Security Vulnerabilities - CVEs Published In November 2019
lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1.
CVSS Score
4.3
EPSS Score
0.003
Published
2019-11-26
SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.
CVSS Score
9.8
EPSS Score
0.085
Published
2019-11-26
SQL injection vulnerability in Jifty::DBI before 0.68.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-26
Centreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 allows XSS via myAccount alias and name fields.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-11-26
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-11-26
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.
CVSS Score
5.3
EPSS Score
0.006
Published
2019-11-26
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
CVSS Score
8.1
EPSS Score
0.019
Published
2019-11-26
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect
CVSS Score
4.3
EPSS Score
0.002
Published
2019-11-26
PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. (This can perform actions and retrieve data that only an administrator should have access to.) NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect
CVSS Score
8.1
EPSS Score
0.003
Published
2019-11-26
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect
CVSS Score
4.3
EPSS Score
0.002
Published
2019-11-26