Security Vulnerabilities - CVEs Published In October 2023
An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command.
This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-10-25
An authenticated XCC user can change permissions for any user through a crafted API command.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-10-25
An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command.
This affects ThinkSystem v2 and v3 servers with XCC; ThinkSystem v1 servers are not affected.
CVSS Score
4.1
EPSS Score
0.001
Published
2023-10-25
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-10-25
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-10-25
A missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-25
Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level, potentially resulting in its exposure.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-10-25
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to delete arbitrary files on the Jenkins controller file system.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-10-25
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are published during the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to publish arbitrary files from the Jenkins controller file system to the previously configured CloudBees CD server.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-10-25
Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-25