Security Vulnerabilities - CVEs Published In April 2019
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
CVSS Score
8.1
EPSS Score
0.022
Published
2019-04-18
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string).
CVSS Score
9.8
EPSS Score
0.018
Published
2019-04-18
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
CVSS Score
7.5
EPSS Score
0.014
Published
2019-04-18
Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
CVSS Score
7.6
EPSS Score
0.002
Published
2019-04-18
Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.
CVSS Score
7.1
EPSS Score
0.264
Published
2019-04-18
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and clicking on Save Changes, the XSS Payload will execute.
CVSS Score
4.8
EPSS Score
0.004
Published
2019-04-18
GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-18
CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale can be found in https://github.com/square/okhttp/issues/4967
CVSS Score
5.9
EPSS Score
0.003
Published
2019-04-18
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
CVSS Score
3.3
EPSS Score
0.003
Published
2019-04-18
The Cprime Power Scripts app before 4.0.14 for Atlassian Jira allows Directory Traversal.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-04-18