Security Vulnerabilities - CVEs Published In March 2019
A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The 'manage groups' capability did not have the 'XSS risk' flag assigned to it, but does have that access in certain places. Note that the capability is intended for use by trusted users, and is only assigned to teachers and managers by default.
CVSS Score
4.3
EPSS Score
0.003
Published
2019-03-25
A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via requests made by the page.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-03-25
A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted.
CVSS Score
4.3
EPSS Score
0.077
Published
2019-03-25
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users belonging to the wheel group to further escalate its privileges by modifying system files without user's knowledge. Successful exploitation requires uncommon system configuration.
CVSS Score
7.0
EPSS Score
0.001
Published
2019-03-25
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
CVSS Score
6.4
EPSS Score
0.001
Published
2019-03-25
Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. This could enable man-in-the-middle attacks between a container registry and the virt-cdi-component, leading to possible undetected tampering of trusted container image content.
CVSS Score
7.4
EPSS Score
0.001
Published
2019-03-25
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-25
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-03-25
An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-03-25
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-03-25