Security Vulnerabilities - CVEs Published In October 2023
tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator new [] vs operator delete) error.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-12
A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-10-12
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-12
An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that is displayed by default. If the data to be displayed contains JavaScript this code is executed in the browser and can perform any operations that the current user is allowed to perform silently.
KNIME Analytics Platform already has configuration options with which sanitization of data can be actived, see https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal https://docs.knime.com/latest/webportal_admin_guide/index.html#html-sanitization-webportal . However, these are off by default which allows for cross-site scripting attacks.
KNIME Analytics Platform 5.2.0 will enable sanitization by default. For all previous releases we recommend users to add the corresponding settings to the executor's knime.ini.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-10-12
SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.
CVSS Score
8.1
EPSS Score
0.008
Published
2023-10-12
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are
susceptible to a vulnerability which may allow authenticated
unprivileged users to modify email and snapshot name settings within the
VMware vSphere user interface.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-12
SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to a
vulnerability which may allow an authenticated unprivileged user to gain
access as an admin user.
CVSS Score
8.3
EPSS Score
0.002
Published
2023-10-12
ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8,
9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow
a remote unauthenticated attacker to cause a crash of the HTTP service.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-10-12
SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-10-12
Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds.
CVSS Score
3.9
EPSS Score
0.001
Published
2023-10-12