Security Vulnerabilities - CVEs Published In April 2023
PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are provisioned onto the same machine at different times.
CVSS Score
3.8
EPSS Score
0.0
Published
2023-04-25
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. This is caused by the early return inside the hasValidCredentials method in the Illuminate\Auth\SessionGuard class when a user is found to not exist.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-04-25
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.
CVSS Score
7.7
EPSS Score
0.0
Published
2023-04-25
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID MFA, is vulnerable to MFA bypass under certain configurations.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-04-25
The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests.
CVSS Score
6.4
EPSS Score
0.001
Published
2023-04-25
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-04-25
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote code execution by injecting PHP code into settings.php. Attacks can use the PWS_printfile.php, PWS_frame_text.php, PWS_listfile.php, PWS_winter.php, and PWS_easyweathersetup.php endpoints. A contributing factor is a hardcoded login password of support, which is not documented. (This is not the same as the documented setup password, which is 12345.) The issue was fixed in late 2022.
CVSS Score
7.2
EPSS Score
0.01
Published
2023-04-25
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bernhard Kux JSON Content Importer plugin <= 1.3.15 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-25
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in George Pattihis Link Juice Keeper plugin <= 2.0.2 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-25
An HPE OneView appliance dump may expose proxy credential settings
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-25