Security Vulnerabilities - CVEs Published In September 2020
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-09-18
Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-09-18
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
CVSS Score
7.4
EPSS Score
0.014
Published
2020-09-18
All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing.
CVSS Score
2.3
EPSS Score
0.0
Published
2020-09-18
A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-09-18
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-09-18
Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-09-18
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior,
does not properly control the allocation and maintenance of a limited
resource, thereby enabling an attacker to influence the amount of
resources consumed, eventually leading to the exhaustion of available
resources.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-09-18
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior,
exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-09-18
An issue was discovered in MISP before 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-09-18