la Petición de Autorización para la Concesión del Código de Autorización, lo que tiene el potencial de agotar los recursos del sistema usando una sola sesión o múltiples sesiones • https://lists.apache.org/thread.html/r08a449010786e0bcffa4b5781b04fcb55d6eafa62cb79b8347680aad%40%3Cissues.nifi.apache.org%3E https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b21 • CWE-400: Uncontrolled Resource Consumption CWE-863: Incorrect Authorization •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32719 – Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in RabbitMQ federation management plugin
https://notcve.org/view.php?id=CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper <script> tag sanitization. This potentially allows for JavaScript code execution in the context of the page. The user must be signed in and have elevated permissions (manage federation upstreams and policies) for this to occur. The vulnerability is patched in RabbitMQ 3.8.18. • https://github.com/rabbitmq/rabbitmq-server/pull/3122 https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-5452-hxj4-773x https://herolab.usd.de/security-advisories/usd-2021-0011 https://access.redhat.com/security/cve/CVE-2021-32719 https://bugzilla.redhat.com/show_bug.cgi?id=1977008 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32718 – Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in RabbitMQ management UI
https://notcve.org/view.php?id=CVE-2021-32718
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `<script>` tag sanitization, potentially allowing for JavaScript code execution in the context of the page. In order for this to occur, the user must be signed in and have elevated permissions (other user management). The vulnerability is patched in RabbitMQ 3.8.17. As a workaround, disable `rabbitmq_management` plugin and use CLI tools for management operations and Prometheus and Grafana for metrics and monitoring. • http://seclists.org/fulldisclosure/2021/Dec/3 https://github.com/rabbitmq/rabbitmq-server/pull/3028 https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-c3hj-rg5h-2772 https://access.redhat.com/security/cve/CVE-2021-32718 https://bugzilla.redhat.com/show_bug.cgi?id=1977002 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-21998
https://notcve.org/view.php?id=CVE-2021-21998
VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to authenticate. VMware Carbon Black App Control versiones 8.0, 8.1, 8.5 anteriores a 8.5.8 y versiones 8.6 anteriores a 8.6.2, presenta una omisión de autenticación. Un actor malicioso con acceso de red al servidor de administración de VMware Carbon Black App Control podría obtener acceso administrativo al producto sin necesidad de autenticarse • https://www.vmware.com/security/advisories/VMSA-2021-0012.html? • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-21999 – VMware Workstation Tools Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21999
VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges. VMware Tools para Windows (versiones 11.x.y anteriores a 11.2.6), VMware Remote Console para Windows (versiones 12.x anteriores a 12.0.1) , VMware App Volumes (versiones 2.x anteriores a 2.18.10 y versiones 4 anteriores a 2103) contienen una vulnerabilidad de escalada de privilegios local. Un atacante con acceso normal a una máquina virtual puede explotar este problema al colocar un archivo malicioso renombrado como "openssl.cnf" en un directorio no restringido que permitiría ejecutar código con privilegios elevados This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the VGAuthService service. • https://www.vmware.com/security/advisories/VMSA-2021-0013.html https://www.zerodayinitiative.com/advisories/ZDI-21-754 • CWE-427: Uncontrolled Search Path Element •