DATABASE RESOURCES PRICING ABOUT US

{"id": "5F1A8E5DEF8C5B0BD8A337785BC9EC92521E4E1FC191BC80CFB2E92B4BEB7686", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities", "description": "## Summary\n\nThis Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Planning Analytics Workspace 2.0.73. This bulletin includes remediation for the Apache Log4j CVE-2021-44832 vulnerability. IBM Planning Analytics Workspace 2.0 has upgraded Apache Log4j to v2.17.1. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-35065](<https://vulners.com/cve/CVE-2021-35065>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the letter \"A\", a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208298>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-18413](<https://vulners.com/cve/CVE-2019-18413>) \n** DESCRIPTION: **TypeStack class-validator could allow a remote attacker to bypass security restrictions, caused by a flaw in the class-validator function. By sending a specially-crafted input, an attacker could exploit this vulnerability to bypass the class-validator to perform SQL Injection or XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170114](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170114>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-22308](<https://vulners.com/cve/CVE-2022-22308>) \n** DESCRIPTION: **IBM Planning Analytics is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216891](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216891>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L) \n \n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-35490](<https://vulners.com/cve/CVE-2020-35490>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193391](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193391>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35491](<https://vulners.com/cve/CVE-2020-35491>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193394](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193394>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** Third Party Entry: **217359 \n** DESCRIPTION: **npm swagger-ui-dist could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/217359 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Planning Analytics Workspace 2.0\n\n## Remediation/Fixes\n\nIt is strongly recommended that you apply the most recent security updates:\n\n \n[Download IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 73 from Fix Central ](<https://www.ibm.com/support/pages/node/6556458> \"Download IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 73 from Fix Central\" ) \n\n\nThis bulletin applies to IBM Planning Analytics Workspace Local v 2.0 (On-Prem). Remediation for IBM Planning Analytics with Watson will be completed in the March 2022 maintenance window. Please refer back to this Security Bulletin for further updates.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2022-02-18T20:23:11", "modified": "2022-02-18T20:23:11", "epss": [{"cve": "CVE-2017-7525", "epss": 0.53131, "percentile": 0.97279, "modified": "2023-12-06"}, {"cve": "CVE-2018-7489", "epss": 0.94983, "percentile": 0.991, "modified": "2023-12-06"}, {"cve": "CVE-2019-18413", "epss": 0.00163, "percentile": 0.52775, "modified": "2023-12-06"}, {"cve": "CVE-2020-25649", "epss": 0.00405, "percentile": 0.70787, "modified": "2023-12-06"}, {"cve": "CVE-2020-35490", "epss": 0.00262, "percentile": 0.63651, "modified": "2023-12-06"}, {"cve": "CVE-2020-35491", "epss": 0.00262, "percentile": 0.63651, "modified": "2023-12-06"}, {"cve": "CVE-2021-35065", "epss": 0.00056, "percentile": 0.21301, "modified": "2023-12-06"}, {"cve": "CVE-2021-41182", "epss": 0.00311, "percentile": 0.66743, "modified": "2023-12-06"}, {"cve": "CVE-2021-41183", "epss": 0.00262, "percentile": 0.63661, "modified": "2023-12-06"}, {"cve": "CVE-2021-41184", "epss": 0.00292, "percentile": 0.65696, "modified": "2023-12-06"}, {"cve": "CVE-2021-44832", "epss": 0.02602, "percentile": 0.89135, "modified": "2023-12-06"}, {"cve": "CVE-2022-22308", "epss": 0.00058, "percentile": 0.22172, "modified": "2023-12-06"}], "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 8.5}, "severity": "HIGH", "exploitabilityScore": 6.8, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/6557106", "reporter": "IBM", "references": [], "cvelist": ["CVE-2018-7489", "CVE-2019-18413", "CVE-2020-25649", "CVE-2020-35490", "CVE-2020-35491", "CVE-2021-35065", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-44832", "CVE-2022-22308"], "immutableFields": [], "lastseen": "2023-12-08T20:54:37", "viewCount": 39, "enchantments": {"backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2022-1734"]}, {"type": "broadcom", "idList": ["BSA-2021-1658"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-1011"]}, {"type": "checkpoint_security", "idList": ["CPS:SK176865"]}, {"type": "cisco", "idList": ["CISCO-SA-APACHE-LOG4J-QRUKNEBD"]}, {"type": "citrix", "idList": ["CTX335705"]}, {"type": "cve", "idList": ["CVE-2019-18413", "CVE-2021-44832"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2638-1:5B442", "DEBIAN:DLA-2870-1:54673", "DEBIAN:DSA-4190-1:7ADD0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-7489", "DEBIANCVE:CVE-2020-25649", "DEBIANCVE:CVE-2020-35490", "DEBIANCVE:CVE-2020-35491", "DEBIANCVE:CVE-2021-41182", "DEBIANCVE:CVE-2021-41183", "DEBIANCVE:CVE-2021-41184", "DEBIANCVE:CVE-2021-44832"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2022-001"]}, {"type": "f5", "idList": ["F5:K14122652"]}, {"type": "fedora", "idList": ["FEDORA:9A45F6078C22", "FEDORA:ECB8530BC708"]}, {"type": "freebsd", "idList": ["93F8E0FF-F33D-11E8-BE46-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-288C-CQ4H-88GQ", "GHSA-8489-44MV-GGJ8", "GHSA-CGGJ-FVV3-CQWV", "GHSA-R3GR-CXRF-HG25", "GHSA-WH8G-3J2C-RQJ5", "GITHUB:070AFCDE1A9C584654244E41373D86D8"]}, {"type": "githubexploit", "idList": ["02390955-9697-5950-8297-164CBB7695F0", "2AF7350D-AB79-5AB5-8AF9-0F351CE13D30", "342CC1B7-6E24-5767-A7B1-90B95A91B503", "44463794-7940-582A-AFFF-676628A86A72", "54E7D93D-9216-5EDE-A4AD-8324A367E67B", "66903BCE-DCE3-5FB9-B078-75CC2AD46662", "6D93189D-E2D8-5571-88D5-D778E1CB9C23", "7B9BDDBA-81E8-5739-B3F7-419C0D6E2316", "836D22A0-0180-5937-A713-205130D72BDC", "9529CA86-8F3A-503D-9D02-94AC19D0CDD4", "958F00F1-C4FC-5213-82EA-290A530F859B", "A4A33F39-BA6F-5AC0-B72C-30F0E4D6CD56", "C68080B0-3163-5E76-AD65-2B454DBB95EE", "C76F7089-967B-5A7F-B8DA-629452876A2A", "C772DCBB-20D0-51DD-A580-F96689E65773", "DECBAC7B-9235-5E00-81C1-142CD41306FB", "E07C4625-66EE-5E09-880C-251E6273C21A"]}, {"type": "hivepro", "idList": ["HIVEPRO:205916945365E4C9EB9829951A82295A"]}, {"type": "ibm", "idList": ["1360BEF97E01B87A4E58CA581A1F32ECD385845F24783D4980B6E64F68F389FB", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1E8EB664DDC627C3309FB200921E9D61D835AF04A5F675805F93C64918337FD4", "30E9FB4250193CA2C5AB02F5095C96F34F2044E06280324E18E38EEFD7C1490E", "3C757E6C207C325B90893148C70649850957A2F8AB27DE4E6D68D3EA4F71D013", "441A6459C1CBE843EDD7F5C4D862AA7C6F90584EA901F82EF1B6D31B418078EB", "5662007982BBB6B88D91C6C7393CC2022D9415D2290FD0DA76D55E99204FFF35", "89170AA222353F9A48D8A118FE03328E07C65970B2FBD60979FC33A65AECC8CB", "8B18A583802DE934D0ABAD4E3B44AE36DEAE634549737EEE9B825D44B47BD7DA", "990B694F8FEB56054D99331B4B4370CE96BC2A4FD7C4E2B75B5E537A91E83D24", "C65722F809C01B5483BEFD48484EDC46960C65030D132C9D08F70EDB8A00D231", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "DFF1640DBEB48B8BDF07B3856E1B96CFEE191A513A8879122CB35B6ECF091230", "E3F560319C0EA06228FA2D0D5412CFFD95B8D0963A65CBAC4B6D424BA4B7B434", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "FB37F0F7CF6522CCB3B684C95B5F64BEC8DDF83F29BF1BF109AD27B6810731D6"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2018-7489/", "MSF:ILITIES/FREEBSD-CVE-2018-7489/", "MSF:ILITIES/ORACLE-WEBLOGIC-CVE-2018-7489/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2018-7489/", "MSF:ILITIES/RED_HAT-JBOSS_EAP-CVE-2018-7489/", "MSF:ILITIES/RED_HAT-JBOSS_EAP-CVE-2019-10202/", "MSF:ILITIES/SUSE-CVE-2020-25649/"]}, {"type": "mmpc", "idList": ["MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mssecure", "idList": ["MSSECURE:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "nessus", "idList": ["APACHE_LOG4J_2_17_1.NASL", "DEBIAN_DLA-2638.NASL", "DEBIAN_DLA-2870.NASL", "FEDORA_2021-1D8254899C.NASL", "JQUERY-UI_1_13_0.NASL", "OPENSUSE-2021-4208.NASL", "OPENSUSE-2022-0002-1.NASL", "ORACLE_COHERENCE_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_OCT_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2021.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814143"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2022"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-44228"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:42335884011D582222F08AEF81D70B94"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:18D49792276E208F17E7D64BCE2FDEF6"]}, {"type": "redhat", "idList": ["RHSA-2022:0223"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-35490", "RH:CVE-2020-35491", "RH:CVE-2021-44228", "RH:CVE-2021-44832"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:4208-1", "OPENSUSE-SU-2022:0002-1"]}, {"type": "symantec", "idList": ["SMNTC-111284"]}, {"type": "thn", "idList": ["THN:1D10167F5D53B2791D676CF56488D5D9"]}, {"type": "threatpost", "idList": ["THREATPOST:136544A8850662645EB54E79AAB40F75"]}, {"type": "ubuntu", "idList": ["USN-5222-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-25649", "UB:CVE-2020-35490", "UB:CVE-2020-35491", "UB:CVE-2021-44832"]}]}, "score": {"value": 9.7, "vector": "NONE"}, "dependencies": {"references": [{"type": "adobe", "idList": ["APSB23-50"]}, {"type": "almalinux", "idList": ["ALSA-2023:1582", "ALSA-2023:1583", "ALSA-2023:1743", "ALSA-2023:2654"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-41182", "ALPINE:CVE-2021-41183"]}, {"type": "amazon", "idList": ["ALAS2-2022-1734"]}, {"type": "arista", "idList": ["ARISTA:0070"]}, {"type": "attackerkb", "idList": ["AKB:353D9D87-631E-4F2A-B130-5678B79BBCB4"]}, {"type": "broadcom", "idList": ["BSA-2021-1658"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-2159", "CPAI-2021-1011", "CPAI-2021-1090", "CPAI-2021-1288"]}, {"type": "checkpoint_security", "idList": ["CPS:SK176865"]}, {"type": "cisco", "idList": ["CISCO-SA-APACHE-LOG4J-QRUKNEBD"]}, {"type": "citrix", "idList": ["CTX335705"]}, {"type": "cnvd", "idList": ["CNVD-2022-13923"]}, {"type": "cve", "idList": ["CVE-2018-7489", "CVE-2019-10202", "CVE-2019-18413", "CVE-2020-25649", "CVE-2020-35490", "CVE-2020-35491", "CVE-2021-35065", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-44832", "CVE-2022-22308"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2406-1:00733", "DEBIAN:DLA-2406-1:5CA04", "DEBIAN:DLA-2638-1:5B442", "DEBIAN:DLA-2638-1:AB692", "DEBIAN:DLA-2870-1:54673", "DEBIAN:DLA-2889-1:E0D6C", "DEBIAN:DLA-3230-1:233EC", "DEBIAN:DSA-4190-1:21588", "DEBIAN:DSA-4190-1:7ADD0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-7489", "DEBIANCVE:CVE-2020-25649", "DEBIANCVE:CVE-2020-35490", "DEBIANCVE:CVE-2020-35491", "DEBIANCVE:CVE-2021-35065", "DEBIANCVE:CVE-2021-41182", "DEBIANCVE:CVE-2021-41183", "DEBIANCVE:CVE-2021-41184", "DEBIANCVE:CVE-2021-44832"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CONTRIB-2022-004", "DRUPAL-SA-CORE-2022-001", "DRUPAL-SA-CORE-2022-002"]}, {"type": "f5", "idList": ["F5:K14122652", "F5:K34002344", "F5:K50455702"]}, {"type": "fedora", "idList": ["FEDORA:33F853184440", "FEDORA:5B9703257D9C", "FEDORA:659033221693", "FEDORA:7ACB43067777", "FEDORA:7DC2630AEB07", "FEDORA:978EE3068B61", "FEDORA:9A45F6078C22", "FEDORA:AFA9330AF383", "FEDORA:BCFED30A3C21", "FEDORA:BFB9C30C9E8C", "FEDORA:D4D0A3067095", "FEDORA:E468830AF07B", "FEDORA:EA85730AFE74", "FEDORA:ECB8530BC708"]}, {"type": "freebsd", "idList": ["27C822A0-ADDC-11ED-A9EE-DCA632B19F10", "93F8E0FF-F33D-11E8-BE46-0019DBB15B3F"]}, {"type": "github", "idList": ["GHSA-288C-CQ4H-88GQ", "GHSA-8489-44MV-GGJ8", "GHSA-9GJ3-HWP5-PMWC", "GHSA-C27H-MCMW-48HV", "GHSA-CGGJ-FVV3-CQWV", "GHSA-CJ88-88MR-972W", "GHSA-FJ58-H2FR-3PP2", "GHSA-GPQQ-952Q-5327", "GHSA-J7QV-PGF6-HVH4", "GHSA-R3GR-CXRF-HG25", "GHSA-V57X-GXFJ-484Q", "GHSA-WH8G-3J2C-RQJ5", "GITHUB:070AFCDE1A9C584654244E41373D86D8"]}, {"type": "githubexploit", "idList": ["02390955-9697-5950-8297-164CBB7695F0", "2AF7350D-AB79-5AB5-8AF9-0F351CE13D30", "342CC1B7-6E24-5767-A7B1-90B95A91B503", "44463794-7940-582A-AFFF-676628A86A72", "54E7D93D-9216-5EDE-A4AD-8324A367E67B", "66903BCE-DCE3-5FB9-B078-75CC2AD46662", "6D93189D-E2D8-5571-88D5-D778E1CB9C23", "7B9BDDBA-81E8-5739-B3F7-419C0D6E2316", "9529CA86-8F3A-503D-9D02-94AC19D0CDD4", "C68080B0-3163-5E76-AD65-2B454DBB95EE", "C76F7089-967B-5A7F-B8DA-629452876A2A", "C772DCBB-20D0-51DD-A580-F96689E65773", "DECBAC7B-9235-5E00-81C1-142CD41306FB"]}, {"type": "hivepro", "idList": ["HIVEPRO:0D02D133141B167E9F03F4AC4CA5579A", "HIVEPRO:205916945365E4C9EB9829951A82295A"]}, {"type": "hp", "idList": ["HPSBHF03876"]}, {"type": "huntr", "idList": ["82B8FEB2-2ADB-4D99-9AAF-3D5BEE80B19A"]}, {"type": "ibm", "idList": ["0556F1DC5B30D5079CC9AC5473643A4E3229C388AA389B4C1FC98B72ED4E7AE5", "05BBDE1FB03AC43275CE3464D408E5E21E63D250E7B0CF0E90D314FBD5991752", "08803B708D4CA95FF8DD68A4DE7FBE7DEAA67387194E25D8CD693B135E7332D9", "08FF14BF18D2D8DEA2BCD9900A4BED9C481C9700F7CF99B6CD1B3F7EDA9C3865", "0CF13F8FB4FD77C6593C265FA8F397D0C4324FC1F07F86C436B4937E98B25DBF", "0E90BE57477FF48A1B6656796E64B27DD2F0FD10BE811D20B98E904E94B3762E", "11AC7F14B60A5C486180C6662F02676A29D51924B42EC510A55CFB87D09F8654", "12D6D8D7F99A3B7D0C4D8EF9EACD0CBFC5BFAF207DEEAB323ECC16AD5DD105C4", "1360BEF97E01B87A4E58CA581A1F32ECD385845F24783D4980B6E64F68F389FB", "16BD53FF8D4AF4008A6B9480C8D62C5AECEF46E4F486EC150D2D9BBC2C7349FC", "18093683E84B728958E0F281A825617C8CB9BDD8849E82D9F8BE38883660CB4C", "1827A1B8985F4A2B91EE262D4C17EF01B71CFEA86DB0A386BD1C1B098E2F4B69", "1A226F41CCEE49F182D2CE6E2913B939C921267EC05F27A8773B9DAF87654A6F", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1A98F50E1E735698FFAC4C9A1C23F5B7F50E375BE7EE85508BB03FE656980855", "1B99BE15EF0865EC7D6CAAD98E1510DF110D3FC32411F14658640A57804FCBB5", "1D0962C2DB9E45A67BD8161410DDF953960E39C9E80BC2FCF317962372317FA7", "1DC1593D1836D1525D6F440ACE74DA3A15D40CF4DB29276718503CD58BB74D54", "1E8EB664DDC627C3309FB200921E9D61D835AF04A5F675805F93C64918337FD4", "1FEF4B25F870CF814735A38118457F007D958810ADCF7C8C553468619FF1337F", "226444D26451741A120880149A9CA946711043C9063C8B5E2B0A7FB4B06432D9", "23980F37EDFBF5DFA892E9152EBD5E349FBE79FB2A858C312C9DC9251022F872", "24998913BBA24560DF90F23DACB1EE1AF91DAA3212C9A03EEBBD3A5EFE2155E0", "256D7977365CD514F903FC0D0240FD89D47444B078D35EB3DA4DD54AAC8C8661", "278B33580333ED28E55DD7063E392BB225BBFB1BB954C108D12E110FCDE077BE", "27B11849CE393237ADE7F7AFB1B4BECD78159FDF9951E5E30FB407F9DFA93273", "28932A2B46E12EA86EB64762E53A114C7EAE97254E4818FFBB7E3706DCBD4C0F", "2B3C9C8FEB87062CB2249D828A603478C6CE6A6307CF7103B8825D9FE81CAD3A", "2BFDCA9519D1EBA055CF77F0B8E839784D7443CCE06F89139434A242CD42DB5A", "2CEF62C50CDD94A991768F05F02F6E909CA28C3D65E1DDC9FE44EB80961223F7", "2ECE3B786054F61CA595AAF0F84D1E826CED90F49FBAEFF05CE55C1F8F413D29", "2F4BAE09DDC968B54378720622CC42A34228109494DD0EADFC1A7F899DBA0F6A", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "30495EE9B3C48AB51AC589D2A5956D977474A3BCCB9A67B54801DEE7685C5573", "3092B1C0BAC8BA0F65979D37C5545C23B95C45DF35290A26827618ACF0E8B4E8", "30E9FB4250193CA2C5AB02F5095C96F34F2044E06280324E18E38EEFD7C1490E", "3198DEC4E9D947362AF3768731656BD9FBF79E754C34F560CE23FD3D14F37BC8", "349AB443AFC0F9A0DCBBC79503DAD80FA9D227155C9781FACDB7620738CF7EA8", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "359D81A32B636B6B41B26FA1EB195DCDD898364CBE4C284C377BC53F3B665B24", "366CE799D9AEE4234CE4D38A22D774A769300127F0319D9238DAEC27C48436E1", "37DEA24D462A4FBAFF5F635701ADD4D7975920B040324F41A7D2C11D55FA659E", "37EB0FBFC18EAA8CBA405BA4A0486007287891F661D591E70F8DFD893065763F", "39D96B14EB572D15D163E89AF8FFEB5DBC072EF6E833A83F8DA3B89A5DBB7F82", "3A9B55763C1C0473228A4D4C82FC501C0EAAF3C51E020F75A80CE6CD65CC662F", "3B5CA39475D73EB1F673FE6D208449037B7B188E0C5761C0C18099C77DD55CC2", "3C757E6C207C325B90893148C70649850957A2F8AB27DE4E6D68D3EA4F71D013", "3F14338CF5893CE4D24AD3EA652BF863BF887AD4702C8D62827FAF3B7BA35B48", "40793F706E8E7D40E73D53F66523BA8AE8718C40C00FCEF117CE8DEAC4566FD6", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "42E2A358194D10969A587E1619263DAF26CB9ED7B107D2DF24882326792073A6", "437D7B7D5396727335BEAB09B5F82B3429C6A5BBB6878396ACA5D407743FF61B", "441A6459C1CBE843EDD7F5C4D862AA7C6F90584EA901F82EF1B6D31B418078EB", "46D17052F3251C0B3D153FDD5D0771739B636DF3179C7B0E07B10BDA68CED334", "4AB0975E08BC56107FE408EAB5B5BE88E706B439236C7F566A37398C9C1E0CCB", "4AF3F2925FA2FAC4247303F748E1EABFA2DFEF4045F7C3DA1E06B8C833F40639", "4BF7A5E750431865636D92E71393396C252B3F778FB89C0C3E599627DCB87306", "4F441F1EC2D2D7EA1D9033E689E8C62FE264F17CF627C618EF574955EF8C49D0", "5386FE1271B599B35C07E4CE74602B34BFA6835496174DF0B19F0F6517DF425D", "5662007982BBB6B88D91C6C7393CC2022D9415D2290FD0DA76D55E99204FFF35", "57C8014122573615025590EC2ECB0090790833D51A381D781A55C4F43EDA278D", "5933EF8E3015054BC951DB682E9526300B741E8D2A0F7151692088DF8A1C8A68", "59E669B8BB67D676E7382F77EAD621E08DFCFBF626C52F337A77A33EF6F33748", "5BB3B8EF53C6357C441C8592F64A284C30E9C1D6F5379087C40684A770A870AA", "5D661EA5B801079F3B7AF6D31A8566154E3150C1E3398EC1CFA32E9398BF38D3", "5D979AFFDF974F2910D0CF8FD15D323A264B0745C0ACF5B78092630C5EB271CE", "5ED570DDC2DC18EDBE3A6F896450F75892C392B6E12D967BD6C8F6E5EB0809E5", "61FF6F10F0D76277F85A8A525D2C9989283AB04F3D830BEC0894CE78DF0624A3", "62C5790D8C23001AA9D6B0F244A3D65BF3FDE3FE1AEFC7D08722A95802FD3723", "635E714DA56A0FFA8A22BFDD7DFA750905703B4E553FE2435190846F7AB29ABA", "6631C04F89A8D2ED4BC1256E62C3AB820EB5DE675CE6766AA9AFAB238EA92F40", "6655F0CA454D34B530E468D672328E7DE915E373D5DF7A2E41376F7E2B588F5F", "666E4FBDA68F1376E7E84944B116ED00320BF80162EF68755AD1CD31AE358231", "6741052F2A7BCCF76F84825C9FE706D98BCF279A0C055A783796DC802C323E13", "674DDEB58033DAB9D03ED4483C0C1118FD09DBE69E73AD0AAC428EBFC61E2474", "67A6DAD4F7DB5EFA4D058E5FA0886E6D1185C31EE7AFA1B194E5CA4D0F4A3F5C", "681632DB937D8710D504BF7DCA3C2076B9C8ED4D143CFC32EE98411B96F2B0DF", "6C6D0940826336DDE7832D99EA3E6BDC3CE6950B9638280B5C586B4770666429", "6D72F5E2F90CAC5A4D151DD3483103FAB60A4A6FCD9FF4EB47E5E45ACF7A4129", "6DF2E72D03F9AA8435A0A58D154D82EDF5203309F8C81C42E35CBC71D2A79BDD", "6DFE02E47206439339CF69003DED7C6A339BE8A9FDA6611EA300ACF64BDB9DD1", "6F94CB870CE7DC12A208FB074AC37486943B72F8EBC740A0D213FC32A09D224D", "7061882A844BC1B159CD9483EEA32DBAF5175CB9800976F7DD1F381723E88538", "735F09E8DCB7611158B10620052B6DC619504F6C2DD143C4F7A15667EBB2C996", "77486B8B5BB16D0AE922BE517509C1AEDA2019428A2A23BADFAE5682D363F74A", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "77E3C17864071E6772CDF6C8E252ACF8E77FD5D30AB4631D569A5A980B8C27A1", "7CFF760ED43EACB85DD304FEF6EEAD9D89C48ADE6361641E84EF811056B6811F", "7DAA1079EC80CD5A34A54CC4F091B8B38553BE4A9A89DC95810848A4E4B45568", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E14B22ECA169752ECE98AF6029993D38DAD48CA63B7F7A2541E649258A2178A", "7E18B438D1C420D8FB4F0763D89974D25E4342FB6DD3A5ED861C0784B3F46C2C", "8100CF1B023272EDAFF88ABDE400B8F52CC64F36BC592F575C4E3520F9EF6702", "83188B7337A79BED2EE122E55D4C81A473739295B1921C9346E1F37B317DCD40", "837053881E5EA3C6EA980180D7C7511FA7016F0506D6270160A596789757E6E7", "84B9F968C99F1D06D139A9613E0943A5C824556A856DEFE8DEE64E68329DDB5C", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "89170AA222353F9A48D8A118FE03328E07C65970B2FBD60979FC33A65AECC8CB", "895F4CFDE7BED79352BE28A05DAE6E5D059FA356E0FB142F85559DC4743501F6", "89E699B806727E33E450302956E4D536B906A5F4CF0C0791EBBC25F005461B6D", "8B18A583802DE934D0ABAD4E3B44AE36DEAE634549737EEE9B825D44B47BD7DA", "8B1D9C3BB3CE6364BD0FE7732D06F394D6218ADAB37D1876856BEEE8923DFA4A", "8BF9E951D2952E5BFD9190BD6EED01A626E5267E6C5A41ABE0F6BDA10ED75439", "8DD827D74AF85708EA2C9099D87AA731E017BAE733F136194953C1481A380280", "8ECA6222D3C238F29A31FEE8DEAFD26C737F2975DCA8D95684CFF7F79AA0F358", "90246D34A2A9EC4005A1B788C09D0DF4366E66BC9D5DC5A39EEF5286DE79E161", "9052D87C0A77FDE9339BE13D5F9E4733073147348EB17E7CF0F5B741C451ECC3", "92C22BB80F005566A9B6BC13CEB85433025D25B49B4109FF79DFC90B8A2B7A4A", "92C2D58DB9DA7102D7F9C515B4EE2CED16C0735F48AA49B707B24837E12E16B9", "92F2A9B7C4EEEC292BB19AAFE8AFF26AD8870C022D98AD670334DBE43D053D61", "96004A5F0BCA499E57604F5222E28642F8BB3CC611C03BA8BD6830BAF6767297", "967E57EB9FB79991C919380A9DC8DFBFBD7BD669CACE09586C2CCF67B0504A90", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "990B694F8FEB56054D99331B4B4370CE96BC2A4FD7C4E2B75B5E537A91E83D24", "9973A30D5630E39198D3B0DF1635AEA7ACB3BA34E41A48861C7EA2358D240D3E", "998E998A37AA40076F35ACE20C7E0016E44B1CC4EFB6AE26D0761C68B7C99657", "99936FAC1F0A73E3167039C2601186519A3F8ED2D368F09EF3B457B2D57462EA", "9B4A660DC59FDA6065DC45501A2E117A7010B19EF8A21DCCDC799BD89E6DA49F", "9B7D3514323721C913B7F4B7440815DE71E19E0CE2EFA7FD71FC9C8ECEE2F069", "9CF440D80F7C3ADDF67027FEB0B656E02CC2277FA267330BADF00CF32A1D4BEF", "9FD1AC6E7F93ABD6198F576C4AC025E8DFA5007533DBD2FE78CC5BE3497FF3D6", "A04FE2EEFC21C3A9305B1CF7463C731D28C17EB5521A8E54F5F564939C5E91E2", "A0EF1B53F76A87117F5A8C9A4208296020E4E538E12E58B3F85BF4F0ADDB481A", "A1610C4151E05207C2B70F00002FE2069C48E736E5F65C67864C8C78D8372D2B", "A1D2EE183CE8C9693B1DCADBA6A6AC4E58CAAD746DE6081E211B0D2080D3C3E4", "A2B7B3BF6FCA39AA75ECAA4E73CA474375D79E4943FB0AA53D4AF9C31A37E9B5", "A2BAC82E395F9C0C2BED37EEE45890A06C1C799AB1B521E972E4D70A5F31ECA7", "A2F7E57DAD21E2D5E4DB804EB652C6CD00E5CDF5B0D67125B95F4E269BA69025", "A339910401C1CBEBCD02CB63650E2A2F954071F79CBC8E8EA704AFBB756CF438", "A4DED06E2C9F4A28ADEF0AA4C6EEFDDF9D1F431EA3CF997F41E7EA22CA7B12B7", "A7C08E9177A10AC583EA198F89BF0B091ED0697BF42F39DC0B151F7465C9BAF3", "A8080DF589F1BFC2BF6B98ABD8B92D2C07AAE6F3E14977386069111BB800A09C", "A986F0D7B51C204D69DD897A085F9CB249B65DF7C839AF92D49287ACDEBDA05D", "AC579EF06A63C7679B2D7EC4B67819D5F33EC90E9760AA522990209580D45436", "ACEB831DB775B18663FB8C7ED41AB48BFEC59B9270C9444D8DADE42DF02434E0", "AE395445C7C7240CD17B06CE58A20D98731AA33DE1AAF047F3A02C424CBD3F87", "AFF479D95FDAD4900AA4F096E105276FA32246E4CF2C4642D2BFEACB19522885", "AFFC971A929ABC4A5177F4FBA7D32B82C0ACBC71AEFBBD3E440D08B12B022B51", "B1EA708CCF72B8264EA46A7D99E1616E7334C67D440D87A4F97B2B4087696EFD", "B300A5D652EC479A42B90F53FEAC0B8B63AD909FE1C854841165B9EDB2620C73", "B301E3BA36CF8897185EB51E86542B39D3D05EDE0AA3B1DAADFE9F809DDA0C1F", "B47B01CFCEE320F0AE033C32D22579706D0B59585EDEDF3D908CA06FA3E92084", "B5B6C4769983441433B811EF3AAED6CFC993849D42BC924ECF1CCA5E34838148", "B646346CD0E40AB78D9B68A80759174B5332138B354289F2D1DD2721C376AA56", "B673694C2888EE95A6BAB04A5C155DEAA18A41E4DF0C4AE45D1C5C2E3FD7151D", "C4B2A7F25639B468CB0778EA1E561F435356D460FB4D417EEBDD1C83186B56CD", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "C65722F809C01B5483BEFD48484EDC46960C65030D132C9D08F70EDB8A00D231", "C786E96DD673C5766A45B6750BE6B879F3CF37718ACD79668ADC1130AF26E274", "C7DD07DAD80496C03ABFD0EE55F04C1759F2915C9B0A8C1F66F87E8D2110B95B", "C80232268E47B2638A1602C3F974312D284C64B656468B785AFD070887CF6B6B", "CCA2C68EF569C58F2CD1B5927035CEFEACBB9429A63AB8C973E5D68208E4AD02", "CCE2284A1DEFC26817EC9BCCD38DA7A3854365480FF9426304A46C0C98F30195", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "CDB95A8580AD247B239607B2769A506C10A81055AF8F4063AA0D26A850A33B58", "CE291DB15FB1A7FDE49870DEF70725290D757902B5EB4009CD8DC9710150329D", "CE5C782D5B6A194605FF1969D54D86EA7B4F5A28ADDE4884D6DC86FF22C94536", "CF1C387E16CABF8D81AAB4B6A53874DE0D663EE059046460B3A0D1EEB8D2E762", "D138CF49E6FBCAA675A233FF8BBC22B5BBB468193170BFE1965F464155B0FE14", "D1B56895A302CB106810B80548010A8993C467A6D8B6EA61EB430703400A5ED8", "D288D5ADF67DE9C3743BE8316D7F496F7CA64A396C1E8E9019178232D17AF15D", "D6A278AD53F24F8C2A141B0CE86714271C028E265EA5E488D59254EE85EA8F0B", "D8B2C690BC453B0C6AB3A2CF7E5E65EF93E85D2A0C5EF5F6F1DF14C2FFFBF720", "DACB3E9783156FCD47517FD5E71AA5A2242EAA043F56F2EA75EC325BA052BDDD", "DD0EE895B8C1D023C4A9C7DA2726D4CAC8D1495A05DF9FE91915F58FF012245D", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "DEFDCD26C45B3B0682E2C6442165C4FAD4F22E5706D69FE7837EA5D52ADE831B", "DF1F3615A0C3950BF1BCF7F7E12370C0F3A7DBD2E12D656DC66F966233BD6A40", "DFF1640DBEB48B8BDF07B3856E1B96CFEE191A513A8879122CB35B6ECF091230", "E2AA9B11D88890FE4ED3C245CC3A519ACAAD11F11F032D2AE032FE428B8C4012", "E2E1AB8B9E10CF0970D428552F10FD3FEA7D405315E7CCA6431E3F0E8079B159", "E3F560319C0EA06228FA2D0D5412CFFD95B8D0963A65CBAC4B6D424BA4B7B434", "E4DC5C75AB8DC1EFE3474E65C33B8EED76C2B358258DE3E2C7A0C0EA9FD53126", "E5138E231899A09B05DC534B4777976B17A0246B1FA15B8342DBF280F6CFD669", "E805A2E822F9F587AC809C6A8CA399694FA0BD883078F64EF001D4B79132B879", "E8785330052719CAFEAAD58D08CA6A5AC216720B2ADB457FB5C017CF4DA084A7", "E8825B71ACE31BFAA5662E2357C5EEB425BA842AC21E60C761364799BFD2FEE3", "EA3F9619545419A098A554C6AA49233D406E118A8A2221EEFF0BABB483AAC02B", "F0259373A53F6B73B3C7BD9A2F3F10DB053D9CC563866E61F5A496D33B416EA9", "F203AF8FB4A9FED8F009C8BF5E3F7D7714130DCBC84CDBF1BE1C83E438B18982", "F2719E2760E07B98F3971587EEE2002655F8B8F5281074DED92EF416C43F19C8", "F2BC67EAFE3FB2B6D727749BE51CA6E2C0B10F71672B140D5EFF2E7D2355E378", "F2C60EF9E96AA9B7F20810A32ABE6C58279506718A61C2BD9D6A6DF787CD9EA7", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "F532C527613357C6A2A49FB79425351FAA7200585028A4FA9898C13802895FB6", "F5EB55E6DBF388E7CB6C76AFCD8A50A86C1FE6B41E6933749DC88EF56B7E408E", "FB294BF49176D6C142EF1CFE519D56E0B6967174C95D88BDD800F026AD0FBE3B", "FB37F0F7CF6522CCB3B684C95B5F64BEC8DDF83F29BF1BF109AD27B6810731D6", "FBA658AB7258D6E577137D42B1A2D234254671E3792A2242E92F22B44483BD23", "FDA1C58A907FB5C9F6CD5E9B7632A71F19AA8263ABCC465A805B3F7EE2E1869C"]}, {"type": "mageia", "idList": ["MGASA-2021-0153", "MGASA-2022-0002"]}, {"type": "mmpc", "idList": ["MMPC:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "mssecure", "idList": ["MSSECURE:42ECD98DCF925DC4063DE66F75FB5433"]}, {"type": "nessus", "idList": ["ACTIVEMQ_5_15_5.NASL", "AL2022_ALAS2022-2022-225.NASL", "ALMA_LINUX_ALSA-2023-2654.NASL", "APACHE_LOG4J_2_17_1.NASL", "CENTOS8_RHSA-2023-1582.NASL", "CENTOS8_RHSA-2023-1583.NASL", "CENTOS8_RHSA-2023-1743.NASL", "DEBIAN_DLA-2406.NASL", "DEBIAN_DLA-2638.NASL", "DEBIAN_DLA-2870.NASL", "DEBIAN_DLA-3230.NASL", "DEBIAN_DLA-3551.NASL", "DEBIAN_DSA-4190.NASL", "DELL_WYSE_MANAGEMENT_SUITE_DSA-2022-143.NASL", "DRUPAL_9_3_3.NASL", "FEDORA_2018-633ACF0ED6.NASL", "FEDORA_2021-1D8254899C.NASL", "FEDORA_2022-9D655503EA.NASL", "FEDORA_2022-BF18450366.NASL", "FEDORA_2023-5C6F32DB6F.NASL", "FREEBSD_PKG_27C822A0ADDC11EDA9EEDCA632B19F10.NASL", "FREEBSD_PKG_93F8E0FFF33D11E8BE460019DBB15B3F.NASL", "JFROG_ARTIFACTORY_7_11_1.NASL", "JQUERY-UI_1_13_0.NASL", "LOG4J_VULNERABLE_ECOSYSTEM_LAUNCHER.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_30.NASL", "NESSUS_TNS-2022-11.NASL", "NESSUS_TNS-2022-21.NASL", "NNM_6_0_1.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "NUTANIX_NXSA-AOS-6_1_1.NASL", "OPENSUSE-2021-221.NASL", "OPENSUSE-2021-4208.NASL", "OPENSUSE-2022-0002-1.NASL", "ORACLELINUX_ELSA-2023-1582.NASL", "ORACLELINUX_ELSA-2023-1583.NASL", "ORACLELINUX_ELSA-2023-1743.NASL", "ORACLELINUX_ELSA-2023-2654.NASL", "ORACLE_BPM_CPU_JUL_2023.NASL", "ORACLE_COHERENCE_CPU_APR_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_APR_2022.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_CPU_APR_2022.NASL", "ORACLE_ESSBASE_CPU_OCT_2022.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_APR_2022.NASL", "ORACLE_JDEVELOPER_CPU_APR_2022.NASL", "ORACLE_OBIEE_CPU_APR_2023_OAS.NASL", "ORACLE_OBIEE_CPU_JUL_2023_OAS.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2022.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2021.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_OCT_2018.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_JAN_2022.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2022.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2022.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2021.NASL", "ORACLE_RDBMS_CPU_JUL_2021.NASL", "ORACLE_RDBMS_CPU_JUL_2022.NASL", "ORACLE_RDBMS_CPU_OCT_2018.NASL", "ORACLE_RDBMS_CPU_OCT_2023.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2022.NASL", "ORACLE_WEBCENTER_SITES_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2021.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2023.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2018.NASL", "REDHAT-RHSA-2018-1448.NASL", "REDHAT-RHSA-2018-1449.NASL", "REDHAT-RHSA-2018-1451.NASL", "REDHAT-RHSA-2018-2089.NASL", "REDHAT-RHSA-2018-2090.NASL", "REDHAT-RHSA-2020-4312.NASL", "REDHAT-RHSA-2020-4401.NASL", "REDHAT-RHSA-2020-5340.NASL", "REDHAT-RHSA-2020-5341.NASL", "REDHAT-RHSA-2020-5342.NASL", "REDHAT-RHSA-2021-0381.NASL", "REDHAT-RHSA-2022-1296.NASL", "REDHAT-RHSA-2022-1297.NASL", "REDHAT-RHSA-2022-4711.NASL", "REDHAT-RHSA-2023-0612.NASL", "REDHAT-RHSA-2023-1043.NASL", "REDHAT-RHSA-2023-1044.NASL", "REDHAT-RHSA-2023-1045.NASL", "REDHAT-RHSA-2023-1533.NASL", "REDHAT-RHSA-2023-1742.NASL", "REDHAT-RHSA-2023-1743.NASL", "REDHAT-RHSA-2023-2654.NASL", "ROCKY_LINUX_RLSA-2023-1582.NASL", "ROCKY_LINUX_RLSA-2023-1583.NASL", "ROCKY_LINUX_RLSA-2023-1743.NASL", "SECURITYCENTER_5_21_0_TNS_2022_04.NASL", "SUSE_SU-2022-1678-1.NASL", "UBUNTU_USN-5181-1.NASL", "UBUNTU_USN-5222-1.NASL", "UBUNTU_USN-6419-1.NASL", "WEB_APPLICATION_SCANNING_113042"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704190", "OPENVAS:1361412562310814143"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2022", "ORACLE:CPUJAN2023", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUJUL2023", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022", "ORACLE:CPUOCT2023"]}, {"type": "oraclelinux", "idList": ["ELSA-2023-1582", "ELSA-2023-1583", "ELSA-2023-1743", "ELSA-2023-2654"]}, {"type": "osv", "idList": ["OSV:DLA-2406-1", "OSV:DLA-2638-1", "OSV:DLA-2889-1", "OSV:DLA-3230-1", "OSV:DSA-4190-1", "OSV:GHSA-288C-CQ4H-88GQ", "OSV:GHSA-8489-44MV-GGJ8", "OSV:GHSA-9GJ3-HWP5-PMWC", "OSV:GHSA-C27H-MCMW-48HV", "OSV:GHSA-CGGJ-FVV3-CQWV", "OSV:GHSA-CJ88-88MR-972W", "OSV:GHSA-FJ58-H2FR-3PP2", "OSV:GHSA-GPQQ-952Q-5327", "OSV:GHSA-J7QV-PGF6-HVH4", "OSV:GHSA-R3GR-CXRF-HG25", "OSV:GHSA-V57X-GXFJ-484Q", "OSV:GHSA-WH8G-3J2C-RQJ5"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-44228"]}, {"type": "prion", "idList": ["PRION:CVE-2018-7489", "PRION:CVE-2019-10202", "PRION:CVE-2019-18413", "PRION:CVE-2020-25649", "PRION:CVE-2020-35490", "PRION:CVE-2020-35491", "PRION:CVE-2021-35065", "PRION:CVE-2021-41182", "PRION:CVE-2021-41183", "PRION:CVE-2021-41184", "PRION:CVE-2021-44832", "PRION:CVE-2022-22308"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:42335884011D582222F08AEF81D70B94"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:18D49792276E208F17E7D64BCE2FDEF6", "RAPID7BLOG:AB5C0BC130F45073226CC41D25680EA0"]}, {"type": "redhat", "idList": ["RHSA-2018:1447", "RHSA-2018:1448", "RHSA-2018:1449", "RHSA-2018:1450", "RHSA-2018:1451", "RHSA-2018:1786", "RHSA-2018:2088", "RHSA-2018:2089", "RHSA-2018:2090", "RHSA-2018:2938", "RHSA-2018:2939", "RHSA-2019:2858", "RHSA-2019:3149", "RHSA-2020:2562", "RHSA-2020:4312", "RHSA-2020:4379", "RHSA-2020:4401", "RHSA-2020:4402", "RHSA-2020:5340", "RHSA-2020:5341", "RHSA-2020:5342", "RHSA-2020:5344", "RHSA-2020:5361", "RHSA-2020:5410", "RHSA-2020:5533", "RHSA-2021:0381", "RHSA-2021:0811", "RHSA-2021:1230", "RHSA-2021:1260", "RHSA-2021:1429", "RHSA-2021:1515", "RHSA-2021:2039", "RHSA-2021:2475", "RHSA-2021:2476", "RHSA-2022:0083", "RHSA-2022:0138", "RHSA-2022:0181", "RHSA-2022:0203", "RHSA-2022:0205", "RHSA-2022:0216", "RHSA-2022:0222", "RHSA-2022:0223", "RHSA-2022:0225", "RHSA-2022:0226", "RHSA-2022:0227", "RHSA-2022:0230", "RHSA-2022:0236", "RHSA-2022:0467", "RHSA-2022:0485", "RHSA-2022:0493", "RHSA-2022:1296", "RHSA-2022:1297", "RHSA-2022:1299", "RHSA-2022:4711", "RHSA-2023:0612", "RHSA-2023:0634", "RHSA-2023:0934", "RHSA-2023:1043", "RHSA-2023:1044", "RHSA-2023:1045", "RHSA-2023:1047", "RHSA-2023:1049", "RHSA-2023:1533", "RHSA-2023:1582", "RHSA-2023:1583", "RHSA-2023:1742", "RHSA-2023:1743", "RHSA-2023:2654", "RHSA-2023:2655"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-7489", "RH:CVE-2019-10202", "RH:CVE-2020-25649", "RH:CVE-2020-35490", "RH:CVE-2020-35491", "RH:CVE-2021-35065", "RH:CVE-2021-41182", "RH:CVE-2021-41183", "RH:CVE-2021-41184", "RH:CVE-2021-44228", "RH:CVE-2021-44832"]}, {"type": "redos", "idList": ["ROS-20220125-04"]}, {"type": "rocky", "idList": ["RLSA-2023:1582", "RLSA-2023:1583", "RLSA-2023:1743"]}, {"type": "securelist", "idList": ["SECURELIST:C1F2E1B6711C8D84F3E78D203B3CE837"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:4208-1", "OPENSUSE-SU-2022:0002-1", "SUSE-SU-2022:1678-1"]}, {"type": "thn", "idList": ["THN:1D10167F5D53B2791D676CF56488D5D9", "THN:933FE23273AB5250B949633A337D44E1"]}, {"type": "threatpost", "idList": ["THREATPOST:136544A8850662645EB54E79AAB40F75", "THREATPOST:3A5F59D56E40560C393A3F69A362A31B"]}, {"type": "ubuntu", "idList": ["USN-5181-1", "USN-5222-1", "USN-6419-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-7489", "UB:CVE-2020-25649", "UB:CVE-2020-35490", "UB:CVE-2020-35491", "UB:CVE-2021-35065", "UB:CVE-2021-41182", "UB:CVE-2021-41183", "UB:CVE-2021-41184", "UB:CVE-2021-44832"]}, {"type": "veracode", "idList": ["VERACODE:25621", "VERACODE:27584", "VERACODE:28632", "VERACODE:28909", "VERACODE:31382", "VERACODE:32740", "VERACODE:32741", "VERACODE:32744", "VERACODE:33476", "VERACODE:5854"]}]}, "affected_software": {"major_version": [{"name": "ibm planning analytics workspace", "version": 2}]}, "epss": [{"cve": "CVE-2018-7489", "epss": 0.965, "percentile": 0.99317, "modified": "2023-05-01"}, {"cve": "CVE-2019-18413", "epss": 0.0013, "percentile": 0.46532, "modified": "2023-05-01"}, {"cve": "CVE-2020-25649", "epss": 0.0014, "percentile": 0.48322, "modified": "2023-05-01"}, {"cve": "CVE-2020-35490", "epss": 0.00184, "percentile": 0.5417, "modified": "2023-05-01"}, {"cve": "CVE-2020-35491", "epss": 0.00184, "percentile": 0.5417, "modified": "2023-05-01"}, {"cve": "CVE-2021-35065", "epss": 0.00049, "percentile": 0.15513, "modified": "2023-05-02"}, {"cve": "CVE-2021-41182", "epss": 0.00378, "percentile": 0.68811, "modified": "2023-05-02"}, {"cve": "CVE-2021-41183", "epss": 0.00249, "percentile": 0.61248, "modified": "2023-05-02"}, {"cve": "CVE-2021-41184", "epss": 0.00264, "percentile": 0.62566, "modified": "2023-05-02"}, {"cve": "CVE-2021-44832", "epss": 0.09463, "percentile": 0.93793, "modified": "2023-05-02"}, {"cve": "CVE-2022-22308", "epss": 0.0005, "percentile": 0.17401, "modified": "2023-05-02"}], "vulnersScore": 9.7}, "_state": {"dependencies": 1702069560, "score": 1702068971, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "1d9c2dc68b8ef8932f62469e3acd954d"}, "affectedSoftware": [{"version": "any", "operator": "eq", "name": "ibm planning analytics local"}]}

{"ibm": [{"lastseen": "2023-12-06T19:04:06", "description": "## Summary\n\nIBM\u00ae Security QRadar SOAR (formerly known as Resilient SOAR) is using a component with known Cross Site Scripting vulnerabilities. QRadar SOAR uses jQuery-UI, which is vulnerable to several XSS issues as listed below. QRadar SOAR has released an update that addresses these issues.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security QRadar SOAR| IBM Security QRadar SOAR prior to v44.0 \n \n\n\n## Remediation/Fixes\n\nUsers must upgrade to v44.0 or higher of IBM Security QRadar SOAR in order to obtain a fix for this vulnerability. You can upgrade the platform and apply the security updates by following the instructions in the \"**Upgrade Procedure**\" section in the [IBM Documentation](<https://www.ibm.com/docs/en/sqsp/44?topic=sig-upgrading-platform> \"IBM Documentation\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-03T17:06:48", "type": "ibm", "title": "Security Bulletin: IBM Security QRadar SOAR is using a component vulnerable to Cross Site Scripting (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-03-03T17:06:48", "id": "8100CF1B023272EDAFF88ABDE400B8F52CC64F36BC592F575C4E3520F9EF6702", "href": "https://www.ibm.com/support/pages/node/6561005", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:04:52", "description": "## Summary\n\nThis Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in IBM Aspera Shares 1.10.0 PL1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Aspera Shares| 0.0.0 - 1.10.0 \n \n## Remediation/Fixes\n\nIt is recommended to apply the fix as soon as possible, see links in the table below.\n\n**Product**| **Fixing VRM**| **Platform**| **Link to Fix** \n---|---|---|--- \nIBM Aspera Shares| 1.10.0 PL1| Linux| [click here](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7EOther%20software&amp;product=ibm/Other+software/Aspera+Shares&amp;release=1.10.0&amp;platform=All&amp;function=fixId&amp;fixids=IBM_Aspera_Shares_1.10.0_Linux_Windows_Patch_Level_1&amp;includeRequisites=1&amp;includeSupersedes=0&amp;downloadMethod=http>) \nIBM Aspera Shares| \n\n1.10.0 PL1\n\n| Windows| [click here](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7EOther%20software&amp;product=ibm/Other+software/Aspera+Shares&amp;release=1.10.0&amp;platform=All&amp;function=fixId&amp;fixids=IBM_Aspera_Shares_1.10.0_Linux_Windows_Patch_Level_1&amp;includeRequisites=1&amp;includeSupersedes=0&amp;downloadMethod=http>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-06-16T20:50:39", "type": "ibm", "title": "Security Bulletin: IBM Aspera Shares is vulnerable to cross-site scripting due to JQuery-UI (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-06-16T20:50:39", "id": "FDA1C58A907FB5C9F6CD5E9B7632A71F19AA8263ABCC465A805B3F7EE2E1869C", "href": "https://www.ibm.com/support/pages/node/7004731", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-28T16:29:12", "description": "## Summary\n\nThe jQuery-UI library is shipped as a component of Tivoli Netcool/Impact. Information about security vulnerabilities affecting jQuery-UI has been published in a security bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact| 7.1.0 \n \n\n\n## Remediation/Fixes\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Tivoli Netcool Impact 7.1.0| _7.1.0.24_| IJ35902| [IBM Tivoli Netcool Impact 7.1.0 FP24](<https://www.ibm.com/support/pages/ibm-tivoli-netcoolimpact-v710-fix-pack-24-710-tiv-nci-fp0024> \"IBM Tivoli Netcool Impact 7.1.0 FP24\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-12-10T10:54:12", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jQuery-UI affect IBM Tivoli Netcool Impact (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2021-12-10T10:54:12", "id": "967E57EB9FB79991C919380A9DC8DFBFBD7BD669CACE09586C2CCF67B0504A90", "href": "https://www.ibm.com/support/pages/node/6525274", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:35:34", "description": "## Summary\n\nA vulnerable version of JQuery-UI was used by API Connect. The fix includes updated JQuery-UI which addresses CVE-2021-41184, CVE-2021-41183, and CVE-2021-41182.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAPI Connect| V10.0.0.0 - V10.0.5.0 \nAPI Connect| V10.0.1.0 - V10.0.1.7 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading.**\n\n**Affected Product**| **Addressed in VRMF**| **Remediation / Fix** \n---|---|--- \nIBM API Connect V10.0.0.0 - V10.0.5.0| V10.0.5.1| \n\nAddressed in IBM API Connect V10.0.5.1\n\nThe UI component is impacted.\n\nFollow this link and find the appropriate package.\n\n<https://www.ibm.com/support/pages/node/6607906> \n \nIBM API Connect V10.0.1.0 - V10.0.1.7 \n| V10.0.1.8| \n\nAddressed in IBM API Connect V10.0.1.8\n\nThe UI component is impacted.\n\nFollow this link and find the appropriate package.\n\n<https://www.ibm.com/support/pages/node/6607673> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-21T22:13:58", "type": "ibm", "title": "Security Bulletin: API Connect is vulnerable to JQuery-UI Cross-Site Scripting (XSS) (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-10-21T22:13:58", "id": "735F09E8DCB7611158B10620052B6DC619504F6C2DD143C4F7A15667EBB2C996", "href": "https://www.ibm.com/support/pages/node/6831369", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:24:44", "description": "## Summary\n\nThe following vulnerabilities has been addressed in IBM Aspera Orchestrator 4.0.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Aspera Orchestrator| 4.0.0 and earlier \n \n\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as possible: \n\n**Product**| **Version**| **Platform**| **Link to Fix** \n---|---|---|--- \nIBM Aspera Orchestrator| 4.0.1| Linux| [click here](<http://www.ibm.com/support/fixcentral/quickorder?fixids=aspera-orchestrator-4.0.1.2b9681-0.x86_64&product=ibm%2FOther%20software%2FIBM%20Aspera%20Orchestrator&source=dbluesearch&mhsrc=ibmsearch_a&mhq=aspera%20orchestrator%204%26period%3B0%26period%3B1> \"Fix here\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-02T20:55:36", "type": "ibm", "title": "Security Bulletin: IBM Aspera Orchestrator was vulnerable to cross-site scripting due to multiple JQuery vulnerabilities (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-02-02T20:55:36", "id": "681632DB937D8710D504BF7DCA3C2076B9C8ED4D143CFC32EE98411B96F2B0DF", "href": "https://www.ibm.com/support/pages/node/6952581", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:48:21", "description": "## Summary\n\njQuery is shipped with IBM Tivoli Netcool Impact as part of its user interface. Information about security vulnerabilities affecting jQuery has been published in a security bulletin.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41182](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-31160](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact| 7.1.0 \n \n## Remediation/Fixes\n\n** IBM strongly recommends addressing the vulnerability now.**\n\nProduct| VRMF| APAR| Remediation \n---|---|---|--- \nIBM Tivoli Netcool Impact 7.1.0.0 - 7.1.0.31| 7.1.0.32| IJ48780| Upgrade to [IBM Tivoli Netcool Impact 7.1.0 FP32](<https://www.ibm.com/support/pages/node/7008369>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-12-01T10:35:31", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jQuery affect IBM Tivoli Netcool Impact", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-12-01T10:35:31", "id": "18093683E84B728958E0F281A825617C8CB9BDD8849E82D9F8BE38883660CB4C", "href": "https://www.ibm.com/support/pages/node/7086763", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:17:49", "description": "## Summary\n\nThere are vulnerabilities CVE-2021-41182, CVE-2022-31160, CVE-2021-41184, CVE-2021-41183 which affects IBM Engineering Workflow Management (EWM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-31160](<https://vulners.com/cve/CVE-2022-31160>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nEWM| 7.0.2 \nEWM| 7.0.1 \n \n\n\n## Remediation/Fixes\n\n**Upgrade to version 7.0.2 iFix020 or later**\n\n[IBM Engineering Lifecycle Management 7.0.2 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.2 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n**Upgrade to version 7.0.1 iFix020 or later**\n\n[IBM Engineering Lifecycle Management 7.0.1 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.1 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-03-27T17:00:47", "type": "ibm", "title": "Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2021-41182, CVE-2022-31160, CVE-2021-41184, CVE-2021-41183", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-03-27T17:00:47", "id": "2F4BAE09DDC968B54378720622CC42A34228109494DD0EADFC1A7F899DBA0F6A", "href": "https://www.ibm.com/support/pages/node/6966410", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:46:57", "description": "## Summary\n\nThere are vulnerabilities in third party packages (JQuery-UI, Highcharts, datatables.net) affecting User Behavior Anaytics(UBA). UBA has been updated to the latest versions of these packages to address these vulnerabilities. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-23445](<https://vulners.com/cve/CVE-2021-23445>) \n** DESCRIPTION: **datatables.net is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-29489](<https://vulners.com/cve/CVE-2021-29489>) \n** DESCRIPTION: **Highcharts JS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to execute scripts in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201299](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201299>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nQRadar User Behavior Analytics| All \n \n\n\n## Remediation/Fixes\n\nAddressed in version 4.1.8 of [User Behavior Analytics](<https://exchange.xforce.ibmcloud.com/hub/extension/6f5cc6de1e5e2dad38bfa755c3f2b80b> \"User Behavior Analytics\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-08-05T22:43:15", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Jquery-Ui, highcharts, and datatables are affecting QRadar User Behavior Analytics (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-23445, CVE-2021-29489)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23445", "CVE-2021-29489", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-08-05T22:43:15", "id": "CE5C782D5B6A194605FF1969D54D86EA7B4F5A28ADDE4884D6DC86FF22C94536", "href": "https://www.ibm.com/support/pages/node/6610741", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:52:38", "description": "## Summary\n\nThis Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in latest iFixes of IBM Engineering Lifecycle Optimization - Publishing\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-7103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119601>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dialog function. A remote attacker could exploit this vulnerability using the 'closeText' parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119601](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119601>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-31160](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nPUB| 7.0.1 \nPUB| 7.0.2 \n \n## Remediation/Fixes\n\nProduct| Version(s)| How to remediate ? \n---|---|--- \nIBM Engineering Lifecycle Optimization - Publishing| 7.0.1| The vulnerability can be remediated by applying the following PUB [7.0.1 iFix023](<https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FIBM+Engineering+Lifecycle+Optimization+-+Publishing&fixids=7.0.1.0-ELM-PUB-iFix023&source=SAR>) or later iFixes \n7.0.2| The vulnerability can be remediated by applying the following PUB [7.0.2 iFix025](<https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FRational%2FIBM+Engineering+Lifecycle+Optimization+-+Publishing&fixids=7.0.2.0-ELM-PUB-iFix025&source=SAR>) or later iFixes \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-10-04T08:27:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities identified in jQuery-UI affects IBM Engineering Lifecycle Optimization - Publishing", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-10-04T08:27:50", "id": "437D7B7D5396727335BEAB09B5F82B3429C6A5BBB6878396ACA5D407743FF61B", "href": "https://www.ibm.com/support/pages/node/7046959", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-08T22:05:38", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-35491](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193394>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193394](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193394>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2018-7489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n**CVEID: **[CVE-2020-35490](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193391>) \n**DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193391](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193391>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-36518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222319>) \n**DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception. By using a large depth of nested objects, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222319](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222319>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2020-11971](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181961>) \n**DESCRIPTION: **Apache Camel could allow a remote attacker to obtain sensitive information, caused by a rebind flaw in JMX. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181961](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181961>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2020-13955](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189598>) \n**DESCRIPTION: **Apache Calcite is vulnerable to a man-in-the-middle attack, caused by disabled hostname verification for HTTPS connections in the HttpUtils#getURLConnection method. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189598](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189598>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2022-39135](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235774>) \n**DESCRIPTION: **Apache Calcite is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by improper input validation by the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE. By using specially-crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files, cause a denial of service, conduct an SSRF attack, or achieve other system impacts. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235774](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235774>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)** | **Version(s)** \n---|--- \nIBM QRadar SIEM | 7.5.0 - 7.5.0 UP5 \n \n## Remediation/Fixes\n\n**IBM encourages customers to update their systems promptly.**\n\n**Product** | **Version** | **_Remediation/First Fix_** \n---|---|--- \nIBM QRadar SIEM | 7.5.0 | [7.5.0 UP6](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20230519190832&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-06-29T15:03:19", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7489", "CVE-2020-11971", "CVE-2020-13955", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-36518", "CVE-2022-39135"], "modified": "2023-06-29T15:03:19", "id": "77E3C17864071E6772CDF6C8E252ACF8E77FD5D30AB4631D569A5A980B8C27A1", "href": "https://www.ibm.com/support/pages/node/7006069", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:19:00", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed the security vulnerabilities in jQuery.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-31160](<https://vulners.com/cve/CVE-2022-31160>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.7 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.2.1 \n \n\n\n## Remediation/Fixes\n\n**Product \n** | **Version**| **APAR**| **Remediation &amp; Fix** \n---|---|---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.7| IT42890| Apply 6.0.3.8 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.2.1| IT42890| Apply 6.1.2.2 \n \nThe IIM versions of 6.0.3.8 and 6.1.2.2 are available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>). \n\nThe container version of 6.1.2.2 is available in IBM Entitled Registry with following tags. \n\n * cp.icr.io/cp/ibm-b2bi/b2bi:6.1.2.2 for IBM Sterling B2B Integrator\n * cp.icr.io/cp/ibm-sfg/sfg:6.1.2.2 for IBM Sterling File Gateway\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-03-13T16:37:51", "type": "ibm", "title": "Security Bulletin: EBICS Client of IBM Sterling B2B Interator vulnerable to multiple issues due to jQuery", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-03-13T16:37:51", "id": "B673694C2888EE95A6BAB04A5C155DEAA18A41E4DF0C4AE45D1C5C2E3FD7151D", "href": "https://www.ibm.com/support/pages/node/6963091", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T19:03:30", "description": "## Summary\n\nVulnerabilities in Polkit, PostgreSQL, OpenSSL, OpenSSH, and jQuery can affect IBM Spectrum Copy Data Management. Vulnerabilities include elevated privileges, SQL injection, obtaining sensitive information, cross-site scripting, and man-in-the-middle attacks.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-4034](<https://vulners.com/cve/CVE-2021-4034>) \n** DESCRIPTION: **Polkit could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect handling of the argument vectors in the pkexec utility. By crafting environment variables in a specific way, an attacker could exploit this vulnerability to execute commands with root privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218087](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218087>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23214](<https://vulners.com/cve/CVE-2021-23214>) \n** DESCRIPTION: **PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213379](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213379>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3712](<https://vulners.com/cve/CVE-2021-3712>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this vulnerability to read contents of memory on the system or perform a denial of service attack. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-41617](<https://vulners.com/cve/CVE-2021-41617>) \n** DESCRIPTION: **OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in sshd when certain non-default configurations are used. By executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as a non-root user, an attacker could exploit this vulnerability to gain privileges associated with group memberships of the sshd process. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210062>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-23222](<https://vulners.com/cve/CVE-2021-23222>) \n** DESCRIPTION: **PostgreSQL is vulnerable to a man-in-the-middle attack, caused by improper validation of user-supplied input by libpq. A remote attacker could exploit this vulnerability to launch a man-in-the-middle attack to inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Copy Data Management| 2.2.0.0-2.2.14.3 \n \n## Remediation/Fixes\n\n**IBM Spectrum Copy Data Management** \n**Affected Versions**| **Fixing** \n**Level**| **Platform**| **Link to Fix and Instructions \n** \n---|---|---|--- \n2.2.0.0-2.2.14.3| 2.2.15| Linux| <https://www.ibm.com/support/pages/node/6558806> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-12T01:53:49", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Polkit, PostgreSQL, OpenSSL, OpenSSH, and jQuery affect IBM Spectrum Copy Data Management", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23214", "CVE-2021-23222", "CVE-2021-3712", "CVE-2021-4034", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-41617"], "modified": "2022-03-12T01:53:49", "id": "F5EB55E6DBF388E7CB6C76AFCD8A50A86C1FE6B41E6933749DC88EF56B7E408E", "href": "https://www.ibm.com/support/pages/node/6562471", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:00:05", "description": "## Summary\n\nPotential Node.js glob-parent denial of service vulnerability( CVE-2021-35065) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-35065](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208298>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the letter \"A\", a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208298](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208298>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Assistant for IBM Cloud Pak for Data| 4.0.2, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.5.1, 4.5.3, 4.6. 4.6.2, 4.6.3 \n \n## Remediation/Fixes\n\nFor all affected versions, IBM strongly recommends addressing the vulnerability now by upgrading to the latest (v4.7.0 or later releases) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above.\n\n**Product Latest Version**| **Remediation/Fix/Instructions** \n---|--- \nIBM Watson Assistant for IBM Cloud Pak for Data 4.7.0| \n\nFollow instructions for Installing Watson Assistant in Link to Release (v4.7.0 release information)\n\n<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-07-05T22:16:30", "type": "ibm", "title": "Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js glob-parent denial of service vulnerability( CVE-2021-35065)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-07-05T22:16:30", "id": "D8B2C690BC453B0C6AB3A2CF7E5E65EF93E85D2A0C5EF5F6F1DF14C2FFFBF720", "href": "https://www.ibm.com/support/pages/node/7009931", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-07T15:11:05", "description": "## Summary\n\nThere is a vulnerability in FasterXML jackson-databind used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2018-7489](<https://vulners.com/cve/CVE-2018-7489>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/139549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/139549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nSterling Connect Direct File Agent| 1.4.0.0 - 1.4.0.2_iFix007 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| APAR| Remediation / First Fix \n---|---|---|--- \nSterling Connect Direct File Agent| 1.4| [IT37680](<https://www.ibm.com/support/pages/apar/IT37680> \"IT37680\" )| Apply [1.4.0.2_iFix008](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Connect%3ADirect+File+Agent&release=1.4.0.2&platform=All&function=aparId&apars=IT37680> \"1.4.0.2_iFix008\" ) or later, available on Fix Central \nFor unsupported versions IBM recommends upgrading to a fixed, supported version of the product. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-23T17:59:06", "type": "ibm", "title": "Security Bulletin: FasterXML Vulnerability in Jackson-Databind Affects IBM Sterling Connect:Direct File Agent (CVE-2018-7489)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7489"], "modified": "2021-07-23T17:59:06", "id": "D138CF49E6FBCAA675A233FF8BBC22B5BBB468193170BFE1965F464155B0FE14", "href": "https://www.ibm.com/support/pages/node/6474939", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:45:45", "description": "## Summary\n\nIBM C\u00faram Social Program Management uses the FasterXML Jackson libraries, for which there is a publicly known vulnerability. For this vulnerability FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCuram SPM| 7.0.10 - 7.0.11 \nCuram SPM| 7.0.5 - 7.0.9 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nC\u00faram SPM| \n\n7.0.11\n\n| Visit IBM Fix Central and upgrade to [7.0.11_iFix2](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.11.0_RP&platform=All&function=all> \"7.0.11_iFix2\" ) or a subsequent 7.0.11 release. \nC\u00faram SPM| \n\n7.0.9\n\n| Visit IBM Fix Central and upgrade to [7.0.9.0_iFix7](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.9.0_RP&platform=All&function=all> \"7.0.9.0_iFix7\" ) or a subsequent 7.0.4 release. \n \n## Workarounds and Mitigations\n\nFor information about all other versions, contact IBM C\u00faram Social Program Management customer support. \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-08T17:36:38", "type": "ibm", "title": "Security Bulletin: Vulnerability in FasterXML Jackson libraries affect IBM C\u00faram Social Program Management (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-03-08T17:36:38", "id": "6D72F5E2F90CAC5A4D151DD3483103FAB60A4A6FCD9FF4EB47E5E45ACF7A4129", "href": "https://www.ibm.com/support/pages/node/6427001", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:58:06", "description": "## Summary\n\nIBM Engineering Requirements Management DOORS Next is vulnerable to CVE-2020-25649 due to FasterXML Jackson Databind. FasterXML Jackson Databind is used by IBM Engineering Requirements Management DOORS Next for data mapping between JSON and Java objects. The fix includes FasterXML Jackson Databind v2.12.4.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Engineering Requirements Management DOORS Next| 7.0.2 \nIBM Engineering Requirements Management DOORS Next| 7.0 \nIBM Engineering Requirements Management DOORS Next| 7.0.1 \nIBM Rational DOORS Next Generation| 6.0.6.1 \nIBM Rational DOORS Next Generation| 6.0.6 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerabilities now by taking the actions documented in this bulletin.**\n\nFor IBM Engineering Requirements Management DOORS Next 7.0.2, install [ifix 9](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Requirements+Management+DOORS+Next&release=7.0.2&platform=All&function=fixId&fixids=7.0.2-IBM-ELM-iFix009&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"ifix9\" ) or newer.\n\nFor IBM Engineering Requirements Management DOORS Next 7.0.1, install [ifix 13](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Requirements+Management+DOORS+Next&release=7.0.1&platform=All&function=fixId&fixids=7.0.1-IBM-ELM-iFix013&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"ifix 13\" ) or newer.\n\nFor IBM Engineering Requirements Management DOORS Next 7.0, install [ifix 13](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Requirements+Management+DOORS+Next&release=7.0&platform=All&function=fixId&fixids=7.0-IBM-ELM-iFix013&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"ifix 13\" ) or newer.\n\nFor IBM Rational DOORS Next Generation 6.0.6.1, install [ifix 21](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6.1&platform=All&function=fixId&fixids=6.0.6.1-Rational-DNG-ifix021&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"ifix 21\" ) or newer.\n\nFor IBM Rational DOORS Next Generation 6.0.6, install [ifix 24](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm~Rational&product=ibm/Rational/Rational+DOORS+Next+Generation&release=6.0.6&platform=All&function=fixId&fixids=6.0.6-Rational-DNG-ifix024&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"ifix 24\" ) or newer.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-03T18:58:51", "type": "ibm", "title": "Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to XML external entity (XXE) attacks due to FasterXML Jackson Databind (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2022-05-03T18:58:51", "id": "CCA2C68EF569C58F2CD1B5927035CEFEACBB9429A63AB8C973E5D68208E4AD02", "href": "https://www.ibm.com/support/pages/node/6579485", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:49:05", "description": "## Summary\n\nA cross-site scripting vulnerability in jQuery-UI used by IBM InfoSphere Information Analyzer was addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n## Remediation/Fixes\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud| 11.7| [JR64903](<http://www.ibm.com/support/docview.wss?uid=swg1JR64903> \"JR64903\" )| \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply IBM InfoSphere Information Server version [11.7.1.3](<https://www.ibm.com/support/pages/node/6498109> \"11.7.1.3\" ) \n\\--Apply Information Server [11.7.1.3 Service pack 4](<https://www.ibm.com/support/pages/node/6568469> \"11.7.1.3 Service pack 4\" ) \n\\--Apply Information Analyzer [Security patch](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=is11713_Security_JR64903_IA> \"Security patch\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-07-19T03:08:00", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Analyzer is affected by a cross-site scripting vulnerability in jQuery-UI(CVE-2021-41184)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2022-07-19T03:08:00", "id": "99936FAC1F0A73E3167039C2601186519A3F8ED2D368F09EF3B457B2D57462EA", "href": "https://www.ibm.com/support/pages/node/6603059", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T17:56:03", "description": "## Summary\n\nIBM Event Streams is potentially vulnerable to a data integrity issue\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Event Streams| 2019.2.1 \n \nIBM Event Streams\n\n| \n\n2019.4.1 \n \nIBM Event Streams\n\n| \n\n2019.4.2 \n \nIBM Event Streams\n\n| \n\n2019.4.3 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.0.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.1.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.2.0 \n \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Event Streams 10.3.0 or 10.2.1 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/installing/upgrading/> \"\" ) documentation.\n\nUpgrade from IBM Event Streams 2019.2.1 and 2019.4.x to the [latest Fix Pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/IBM+Event+Streams&release=2019.4.1&platform=All&function=fixId&fixids=*IBM-Event-Streams*> \"\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-04T14:10:01", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is affected by potential data integrity issue (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-10-04T14:10:01", "id": "CF1C387E16CABF8D81AAB4B6A53874DE0D663EE059046460B3A0D1EEB8D2E762", "href": "https://www.ibm.com/support/pages/node/6461951", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T14:41:31", "description": "## Summary\n\nA potential vulnerability has been identified related to FasterXML jackson-databind. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWA for ICP| 1.4.2, 1.5.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to the latest (4.0.0) release of WA for CP4D which maintains backward compatibility with the versions listed above.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-30T21:09:43", "type": "ibm", "title": "Security Bulletin: Potential vulnerability with FasterXML jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-07-30T21:09:43", "id": "C65722F809C01B5483BEFD48484EDC46960C65030D132C9D08F70EDB8A00D231", "href": "https://www.ibm.com/support/pages/node/6476332", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:47:20", "description": "## Summary\n\nSecurity vulnerability have been Identified In Jackson Databind library shipped with IBM Global Mailbox\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Global High Availability Mailbox| 6.0.2 \n \n\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by Jackson Databind which is shipped with Global Mailbox.\n\nPrincipal Product and Version(s)\n\n| \n\nAffected Supporting Product and Version\n\n| \n\nAffected Supporting Product Security Bulletin \n \n---|---|--- \n \nGlobal Mailbox version 6.1.0.1 \n\n| \n\nJackson Databind Library version 2.11.3 \n\n| \n\n[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n \n6.1.0.1 is now available on Fix Central\n\nHere are the Fix Central links.\n\n**Sterling B2B Integrator**\n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Other+software/Sterling+B2B+Integrator&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=6.1.0.1-OtherSoftware-B2Bi-All&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=fixId&fixids=6.1.0.1-OtherSoftware-B2Bi-All&includeSupersedes=0>)\n\n**Sterling File Gateway**\n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Other+software/Sterling+File+Gateway&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=6.1.0.1-OtherSoftware-SFG-All&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+File+Gateway&release=All&platform=All&function=fixId&fixids=6.1.0.1-OtherSoftware-SFG-All&includeSupersedes=0>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-25T09:46:06", "type": "ibm", "title": "Security Bulletin: Vulnerability In Jackson Databind library shipped with IBM Global Mailbox (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-01-25T09:46:06", "id": "7DAA1079EC80CD5A34A54CC4F091B8B38553BE4A9A89DC95810848A4E4B45568", "href": "https://www.ibm.com/support/pages/node/6405734", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:45:55", "description": "## Summary\n\nVulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Symphony| 7.3.1 \nIBM Spectrum Symphony| 7.3 \nIBM Spectrum Symphony| 7.2.1 \nIBM Spectrum Symphony| 7.2.0.2 \n \n\n\n## Remediation/Fixes\n\n**Products**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nIBM Spectrum Symphony| 7.3.1| P104101| [sym-7.3.1-build600219](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.3.1-build600219&includeSupersedes=0> \"sym-7.3.1-build600219\" ) \nIBM Spectrum Symphony| 7.3| P104106| [sym-7.3-build600222](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.3-build600222&includeSupersedes=0> \"sym-7.3-build600222\" ) \nIBM Spectrum Symphony| 7.2.1| P104097| [sym-7.2.1-build600221](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.1-build600221&includeSupersedes=0> \"sym-7.2.1-build600221\" ) \nIBM Spectrum Symphony| 7.2.0.2| P104098| [sym-7.2.0.2-build600220](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Symphony&release=All&platform=All&function=fixId&fixids=sym-7.2.0.2-build600220&includeSupersedes=0> \"sym-7.2.0.2-build600220\" ) \n \n\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-05T05:23:45", "type": "ibm", "title": "Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-03-05T05:23:45", "id": "A2B7B3BF6FCA39AA75ECAA4E73CA474375D79E4943FB0AA53D4AF9C31A37E9B5", "href": "https://www.ibm.com/support/pages/node/6423757", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:31:32", "description": "## Summary\n\nFasterXML Jackson Databind used by CICS Transaction Gateway could provide weaker than expected security, caused by not having entity expansion secured properly (CVE-2020-25649). CICS Transaction Gateway addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM CICS Transaction Gateway| 9.3 \n \n## Remediation/Fixes\n\nApply the applicable CICS Transaction Gateway APAR below.\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**APAR**\n\n| \n\n**Remediation / First Fix** \n \n---|---|---|--- \nCICS Transaction Gateway| 9.3| PH50737| \n\ns930 Container:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-s390xcontainer&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-s390xcontainer&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-s390xcontainer&source=SAR\" )\n\nx86 Container:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-x86container&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-x86container&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-x86container&source=SAR\" )\n\nAIX:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-AIX&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-AIX&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-AIX&source=SAR\" )\n\nILNX:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-ILNX&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-ILNX&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-ILNX&source=SAR\" )\n\nPLNX:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-PLNX&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-PLNX&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-PLNX&source=SAR\" )\n\nPLXLE:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-PLXLE&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-PLXLE&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-PLXLE&source=SAR\" )\n\nWIN:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737-WIN&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-WIN&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737-WIN&source=SAR\" )\n\nZLNX:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&amp;fixids=9.3.0.0-CICSTG-PH50737&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737&source=SAR> \"http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FCICS+Transaction+Gateway+for+Multiplatforms&fixids=9.3.0.0-CICSTG-PH50737&source=SAR\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-08T10:36:22", "type": "ibm", "title": "Security Bulletin: FasterXML Jackson Databind used by CICS Transaction Gateway could provide weaker than expected security", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2022-12-08T10:36:22", "id": "278B33580333ED28E55DD7063E392BB225BBFB1BB954C108D12E110FCDE077BE", "href": "https://www.ibm.com/support/pages/node/6846201", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:20:30", "description": "## Summary\n\nThe IBM Cloud Platform Common Services (Events Operator) is potentially vulnerable to a data integrity issue\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Events Operator| 0.20.0 (part of IBM Cloud Pak foundational services 3.6.x) \n \n\n\n## Remediation/Fixes\n\nUpgrade IBM Cloud Pak foundational services to the latest 3.7.x (Continuous Delivery) or 3.6.x (Extended Update Support) release following the steps provided in the [IBM Documentation](<https://www.ibm.com/docs/en/cloud-paks/1.0?topic=online-upgrading-foundational-services-from-operator-release> \"IBM Documentation\" ). \n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-27T20:37:53", "type": "ibm", "title": "Security Bulletin: IBM CloudPak foundational services (Events Operator) is affected by potential data integrity issue (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-02-27T20:37:53", "id": "92F2A9B7C4EEEC292BB19AAFE8AFF26AD8870C022D98AD670334DBE43D053D61", "href": "https://www.ibm.com/support/pages/node/6450757", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:46:25", "description": "## Summary\n\nFasterXML Jackson Databind is a dependency component shipped with the IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library for Message Bus Integration. Information about the security vulnerability affecting FasterXML Jackson Databind has been published. (CVE-2020-25649)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| common-transportmodule-15_0 up to and including common-transportmodule-26_0 \n \n## Remediation/Fixes\n\nUpdated Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| [common-transportmodule-27_0](<https://www.ibm.com/support/pages/node/256461> \"common-transportmodule-27_0\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-19T01:39:26", "type": "ibm", "title": "Security Bulletin: A vulnerability have been identified in FasterXML Jackson Databind shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-02-19T01:39:26", "id": "27B11849CE393237ADE7F7AFB1B4BECD78159FDF9951E5E30FB407F9DFA93273", "href": "https://www.ibm.com/support/pages/node/6415989", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T14:40:29", "description": "## Summary\n\nThe FasterXML Jackson Databind vulnerability CVE-2020-25649 impacts Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, and Aspera Desktop Client 4.0.0 and earlier. The fix is delivered in Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, and Aspera Desktop Client 4.1.0.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n**DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Aspera Desktop Client | 4.0.0 and earlier \nIBM Aspera High-Speed Transfer Server | 4.0.0 and earlier \nIBM Aspera High-Speed Transfer Endpoint | 4.0.0 and earlier \n \n## Remediation/Fixes\n\nAffected Product(s) | Fix in Version(s) \n---|--- \nIBM Aspera High-Speed Transfer Server | 4.1.0 \nIBM Aspera High-Speed Transfer Endpoint | 4.1.0 \nIBM Aspera Desktop Client | 4.1.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-04T00:59:26", "type": "ibm", "title": "Security Bulletin: FasterXML Jackson Databind vulnerability impacting Aspera High-Speed Transfer Server, Aspera High-Speed Transfer Endpoint, Aspera Desktop Client 4.0 and earlier (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-06-04T00:59:26", "id": "B301E3BA36CF8897185EB51E86542B39D3D05EDE0AA3B1DAADFE9F809DDA0C1F", "href": "https://www.ibm.com/support/pages/node/6458597", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:05:09", "description": "## Summary\n\nIBM Security Guardium has fixed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** IBM X-Force ID: **217968 \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by an error when using JDK serialization to serialize and deserialize JsonNode values. By sending a specially crafted request, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/217968 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217968>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 10.6 \nIBM Security Guardium| 11.0 \nIBM Security Guardium| 11.1 \nIBM Security Guardium| 11.2 \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \nIBM Security Guardium| 11.5 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \n \nIBM Security Guardium\n\n| 10.6| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=10.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_10.0p692_Bundle_May-12-2022&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p692_Bundle_May-12-2022&includeSupersedes=0&source=fc>) \n \nIBM Security Guardium\n\n| 11.0| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_11.0p45_Bundle_May-03-2022&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc>) \n \nIBM Security Guardium\n\n| 11.1| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard-11.0p165_Bundle_Sep_01_2022&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard-11.0p165_Bundle_Sep_01_2022&includeSupersedes=0&source=fc>) \n \nIBM Security Guardium\n\n| 11.2| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_11.0p277_Bundle_Oct-26-2022&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p277_Bundle_Oct-26-2022&includeSupersedes=0&source=fc>) \n \nIBM Security Guardium\n\n| 11.3| | | | | [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_11.0p385_Bundle_Jun-05-2023&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p385_Bundle_Jun-05-2023&includeSupersedes=0&source=fc>) \n--- \n \nIBM Security Guardium\n\n| 11.4| | [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_11.0p470_Bundle_Mar-22-2023&amp;includeSupersedes=0&amp;source=fc ](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p470_Bundle_Mar-22-2023&includeSupersedes=0&source=fc>) \n--- \n \nIBM Security Guardium\n\n| 11.5| | [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&amp;product=ibm/Information+Management/InfoSphere+Guardium&amp;release=11.0&amp;platform=Linux&amp;function=fixId&amp;fixids=SqlGuard_11.0p525_Bundle_May-18-2023&amp;includeSupersedes=0&amp;source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p525_Bundle_May-18-2023&includeSupersedes=0&source=fc>) \n--- \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-06-13T18:26:18", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by FasterXML jackson-databind vulnerabilities (CVE-2020-25649, X-Force ID 217968)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-06-13T18:26:18", "id": "0E90BE57477FF48A1B6656796E64B27DD2F0FD10BE811D20B98E904E94B3762E", "href": "https://www.ibm.com/support/pages/node/6573001", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T14:39:32", "description": "## Summary\n\nVulnerability in jackson-databind affects Cloud Pak System. IBM Cloud Pak System adressed vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak System| 2.3 \n \n## Remediation/Fixes\n\nFor Cloud Pak System V2.3.0.1, V2.3.1., V2.3.2.0, V.2.3.3.0, V.2.3.3.1, V.2.3.3.2\n\nupgrade to V2.3.3.3 and apply Cloud Pak System V2.3.3.3 Interim Fix 1 at [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.3&platform=All&function=all>).\n\n \n\n\nFor Cloud Pak System V2.3.3.3\n\napply Cloud Pak System V2.3.3.3 Interim Fix 1 at [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.3&platform=All&function=all>).\n\n \n\n\nInformation on upgrading : <http://www.ibm.com/support/docview.wss?uid=ibm10887959>\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-07-19T12:24:40", "type": "ibm", "title": "Security Bulletin: Vulnerability in jackson-databind affects Cloud Pak System (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-07-19T12:24:40", "id": "24998913BBA24560DF90F23DACB1EE1AF91DAA3212C9A03EEBBD3A5EFE2155E0", "href": "https://www.ibm.com/support/pages/node/6464399", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T14:40:52", "description": "## Summary\n\nIBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.2 CD \n \n\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.1\n * IBM Cloud Private 3.2.2\n\nFor IBM Cloud Private 3.2.1, apply fix pack:\n\n * [IBM Cloud Private 3.2.1.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1.2105-build600576-44535&includeSupersedes=0> \"IBM Cloud Private 3.2.1.2105\" )\n\nFor IBM Cloud Private 3.2.2, apply fix pack:\n\n * [IBM Cloud Private 3.2.2.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.2.2105-build600575-44536&includeSupersedes=0> \"IBM Cloud Private 3.2.2.2105\" )\n \n\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.2. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-02T21:07:05", "type": "ibm", "title": "Security Bulletin: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-09-02T21:07:05", "id": "359D81A32B636B6B41B26FA1EB195DCDD898364CBE4C284C377BC53F3B665B24", "href": "https://www.ibm.com/support/pages/node/6486051", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:45:33", "description": "## Summary\n\nIBM Network Performance Insight 1.3.1 was affected by CVE-2020-25649 becuase using older jackson-databind\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Network Performance Insight| 1.3.1 \n \n\n\n## Remediation/Fixes\n\nTo resolve the CVE-2020-25649 IBM Network Performance Insight fix pack 1.3.1.0-TIV-NPI-IF0003.2 updated with upgraded FasterXML jackson-databind with version com.fasterxml.jackson.core.jackson-databind-2.11.0.jar \n\nFix Pack (IBM Network Performance Insight fix pack 1.3.1.0-TIV-NPI-IF0003.2) is available at following link to download:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.1.0-TIV-NPI-IF0003.2&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.1.0-TIV-NPI-IF0003.2&source=SAR>)\n\nReadme file contains upgrade instructions:\n\n[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&amp;fixids=1.3.1.0-TIV-NPI-IF0003.2.README&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FNetwork+Performance+Insight&fixids=1.3.1.0-TIV-NPI-IF0003.2.README&source=SAR>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-10T12:32:23", "type": "ibm", "title": "Security Bulletin: IBM Network Performance Insight 1.3.1 was affected by vulnerability in jackson-databind (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-03-10T12:32:23", "id": "2ECE3B786054F61CA595AAF0F84D1E826CED90F49FBAEFF05CE55C1F8F413D29", "href": "https://www.ibm.com/support/pages/node/6427943", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:50:34", "description": "## Summary\n\nFasterXML Jackson Databind, used by IBM Tioli Network Manager,contains a flaw where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity. The library has been upgraded to 2.13.1 to address the issue.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nITNM| 4.2.0.x \n \n\n\n## Remediation/Fixes\n\nThis issue has been fixed in ITNM4.2 Fix Pack 15 (i.e. 4.2.0.15) available from fix central. \n\nITNM Full builds\n\n[4.2.0-TIV-ITNMIP-Linux-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-Linux-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-Linux-FP0015\" )\n\n[4.2.0-TIV-ITNMIP-zLinux-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-zLinux-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-zLinux-FP0015\" )\n\n[4.2.0-TIV-ITNMIP-AIX-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-AIX-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-AIX-FP0015\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-07T06:58:19", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Network Manager is vulnerable to XML external entity (XEE) attacks due to FasterXML (CVE-2020-25649)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2022-07-07T06:58:19", "id": "8DD827D74AF85708EA2C9099D87AA731E017BAE733F136194953C1481A380280", "href": "https://www.ibm.com/support/pages/node/6601921", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T19:10:54", "description": "## Summary\n\nIBM PowerVM Novalink, which consumes Apache Log4j, is subject to CVE-2021-44832, which allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code.. IBM strongly recommends addressing the vulnerability now by applying the fix below which provides upgrade to Apache Log4j v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM PowerVM NovaLink| 1.0.0.16 \nIBM PowerVM NovaLink| 2.0.0.0 \nIBM PowerVM NovaLink| 2.0.1 \nIBM PowerVM NovaLink| 2.0.2 \nIBM PowerVM NovaLink| 2.0.2.1 \n \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.**\n\n**Product**| **Version**| **Remediation** \n---|---|--- \nIBM PowerVM NovaLink| 1.0.0.16| [Update to pvm-novalink 1.0.0.16-220104 ](<https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_1.0.0.16_readme.html> \"Update to pvm-novalink 1.0.0.16-211212\" ) \nIBM PowerVM NovaLink| 2.0.0.0| [Update to pvm-novalink 2.0.1-220104](<https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.0.1_readme.html> \"Update to pvm-novalink 2.0.1-211212\" ) \nIBM PowerVM NovaLink| 2.0.1| [Update to pvm-novalink 2.0.1-220104 ](<https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.0.1_readme.html> \"Update to pvm-novalink 2.0.1-211212\" ) \nIBM PowerVM NovaLink| 2.0.2| [Update to pvm-novalink 2.0.2.1-220104](<https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.0.2.1_readme.html> \"Update to pvm-novalink 2.0.2.1-211212\" ) \nIBM PowerVM NovaLink| 2.0.2.1| [Update to pvm-novalink 2.0.2.1-220104](<https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.0.2.1_readme.html> \"Update to pvm-novalink 2.0.2.1-211212\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-12T07:04:55", "type": "ibm", "title": "Security Bulletin: IBM PowerVM Novalink is vulnerable to allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-12T07:04:55", "id": "1FEF4B25F870CF814735A38118457F007D958810ADCF7C8C553468619FF1337F", "href": "https://www.ibm.com/support/pages/node/6540228", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:07:56", "description": "## Summary\n\nA vulnerability in Apache Log4j could result in remote code execution. IBM Spectrum Protect Snapshot on Windows includes the IBM Spectrum Protect Backup-Archive Cliient which installs the vulnerable Log4j files. Based on current information and analysis, Log4j is not used by IBM Spectrum Protect Snapshot on Wiindows. The below fix package includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Snapshot for Windows (formerly IBM Tivoli Storage FlashCopy Manager for Windows)| 8.1.11.0-8.1.13.2 \nIBM Tivoli Storage FlashCopy Manager for Windows| \n\n4.1.6.10-4.1.6.x \n \nNote: IBM Spectrum Protect Snapshot for Windows packages the IBM Spectrum Protect Backup-Archive client which installs the affected Log4j files but these files are not used. \n\n## Remediation/Fixes\n\nIBM strongly recommends addressing this vulnerability now by upgrading.\n\n**Note: The below fix packages include Log4j 2.17.1.**\n\n**IBM Spectrum Protect** \n**Snapshot for Windows Affected Versions**| **Fixing** \n**Level**| **Platform**| **Link to Fix and Instructions \n** \n---|---|---|--- \n8.1.11.0-8.1.13.2| 8.1.13.3| Windows| <https://www.ibm.com/support/pages/node/6540262> \n4.1.6.10-4.1.6.x| Client Fixing Level is 7.1.8.15| Windows| \n\nApply the IBM Spectrum Protect Client 7.1.8.15 fix using this link \n<https://www.ibm.com/support/pages/node/316619> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T11:37:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Protect Snapshot on Windows (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-01T11:37:31", "id": "7061882A844BC1B159CD9483EEA32DBAF5175CB9800976F7DD1F381723E88538", "href": "https://www.ibm.com/support/pages/node/6540676", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:09:33", "description": "## Summary\n\nIBM Cloud Pak for Multicloud Management has applied security fixes for its use of Log4j for CVE-2021-44832. Log4j is used by various microservices either directly or indirectly through dependent open source software for logging messages to files. The fix includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Monitoring| Before 2.3 Fixpack 4 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 4 by following the instructions at <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=installation-upgrade>. \n\n## Workarounds and Mitigations\n\nIBM recommends clients should configure their firewalls to block unauthorized outbound connections to mitigate against this and similar vulnerabilities.\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T13:57:17", "type": "ibm", "title": "Security Bulletin: Apache Log4j vulnerability affects IBM Cloud Pak for Multicloud Management (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-18T13:57:17", "id": "57C8014122573615025590EC2ECB0090790833D51A381D781A55C4F43EDA278D", "href": "https://www.ibm.com/support/pages/node/6541478", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:04:11", "description": "## Summary\n\nApache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nSterling Connect Direct Web Services| 1.0 \nIBM Sterling Connect:Direct Web Services| 6.1.0 \nIBM Sterling Connect:Direct Web Services| 6.2.0 \nIBM Connect:Direct Web Services| 6.0 \n \n\n\n## Remediation/Fixes\n\n**Product(s)**| **Version(s)**| **Remediation \n** \n---|---|--- \nSterling Connect Direct Web Services| 1.0| Apply 6.0.0.7, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \nIBM Connect:Direct Web Services| 6.0| Apply 6.0.0.7, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \nIBM Connect:Direct Web Services| 6.1| Apply 6.1.0.10, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \nIBM Connect:Direct Web Services| 6.2| Apply 6.2.0.4, available on [Fix Central](<https://www.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=ibm%2fOther+software%3bibm%2fOther+software%2fIBM+Connect%3aDirect+Web+Services> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-01T19:16:11", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to remote attacker due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-03-01T19:16:11", "id": "92C22BB80F005566A9B6BC13CEB85433025D25B49B4109FF79DFC90B8A2B7A4A", "href": "https://www.ibm.com/support/pages/node/6560418", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:54:11", "description": "## Summary\n\nApache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. Apache Log4j library is used inside the search indexer component by IBM Rational Software Architect RealTime Edition. The fix includes Apache Log4j v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nRSA RT| 10.3 \nRSA RT| 11.0 \nRSA RT| 11.1 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now. **\n\nUpdate RSA RT to v11.1 2022.04 or later versions available through Fix Central.\n\n## Workarounds and Mitigations\n\nIf update to RSA RT v11.1 2022.04 or later versions is not possible, please reach out to [IBM Support](<https://www.ibm.com/mysupport> \"IBM Support\" ).\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-08T12:25:28", "type": "ibm", "title": "Security Bulletin: IBM Rational Software Architect RealTime Edition (RSA RT) is vulnerable to Apache Log4j2 - CVE-2021-44832", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-06-08T12:25:28", "id": "AC579EF06A63C7679B2D7EC4B67819D5F33EC90E9760AA522990209580D45436", "href": "https://www.ibm.com/support/pages/node/6593439", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:11:46", "description": "## Summary\n\nThe APM v8.1.4.0 Server installs an Online Help application that contains Log4j v2.3. A vulnerability was found in this version of Log4j that is documented by CVE-2021-44832 and fixed in Log4j v2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud APM, Base Private| 8.1.4 \nIBM Cloud APM, Advanced Private| 8.1.4 \n \n\n\n## Remediation/Fixes\n\nThe vulnerable version of Log4j v2.3 can be replaced by Log4j v2.17.1 by following the procedure described at <https://www.ibm.com/support/pages/node/6526216>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-05T22:36:11", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44832) affects the IBM Performance Management product", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-05T22:36:11", "id": "FB294BF49176D6C142EF1CFE519D56E0B6967174C95D88BDD800F026AD0FBE3B", "href": "https://www.ibm.com/support/pages/node/6538476", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:11:06", "description": "## Summary\n\nVulnerabilities in Apache Log4j affect IBM App Connect for Manufacturing 2.0. An attacker who can control log messages or log message parameters can execute arbitrary code leading to Remote Code Execution (RCE) attacks. IBM App Connect for Manufacturing 2.0 has addressed the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM App Connect for Manufacturing| 2.0.0.5-2.0.0.7 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by applying the patches listed in this table.This superceeds apar IT39379 and IT39451 Product| VRMF| APAR| Remediation/Fixes \n---|---|---|--- \nIBM App Connect for Manufacturing| 2.0.0.5 to 2.0.0.7| IT39568| \n\nInterim fix for APAR ( IT39568 ) is available from\n\n[2.0.0.7 IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+for+Manufacturing&release=2.0.0.7&platform=All&function=aparId&apars=IT39568> \"2.0.0.7 IBM Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-11T08:02:44", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Apache Log4j affect IBM App Connect for Manufacturing 2.0 (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-11T08:02:44", "id": "A1610C4151E05207C2B70F00002FE2069C48E736E5F65C67864C8C78D8372D2B", "href": "https://www.ibm.com/support/pages/node/6539830", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:10:14", "description": "## Summary\n\nA vulnerability in Apache Log4j could result in remote code execution. IBM Spectrum Protect for Space Management includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j files. The below fix packages include Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect for Space Management| 8.1.11.0-8.1.13.2 \n7.1.8.10-7.1.8.14 \n \nNote: IBM Spectrum Protect for Space Management packages the IBM Spectrum Protect Backup-Archive client which installs the affected Log4j files. However, based on current information and analysis these files are not used. \n\n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing this vulnerability now by upgrading. \n\n**Note: The below fix packages include Log4j 2.17.1.**\n\n**_IBM Spectrum Protect for \nSpace Management Affected Versions \n_**| **_Fixing \nLevel_**| **_Platform_**| **_Link to Fix and Instructions \n_** \n---|---|---|--- \n8.1.11.0-8.1.13.2 \n| 8.1.13.3| AIX \nLinux| <https://www.ibm.com/support/pages/node/316077> \n7.1.8.10-7.1.8.14| 7.1.8.15| Linux| <https://www.ibm.com/support/pages/node/316075> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-14T14:19:15", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Protect for Space Management (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-14T14:19:15", "id": "DD0EE895B8C1D023C4A9C7DA2726D4CAC8D1495A05DF9FE91915F58FF012245D", "href": "https://www.ibm.com/support/pages/node/6540846", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:08:27", "description": "## Summary\n\nA vulnerability in Apache Log4j could result in remote code execution. This vulnerability may impact the Help system in IBM Spectrum Protect Plus. The below fix package includes Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus| 10.1.0.0-10.1.9.2 \n \n## Remediation/Fixes\n\nIBM strongly recommends addressing this vulnerability now by upgrading.\n\n**Note: The below fix package includes Log4j 2.17.1.**\n\n**IBM Spectrum Protect Plus ****Affected Versions**| **Fixing \n****Level**| **Platform**| **Link to Fix and Instructions \n** \n---|---|---|--- \n10.1.0.0-10.1.9.2| 10.1.9.3| Linux| <https://www.ibm.com/support/pages/node/6487159> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-31T18:07:42", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may impact IBM Spectrum Protect Plus (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-31T18:07:42", "id": "3F14338CF5893CE4D24AD3EA652BF863BF887AD4702C8D62827FAF3B7BA35B48", "href": "https://www.ibm.com/support/pages/node/6540856", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:36:07", "description": "## Summary\n\nAn Apache Log4j (CVE-2021-44832) vulnerability impacts IBM InfoSphere Information Server which uses Apache Log4j for logging. The fix upgrades Apache Log4j to version 2.17.1.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n**DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud | 11.7 \n \nInformation Server 11.5 and 11.3 are affected. Both releases are past end of service.\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now. \n\n**Product**\n\n| **VRMF** | **APAR** | **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud | 11.7 | [JR64468](<http://www.ibm.com/support/docview.wss?uid=swg1JR64468> \"JR64468\" ) | \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply IBM InfoSphere Information Server version [11.7.1.3](<https://www.ibm.com/support/pages/node/6498109> \"11.7.1.3\" ) \n\\--Apply Information Server [11.7.1.3 Service pack 4](<https://www.ibm.com/support/pages/node/6568469> \"11.7.1.3 Service pack 3\" ) \n \n \n**Note**:\n\n \n1\\. For Information Server 11.5 and 11.3, upgrade to a fixed release.\n\n \n2\\. Information Server saves prior versions of jar files to facilitate patch rollbacks and uninstall of components: \na. In the Updates folder within your Information Server location, for each patch installed, a patch folder is created with the name of the patch. The patch folder contains copies of files that are replaced during the patch install. The patch folder name is based on the name of the patch which can be seen in the History section of your Version.xml. The files in this folder are used by the Update installer to roll back a patch installation; they are not needed while Information Server is used. \nb. Each time the Update Installer is updated, the jar files used by the Update Installer that are changed, are saved in a new lib.&lt;timestamp&gt; folder within the Updates folder. \nc. The _uninstall folder contains files that are only used while uninstalling Information Server components.\n\nFor Apache Log4j related patches, the prior vulnerable versions of Apache Log4j could be present within such folders. \nIf you want to remove such Apache Log4j files from the system, take a backup of such a folder and then purge the folder.\n\nAn appropriate backup of the patch folder must be restored before any subsequent patch rollback attempt. \nLikewise, an appropriate backup of the files in _uninstall must be restored before any subsequent uninstall action.\n\n \n3\\. (April 27, 2022) In some configurations (such as when the Services tier is separate), Service Pack 3 might not upgrade all files. For that situation, Service Pack 4 should be installed. You can check your Services tier to see whether any log4j jars with version older than 2.17.1 are present.\n\n4\\. (October 14, 2022) Some open source components usage of log4j version 1 was addressed in Information Server 11.7.1.4.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-14T22:12:43", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Server is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-10-14T22:12:43", "id": "1A98F50E1E735698FFAC4C9A1C23F5B7F50E375BE7EE85508BB03FE656980855", "href": "https://www.ibm.com/support/pages/node/6553026", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-28T01:50:42", "description": "## Summary\n\nIBM WebSphere Application Server (WAS) is shipped as a component of IBM Workload Scheduler, which results in IBM Workload Scheduled being impacted by this vulnerability. Information about security vulnerabilities affecting WAS have been published in security bulletins, and IBM recommends that these remediations are applied to all instances of IBM Workload Scheduler.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Workload Scheduler| 9.4 \nIBM Workload Scheduler| 9.3.x \n \n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Workload Scheduler. IBM recommends that these remediations are applied to all instances of IBM Workload Scheduler.\n\n<https://www.ibm.com/support/pages/node/6538148>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-01-10T14:48:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44832) shipped with IBM Workload Scheduler", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-10T14:48:43", "id": "46D17052F3251C0B3D153FDD5D0771739B636DF3179C7B0E07B10BDA68CED334", "href": "https://www.ibm.com/support/pages/node/6539478", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T19:10:14", "description": "## Summary\n\nA vulnerability in Apache Log4j could result in remote code execution. This vulnerability may impact the IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments due to their uses of Apache Log4j for logging of messages and traces. The below fix packages include Apache Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Backup-Archive Client - see Note 1| \n\n8.1.11.0-8.1.13.2 \n7.1.8.10-7.1.8.14 \n \n \nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware| 8.1.11.0-8.1.13.2 see Note 2 \n7.1.8.10-7.1.8.14 \nIBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V| 8.1.11.0-8.1.13.2 see Note 2 \n \n \nNote 1: \nIBM Spectrum Protect includes the client and server. The IBM Spectrum Protect Backup-Archive Client installs the affected Apache Log4j files. Based on current analysis and information, only the Web GUI will use the affected files.\n\nNote 2: \nThe Data Movers in 8.1.11 and above are affected.\n\n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing these vulnerabilities now by upgrading to the fixed level instead of using the manual process described under Workarounds and Mitigations. \n\n**Note: The below fix packages include Apache Log4j 2.17.1.**\n\n**_IBM Spectrum Protect Backup-Archive Client Affected Versions \n_**| **_Fixing \nLevel_**| **_Platform_**| **_Link to Fix and Instructions \n_** \n---|---|---|--- \n8.1.11.0-8.1.13.2 | 8.1.13.3| AIX \nLinux \nWindows| <https://www.ibm.com/support/pages/node/589103> \n7.1.8.10-7.1.8.14| \n\n7.1.8.15\n\n| Linux \nWindows| \n\n<https://www.ibm.com/support/pages/node/316619> \n \n**_IBM Spectrum Protect for Virtual Environments: Data Protection for VMware Affected Versions \n_**| **_Fixing \nLevel_**| **_Platform_**| **_Link to Fix and Instructions \n_** \n---|---|---|--- \n8.1.11.0-8.1.13.2 | 8.1.13.3| Linux \nWindows| [https://www.ibm.com/support/pages/node/6487157 ](<https://www.ibm.com/support/pages/node/6487157> \"\" ) \n7.1.8.10-7.1.8.14| 7.1.8.15| Linux \nWindows| <https://www.ibm.com/support/pages/node/316625> \n \n**_IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V Affected Versions \n_**| **_Fixing \nLevel_**| **_Platform_**| **_Link to Fix and Instructions \n_** \n---|---|---|--- \n8.1.11.0-8.1.13.2| 8.1.13.3| Windows| <https://www.ibm.com/support/pages/node/6487157> \n \n## Workarounds and Mitigations\n\nIBM strongly recommends addressing this vulnerability now by upgrading to the fixed level using the links provided in the Remediation/Fixes section instead of using the manual process below. \n\n**Procedure to Manually Replace log4j jar files**\n\nThe following products/components can use this procedure:\n\n * IBM Spectrum Protect for Virtual Environments: Data Protection for VMware\n * IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V\n * IBM Spectrum Protect Backup-Archive Client\n * Data Movers used by IBM Spectrum Protect for Virtual Environments \n \n\n\nThe five impacted components are:\n\n**Component**\n\n| \n\n**Products Using Component** \n \n---|--- \n \nvmcli\n\n| \n\nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware \n \nFile Restore\n\n| \n\nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware, IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V, and the Data Movers used by IBM Spectrum Protect for Virtual Environments \n \nData Protection for VMware UI\n\n| \n\nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware \n \nvCloud Suite SDK (tagging)\n\n| \n\nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware \n \nWeb GUI\n\n| \n\nIBM Spectrum Protect Backup-Archive Client \n \nThe Web GUI is tied to the following items in the IBM Spectrum Protect Backup-Archive Client -\n\n * Windows \u2013 \u201cClient Web Server\u201d feature\n * Linux - TIVsm-WEBGUI** package\n * AIX - tivoli.tsm.client.webgui fileset\n\n**&gt;Directions to replace the log4j jars files:**\n\n**Windows steps \u2013**\n\n1\\. Download the following from Apache - Apache Log4j 2.17.1 or later can be used.\n\nApache Log4j 2.17.1 is used in these directions as an example.\n\nApache Log4j 2 binary(zip): apache-log4j-2.17.1-bin.zip\n\n<https://logging.apache.org/log4j/2.0/download.html>\n\n2\\. In Windows Services, switch the following services if present to manual to avoid automatic restarts during patching process:\n\nIBM Spectrum Protect for Virtual Environments Derby Database(vmcli)\n\nIBM Spectrum Protect for Virtual Environments Web Server\n\nIBM Spectrum Protect for BAClient Web Server\n\nIBM Spectrum Protect Recovery Agent\n\n3\\. Stop the following Windows services if present:\n\nIBM Spectrum Protect for Virtual Environments Derby Database(vmcli)\n\nIBM Spectrum Protect for Virtual Environments Web Server\n\nIBM Spectrum Protect for BAClient Web Server\n\nIBM Spectrum Protect Recovery Agent\n\n4\\. Unzip the apache-log4j-2.17.1-bin.zip file\n\n5\\. Remove the following log4j files from the following locations:\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\apps\\FR_API.war\\WEB-INF\\lib\n\nC:\\Program Files\\IBM\\SpectrumProtect\\Framework\\VEGUI\\Lib\n\nC:\\Program Files\\Tivoli\\TSM\\baclient\\plugins\\vcloudsuite\\sdk\n\nNote: Given the potential for the IBM Spectrum Protect Backup-Archive Client to be installed in a non-default location, it may be beneficial to simply search against locations of log4j*.jar and remove prior versions accordingly against locations where Spectrum Protect has placed these files. \n\nThe files to be removed are the following:\n\nFor 8.1.11.0-8.1.13.0 and 7.1.8.10-7.1.8.12 \nlog4j-api-2.13.3.jar \nlog4j-1.2-api-2.13.3.jar \nlog4j-core-2.13.3.jar \nlog4j-jcl-2.13.3.jar \nlog4j-slf4j-impl-2.13.3.jar\n\nFor 8.1.13.1 and 7.1.8.13 \nlog4j-api-2.15.0.jar \nlog4j-1.2-api-2.15.0.jar \nlog4j-core-2.15.0.jar \nlog4j-jcl-2.15.0.jar \nlog4j-slf4j-impl-2.15.0.jar\n\nFor 8.1.13.2 and 7.1.8.14 \nlog4j-api-2.17.0.jar \nlog4j-1.2-api-2.17.0.jar \nlog4j-core-2.17.0.jar \nlog4j-jcl-2.17.0.jar \nlog4j-slf4j-impl-2.17.0.jar\n\n6\\. For the workarea folder locations, for example:\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheAdapt\\com.ibm.ws.app.manager_60\\WEB-INF\\lib\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheAdapt\\com.ibm.ws.app.manager_68\\WEB-INF\\lib\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheOverlay\\com.ibm.ws.app.manager_67\\WEB-INF\\lib\\\\.cache\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheOverlay\\com.ibm.ws.app.manager_68\\WEB-INF\\lib\\\\.cache\n\nFolders with the log4j jar names will be created, for example:\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheAdapt\\com.ibm.ws.app.manager_60\\WEB-INF\\lib\\log4j-1.2-api-2.13.3.jar\\\n\nPlease remove these folders in the workarea location. The values specified by _XY will vary, for example _60 vs _67: \n \n\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheAdapt\\com.ibm.ws.app.manager_60\\WEB-INF\\lib\n\nC:\\IBM\\SpectrumProtect\\webserver\\usr\\servers\\veProfile\\workarea\\org.eclipse.osgi\\90\\data\\cacheAdapt\\com.ibm.ws.app.manager_67\\WEB-INF\\lib\n\n7\\. Replace the removed files with the updated versions from the zip file where they are 2.17.1 or later.\n\nlog4j-api-2.17.1.jar \nlog4j-1.2-api-2.17.1.jar \nlog4j-core-2.17.1.jar \nlog4j-jcl-2.17.1.jar \nlog4j-slf4j-impl-2.17.1.jar\n\n8\\. Restart the following services where applicable:\n\nIBM Spectrum Protect for Virtual Environments Derby Database (vmcli)\n\nIBM Spectrum Protect for Virtual Environments Web Server\n\nIBM Spectrum Protect Recovery Agent\n\nIBM Spectrum Protect for BAClient Web Server\n\n9\\. In Windows Services, switch the following services back to automatic to allow automatic restarts on reboot as needed:\n\nIBM Spectrum Protect for Virtual Environments Derby Database(vmcli)\n\nIBM Spectrum Protect for Virtual Environments Web Server\n\nIBM Spectrum Protect Recovery Agent\n\nIBM Spectrum Protect for BAClient Web Server\n\n**Linux steps** \u2013\n\n1\\. Download the following from Apache - Apache Log4j 2.17.1 or later can be used.\n\nApache Log4j 2.17.1 is used in these directions as an example.\n\nApache Log4j 2 binary(zip): apache-log4j-2.17.1-bin.tar.gz \n<https://logging.apache.org/log4j/2.0/download.html> \n\n\n2\\. Stop the following services if present:\n\nsystemctl stop webserver / [SLES 12.3: /etc/init.d/webserver stop] \nkill the vmclid process --&gt; not for Web 3.0\n\n3\\. Extract the files from apache-log4j-2.17.1-bin.tar.gz\n\n4\\. Remove the following log4j files from the following locations:\n\n/opt/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/apps/FR_API.war/WEB-INF/lib/\n\n/opt/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/apps/tsmVmGUI.war/WEB-INF/lib/\n\n/opt/tivoli/tsm/tdpvmware/common/lib/\n\n/opt/tivoli/tsm/client/ba/bin/plugins/vcloudsuite/sdk/\n\n/opt/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/workarea/org.eclipse.osgi/88/data/cacheAdapt/com.ibm.ws.app.manager_51/WEB-INF/lib/\n\n/opt/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/workarea/org.eclipse.osgi/88/data/cacheOverlay/com.ibm.ws.app.manager_51/WEB-INF/lib/.cache/\n\nNote: Given the potential for the B/A Client to be installed in a non-default location, it may be beneficial to simply search against locations of log4j*.jar and remove prior versions accordingly against locations where Spectrum Protect has placed these files. For the workarea folders listed above, the values may vary. \n\nThe files to be removed are the following:\n\nFor 8.1.11.0-8.1.13.0 and 7.1.8.10-7.1.8.12 \nlog4j-api-2.13.3.jar \nlog4j-1.2-api-2.13.3.jar \nlog4j-core-2.13.3.jar \nlog4j-jcl-2.13.3.jar \nlog4j-slf4j-impl-2.13.3.jar\n\nFor 8.1.13.1 and 7.1.8.13 \nlog4j-api-2.15.0.jar \nlog4j-1.2-api-2.15.0.jar \nlog4j-core-2.15.0.jar \nlog4j-jcl-2.15.0.jar \nlog4j-slf4j-impl-2.15.0.jar\n\nFor 8.1.13.2 and 7.1.8.14 \nlog4j-api-2.17.0.jar \nlog4j-1.2-api-2.17.0.jar \nlog4j-core-2.17.0.jar \nlog4j-jcl-2.17.0.jar \nlog4j-slf4j-impl-2.17.0.jar\n\n \n5\\. Replace the removed files with the updated versions from the tar.gz file where they are 2.17.1 or later.\n\nlog4j-api-2.17.1.jar \nlog4j-1.2-api-2.17.1.jar \nlog4j-core-2.17.1.jar \nlog4j-jcl-2.17.1.jar \nlog4j-slf4j-impl-2.17.1.jar\n\n6\\. Start the stopped services: \n\nvmclid daemon\n\n\"systemctl start webserver\" / [SLES 12.3: /etc/init.d/webserver start]\n\n**AIX steps** \u2013\n\n1\\. Download the following from Apache - Apache Log4j 2.17.1 or later can be used.\n\nApache Log4j 2.17.1 is used in these directions as an example.\n\nApache Log4j 2 binary(zip): apache-log4j-2.17.1-bin.tar.gz\n\n<https://logging.apache.org/log4j/2.0/download.html> \n\n\n2\\. Stop the following process as root via the following command:\n\n/usr/tivoli/tsm/tdpvmware/common/webserver/bin/server stop veProfile\n\n3\\. Extract the files from apache-log4j-2.17.1-bin.tar.gz\n\n4\\. Remove the following log4j files from the following locations:\n\n/usr/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/apps/FR_API.war/WEB-INF/lib/\n\n/usr/tivoli/tsm/tdpvmware/common/lib/\n\n/usr/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/workarea/org.eclipse.osgi/88/data/cacheAdapt/com.ibm.ws.app.manager_51/WEB-INF/lib/\n\n/usr/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile/workarea/org.eclipse.osgi/88/data/cacheOverlay/com.ibm.ws.app.manager_51/WEB-INF/lib/.cache/\n\nNote: Given the potential for the B/A Client to be installed in a non-default location, it may be beneficial to simply search against locations of log4j*.jar and remove prior versions accordingly against locations where Spectrum Protect has placed these files. For the workarea folders listed above, the values may vary. \n\nThe files to be removed are the following:\n\nFor 8.1.11.0-8.1.13.0 and 7.1.8.10-7.1.8.12 \nlog4j-api-2.13.3.jar \nlog4j-1.2-api-2.13.3.jar \nlog4j-core-2.13.3.jar \nlog4j-jcl-2.13.3.jar \nlog4j-slf4j-impl-2.13.3.jar\n\nFor 8.1.13.1 and 7.1.8.13 \nlog4j-api-2.15.0.jar \nlog4j-1.2-api-2.15.0.jar \nlog4j-core-2.15.0.jar \nlog4j-jcl-2.15.0.jar \nlog4j-slf4j-impl-2.15.0.jar\n\nFor 8.1.13.2 and 7.1.8.14 \nlog4j-api-2.17.0.jar \nlog4j-1.2-api-2.17.0.jar \nlog4j-core-2.17.0.jar \nlog4j-jcl-2.17.0.jar \nlog4j-slf4j-impl-2.17.0.jar\n\n5\\. Replace the removed files with the updated versions from the tar.gz file where they are 2.17.1 or later.\n\nlog4j-api-2.17.1.jar \nlog4j-1.2-api-2.17.1.jar \nlog4j-core-2.17.1.jar \nlog4j-jcl-2.17.1.jar \nlog4j-slf4j-impl-2.17.1.jar\n\n6\\. Start the stopped process as root via the following command:\n\n/usr/tivoli/tsm/tdpvmware/common/webserver/bin/server start veProfile --clean\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-14T14:10:57", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j impacts IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-14T14:10:57", "id": "89E699B806727E33E450302956E4D536B906A5F4CF0C0791EBBC25F005461B6D", "href": "https://www.ibm.com/support/pages/node/6540692", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:07:10", "description": "## Summary\n\nApache Log4j is used by IBM Cloud Pak for Data System 1.0 in openshift-logging. This bulletin provides a remediation for the Apache Log4j vulnerability (CVE-2021-44832). \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Data System (ICPDS) 1.0 - Openshift Container Platform 3.11| 1.0.0.0- 1.0.7.7 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by applying below patch. **\n\n**Product**| VRMF| Remediation / Fix \n---|---|--- \n \nIBM Cloud Pak for Data System 1.0 - Openshift Container Platform 3.11\n\n| 1.0.0.1-openshift-3.11.log4j-WS-ICPDS-fp140| [Link to Fix Central](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Cloud+Private+for+Data+System&fixids=1.0.0.1-openshift-3.11.log4j-WS-ICPDS-fp140&source=SAR>) \n \n * Please follow the steps given in **[release notes](<https://www.ibm.com/docs/en/cloud-paks/cloudpak-data-system/1.0?topic=new-log4j-vulnerability-patch-1001> \"release notes\" )** to apply above remediation. Please replace fpxxx in the release note with fp140.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-14T05:33:09", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Data System 1.0 is vulnerable to remote code execution due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-14T05:33:09", "id": "3B5CA39475D73EB1F673FE6D208449037B7B188E0C5761C0C18099C77DD55CC2", "href": "https://www.ibm.com/support/pages/node/6556406", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:09:17", "description": "## Summary\n\nApache Log4j remote code execution vulnerability affects IBM Sterling Control Center. Customers are strongly encouraged to take action and apply the fix below. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Sterling Control Center| 6.2.1.0 \nIBM Sterling Control Center| 6.2.0.0 \nIBM Sterling Control Center| 6.1.3.0 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading. \n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**iFix**\n\n| \n\n**Remediation** \n \n---|---|---|--- \n \nIBM Sterling Control Center\n\n| \n\n6.2.1.0\n\n| \n\niFix05\n\n| \n\n[Fix Central - 6.2.1.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.1.0&platform=All&function=all>) \n \nIBM Sterling Control Center\n\n| \n\n6.2.0.0\n\n| \n\niFix15\n\n| \n\n[Fix Central - 6.2.0.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.0.0&platform=All&function=all>) \n \nIBM Sterling Control Center\n\n| \n\n6.1.3.0\n\n| \n\niFix11\n\n| \n\n[Fix Central - 6.1.3.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.1.3.0&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-21T22:48:20", "type": "ibm", "title": "Security Bulletin: IBM Sterling Control Center is vulnerable to remote code execution due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-21T22:48:20", "id": "A2F7E57DAD21E2D5E4DB804EB652C6CD00E5CDF5B0D67125B95F4E269BA69025", "href": "https://www.ibm.com/support/pages/node/6549894", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:03:33", "description": "## Summary\n\nThere is a vulnerability in the Apache Log4j open source library. The library is used by Elasticsearch, a dependency of IBM Cloud Private, for logging messages to files. This bulletin identifies the security fixes to apply to address the vulnerability (CVE-2021-44832). \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.2 CD \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading.**\n\nThe recommended solution involves the IBM Cloud Private ibm-icplogging component. It is recommended that you follow the instructions for the component in the links listed below:\n\nFor IBM Cloud Private 3.2.1: [IBM Cloud Private 3.2.1 Patch](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1-build601012-52063&includeSupersedes=0> \"IBM Cloud Private 3.2.1 Patch\" )\n\nFor IBM Cloud Private 3.2.2: [IBM Cloud Private 3.2.2 Patch](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1-build601012-52063&includeSupersedes=0> \"IBM Cloud Private 3.2.2 Patch\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T21:05:55", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j affects IBM Cloud Private (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-03-14T21:05:55", "id": "77486B8B5BB16D0AE922BE517509C1AEDA2019428A2A23BADFAE5682D363F74A", "href": "https://www.ibm.com/support/pages/node/6563309", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:53:05", "description": "## Summary\n\nApache Log4j is used by as part of its logging infrastructure by IBM Analytic Accelerator Framework for Communication Service Providers (AAF) and IBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA). These products are vulnerable to CVE-2021-44832. The fix includes includes Apache Log4j v2.17.0\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Analytic Accelerator Framework for Communication Service Providers (AAF)| 4.0.0.0.0 \nIBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) | 10.0.0.0.0 \n \n\n\n## Remediation/Fixes\n\nCustomers who have installed the affected versions should immediately upgrade to: \n\nIBM Analytic Accelerator Framework for Communication Service Providers (AAF) v4.0.0.2\n\nIBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) v10.0.0.2\n\nThe above software packages can be downloaded from IBM Passport Advantage.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-17T01:00:31", "type": "ibm", "title": "Security Bulletin: IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics for Communications Service Providers and Datasets Impacted by Log4j Vulnerabilities ( CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-06-17T01:00:31", "id": "E805A2E822F9F587AC809C6A8CA399694FA0BD883078F64EF001D4B79132B879", "href": "https://www.ibm.com/support/pages/node/6595967", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:08:52", "description": "## Summary\n\nA potential vulnerability inApache Log4j - CVE-2021-44832 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Several components of IBM Watson Assistant for IBM Cloud Pak for Data use Log4j to log diagnostic data unrelated to customer input. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWA for ICP| 1.5.0, 4.0.0, 4.0.2, 4.0.4 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading to the upcoming latest (v4.0.5) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above. \n\nLatest Version| Link to Release (v4.0.5 release information) \n---|--- \nIBM Watson Assistant for IBM Cloud Pak for Data 4.0.5| <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.0?topic=assistant-installing-watson> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-27T18:08:51", "type": "ibm", "title": "Security Bulletin: Vulnerability inApache Log4j - CVE-2021-44832 may affect IBM Watson Assistant for IBM Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-27T18:08:51", "id": "84B9F968C99F1D06D139A9613E0943A5C824556A856DEFE8DEE64E68329DDB5C", "href": "https://www.ibm.com/support/pages/node/6551436", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:08:00", "description": "## Summary\n\nA vulnerabilitiy in Apache Log4j could result in remote code execution. This vulnerability may affect IBM Spectrum Protect Snapshot for VMware due to its use of Log4j for logging of messages and traces. The below fix package includes Log4j 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Snapshot for VMware| 4.1.6.10-4.1.6.14 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing this vulnerability now by upgrading. \n\n**Note: The below fix package includes Log4j 2.17.1.**\n\n**_IBM Spectrum Protect Snapshot for VMware Affected Versions \n_**| **_Fixing \nLevel_**| **_Platform_**| **_Link to Fix and Instructions \n_** \n---|---|---|--- \n4.1.6.10-4.1.6.14| 4.1.6.15| Linux| <https://www.ibm.com/support/pages/node/6540240> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T11:37:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Protect Snapshot for VMware (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-01T11:37:31", "id": "F532C527613357C6A2A49FB79425351FAA7200585028A4FA9898C13802895FB6", "href": "https://www.ibm.com/support/pages/node/6540874", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:07:10", "description": "## Summary\n\nOperations Dashboard is vulnerable to arbitrary code execution in Log4j CVE-2021-44832 with details below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nOperations Dashboard| 2020.4.1 \n2021.1.1 \n2021.2.1 \n2021.3.1 \n2021.4.1 \n \n\n\n## Remediation/Fixes\n\n**Operations Dashboard version 2020.4.1 in IBM Cloud Pak for Integration** \nUpgrade Operations Dashboard to 2020.4.1-7-eus using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2020.4?topic=components-upgrading-operations-dashboard> \n \n**Operations Dashboard version 2021.1.1, 2021.2.1, 2021.3.1, and 2021.4.1 in IBM Cloud Pak for Integration** \nUpgrade Operations Dashboard to 2021.4.1-3 using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2021.4?topic=capabilities-upgrading-integration-tracing>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-11T13:54:51", "type": "ibm", "title": "Security Bulletin: Operations Dashboard is vulnerable to arbitrary code execution in Log4j CVE-2021-44832", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-11T13:54:51", "id": "3A9B55763C1C0473228A4D4C82FC501C0EAAF3C51E020F75A80CE6CD65CC662F", "href": "https://www.ibm.com/support/pages/node/6555356", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:11:35", "description": "## Summary\n\nA security vulnerability has been identified in the Apache Log4j library that could allow a remote attacker to execute arbitrary code on the system. The Log4j library is used by IBM Tivoli Netcool Impact to provide logging functionality. This vulnerability has been addressed. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact| 7.1.0 \n \n\n\n## Remediation/Fixes\n\nProduct Name| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM Tivoli Netcool Impact| 7.1.0.18 ~ 7.1.0.24| IJ36910| ** \n****For 7.1.0.18 through 7.1.0.24:** \nApply Interim Fix [7.1.0-TIV-NCI-IF0010](<https://www.ibm.com/support/pages/node/6536702> \"7.1.0-TIV-NCI-IF0010\" ) \n \n \n \n## Workarounds and Mitigations\n\nThe default log4j configuration for IBM Tivoli Netcool Impact does not use a JDBC Appender. If the configuration has been changed to load a JDBC Appender, IBM recommends removing it.\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-06T15:23:59", "type": "ibm", "title": "Security Bulletin: A vulnerability in Apache Log4j affects IBM Tivoli Netcool Impact (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-06T15:23:59", "id": "39D96B14EB572D15D163E89AF8FFEB5DBC072EF6E833A83F8DA3B89A5DBB7F82", "href": "https://www.ibm.com/support/pages/node/6538696", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:07:07", "description": "## Summary\n\nApache Log4j is used by IBM Sterling Connect:Direct for UNIX as part of its logging infrastructure. There are vulnerabilities in the Apache Log4j open source library versions used by IBM Sterling Connect:Direct for Unix. Based on current information and analysis, IBM Sterling Connect:Direct for Unix is not impacted by CVE-2021-44832. However, out of an abundance of caution, IBM Sterling Connect:Direct for Unix has upgraded Log4j to 2.17.1.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling Connect:Direct for UNIX| 6.2.0 \nIBM Sterling Connect:Direct for UNIX| 6.1.0 \nIBM Sterling Connect:Direct for UNIX| 6.0.0 \nIBM Sterling Connect:Direct for UNIX| 4.3.0 \n \n## Remediation/Fixes\n\nIBM recommends addressing the possible vulnerability now by upgrading.\n\n**Product(s)**| **Version(s)**| **Remediation/Fix** \n---|---|--- \nIBM Sterling Connect:Direct for UNIX| 6.2.0| Apply 6.2.0.1.iFix020, available in cumulative 6.2.0.2.iFix001 on [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=6.2.0.2&platform=All&function=fixId&fixids=6.2.0.2*iFix001*&includeSupersedes=0> \"Fix Central\" ) \nIBM Sterling Connect:Direct for UNIX| 6.2.0 IBM Certified Container| Apply 6.2.0.2, see [Downloading the Certified Container Software](<https://www.ibm.com/docs/en/connect-direct/6.2.0?topic=tasks-downloading-certified-container-software> \"Downloading the Certified Container Software\" ) \nIBM Sterling Connect:Direct for UNIX| 6.1.0| Apply 6.1.0.4.iFix037, available in cumulative iFix040 on [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=6.1.0.4&platform=All&function=fixId&fixids=6.1.0.4*iFix040*&includeSupersedes=0> \"Fix Central\" ) \nIBM Sterling Connect:Direct for UNIX| 6.0.0| Apply 6.0.0.2.iFix127, available on [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=6.0.0.2&platform=All&function=fixId&fixids=6.0.0.2*iFix127*&includeSupersedes=0> \"Fix Central\" ) \nIBM Sterling Connect:Direct for UNIX| 4.3.0| Apply 4.3.0.1.iFix092, available in cumulative iFix094 on [Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.3.0.1&platform=All&function=fixId&fixids=4.3.0.1*iFix094*&includeSupersedes=0> \"Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-12T01:30:58", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct for UNIX may be vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-12T01:30:58", "id": "7E14B22ECA169752ECE98AF6029993D38DAD48CA63B7F7A2541E649258A2178A", "href": "https://www.ibm.com/support/pages/node/6555402", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:04:03", "description": "## Summary\n\nThere is a security vulnerability in the Apache Log4j open source library used by IBM OpenPages with Watson. This impacts the IBM OpenPages logging framework. This vulnerability has been addressed. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffects IBM OpenPages with Watson 8.2.0.4 through 8.2.0.4 Interim Fix 2 (8.2.0.4.2) \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerabilities now by upgrading.**\n\nA fix has been created for the affected versions of the named product. Fix and installation instructions are provided at the URL listed below: \n \n\n\n**Affected Product and Version \n**| **Remediation/Fix** \n---|--- \n \nIBM OpenPages with Watson **8.2.0.4, 8.2.0.4.1, 8.2.0.4.2** \n \n\n\n| \n\n\\- Apply 8.2.0.4 Interim Fix 3 (**8.2.0.4.3**)\n\n<https://www.ibm.com/support/pages/openpages-watson-8204-interim-fix-3> \n \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-02T02:17:50", "type": "ibm", "title": "Security Bulletin: IBM OpenPages with Watson has addressed Apache Log4j vulnerability (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-03-02T02:17:50", "id": "E4DC5C75AB8DC1EFE3474E65C33B8EED76C2B358258DE3E2C7A0C0EA9FD53126", "href": "https://www.ibm.com/support/pages/node/6560620", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:53:37", "description": "## Summary\n\nThere is a vulnerability in the Apache Log4j open source library. The library is used by IBM Event Streams.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Event Streams| 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.4.0 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading \n\n**IBM Event Streams (Continuous Delivery)**\n\n * Upgrade to IBM Event Streams 10.5.0 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/installing/upgrading/> \"\" ) documentation.\n\n**IBM Event Streams (Extended Update Support)**\n\n * Upgrade to IBM Event Streams 10.2.1 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/10.2/installing/upgrading/> \"\" ) documentation.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-10T15:52:27", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-06-10T15:52:27", "id": "EA3F9619545419A098A554C6AA49233D406E118A8A2221EEFF0BABB483AAC02B", "href": "https://www.ibm.com/support/pages/node/6594159", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:09:45", "description": "## Summary\n\nAutomation Assets in IBM Cloud Pak for Integration is vulnerable to CVE-2021-44832 with details below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAutomation Assets in IBM Cloud Pak for Integration (CP4I)| 2021.2.1 \n2021.4.1 \n \n\n\n## Remediation/Fixes\n\n**Automation Assets version 2021.2.1 or 2021.4.1 in IBM Cloud Pak for Integration**\n\nUpgrade Automation Assets to 2021.4.1-2 using the Operator upgrade process described in the IBM Documentation\n\n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2021.4?topic=capabilities-upgrading-automation-assets>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-17T16:16:00", "type": "ibm", "title": "Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j (CVE-2021-44832)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-17T16:16:00", "id": "23980F37EDFBF5DFA892E9152EBD5E349FBE79FB2A858C312C9DC9251022F872", "href": "https://www.ibm.com/support/pages/node/6541290", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:10:50", "description": "## Summary\n\nThere are vulnerabilities in Apache log4j2 used by IBM Spectrum LSF Suite, IBM Spectrum LSF Suite for HPA, IBM Spectrum LSF Explorer and IBM Spectrum LSF Application Center. IBM Spectrum LSF Suite, IBM Spectrum LSF Suite for HPA, IBM Spectrum LSF Explorer and IBM Spectrum LSF Application Center have addressed the applicable CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Spectrum Suite for HPA| 10.2.0.12 \nIBM Spectrum LSF Explorer| 10.2.0.12 \nIBM Spectrum LSF Application Center| 10.2.0.12 \nIBM Spectrum LSF Suite| 10.2.0.12 \n \n\n\n## Remediation/Fixes\n\nIBM Spectrum LSF Suite for Enterprise: \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+Enterprise&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=suite-10.2.0.12-build600958&amp;includeSupersedes=0](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+Enterprise&release=All&platform=All&function=fixId&fixids=suite-10.2.0.12-build600958&includeSupersedes=0>)\n\nIBM Spectrum LSF Suite for HPC: \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+HPC&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=suite-10.2.0.12-build600958&amp;includeSupersedes=0](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+HPC&release=All&platform=All&function=fixId&fixids=suite-10.2.0.12-build600958&includeSupersedes=0>)\n\nIBM Spectrum LSF Suite for Workgroups: \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+Workgroups&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=suite-10.2.0.12-build600958&amp;includeSupersedes=0](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Suite+for+Workgroups&release=All&platform=All&function=fixId&fixids=suite-10.2.0.12-build600958&includeSupersedes=0>)\n\nIBM Spectrum LSF Explorer: \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Explorer&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=explorer-10.2-build600931&amp;includeSupersedes=0](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Explorer&release=All&platform=All&function=fixId&fixids=explorer-10.2-build600931&includeSupersedes=0>)\n\nIBM Spectrum LSF Application Center: \n[http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Application+Center&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=pac-10.2-build600931&amp;includeSupersedes=0](<http://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+LSF+Application+Center&release=All&platform=All&function=fixId&fixids=pac-10.2-build600931&includeSupersedes=0>)\n\nIBM Spectrum Suite for HPA:\n\nRefer to IBM Spectrum LSF Application Center and IBM Spectrum LSF Explorer\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-12T09:48:48", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Apache Log4j2 affect IBM Spectrum LSF Suite, IBM Spectrum LSF Suite for HPA, IBM Spectrum LSF Explorer and IBM Spectrum LSF Application Center", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-12T09:48:48", "id": "A4DED06E2C9F4A28ADEF0AA4C6EEFDDF9D1F431EA3CF997F41E7EA22CA7B12B7", "href": "https://www.ibm.com/support/pages/node/6540236", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2023-12-06T21:28:11", "description": "A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-11-20T01:45:55", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: js-jquery-ui-1.13.0-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2021-11-20T01:45:55", "id": "FEDORA:659033221693", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T21:28:11", "description": "A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-11-20T01:11:49", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: js-jquery-ui-1.13.0-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2021-11-20T01:11:49", "id": "FEDORA:33F853184440", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T21:28:11", "description": "A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-11-20T01:08:33", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: js-jquery-ui-1.13.0-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2021-11-20T01:08:33", "id": "FEDORA:5B9703257D9C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T21:28:18", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-23T09:04:53", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: drupal7-7.92-1.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-25271", "CVE-2022-25275"], "modified": "2022-10-23T09:04:53", "id": "FEDORA:D4D0A3067095", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T21:28:18", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-03T15:31:08", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: drupal7-7.92-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-25271", "CVE-2022-25275"], "modified": "2022-11-03T15:31:08", "id": "FEDORA:EA85730AFE74", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T21:28:19", "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-10T22:46:29", "type": "fedora", "title": "[SECURITY] Fedora 37 Update: drupal7-7.92-1.fc37", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-25271", "CVE-2022-25275"], "modified": "2022-11-10T22:46:29", "id": "FEDORA:978EE3068B61", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NAIWJKYBE3EVIR2YHOT73ZLOUSMCOGNH/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T15:53:01", "description": "Fast, reliable, and secure dependency management. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T01:53:57", "type": "fedora", "title": "[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-2.fc37", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-12T01:53:57", "id": "FEDORA:BCFED30A3C21", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RYJSGJIELN7ONRXIUF5USFBW7Y2FX7N3/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T15:53:01", "description": "pgAdmin is the most popular and feature rich Open Source administration and development platform for PostgreSQL, the most advanced Open Source database in the worl d. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T01:53:58", "type": "fedora", "title": "[SECURITY] Fedora 37 Update: pgadmin4-6.18-2.fc37", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-12T01:53:58", "id": "FEDORA:AFA9330AF383", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MWRPBXRQXUJY4S564TKU44KGGKG3COW5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T15:53:01", "description": "Fast, reliable, and secure dependency management. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T01:35:37", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: yarnpkg-1.22.19-2.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-12T01:35:37", "id": "FEDORA:7ACB43067777", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DNEACIUZ6LFSFWUIERUZBLHDTUR3ZFA5/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T21:28:07", "description": "The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-10T01:30:26", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: jackson-databind-2.10.5.1-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-02-10T01:30:26", "id": "FEDORA:ECB8530BC708", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-01T00:46:43", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: jackson-databind-2.9.4-3.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7489"], "modified": "2018-04-01T00:46:43", "id": "FEDORA:9A45F6078C22", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NNUEGJGG6L6ZDTLKTHYM6STZUU53L6DQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T21:28:11", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets. ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-06T00:51:53", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: log4j-2.17.1-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-06T00:51:53", "id": "FEDORA:7DC2630AEB07", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T21:28:11", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets. ", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-06T01:12:26", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: log4j-2.17.1-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-06T01:12:26", "id": "FEDORA:E468830AF07B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-11-22T16:52:45", "description": "The version of JQuery UI library hosted on the remote web server is prior to 1.13.0. It is, therefore, affected by multiple cross-site scripting vulnerabilities:\n\n - Accepting the value of the 'altField' option of the Datepicker widget from untrusted sources may execute untrusted code. (CVE-2021-41182)\n\n - Accepting the value of various '*Text' options of the Datepicker widget from untrusted sources may execute untrusted code. (CVE-2021-41183)\n\n - Accepting the value of the 'of' option of the '.position()' util from untrusted sources may execute untrusted code. (CVE-2021-41184)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-31T00:00:00", "type": "nessus", "title": "JQuery UI < 1.13.0 Multiple XSS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-11-21T00:00:00", "cpe": [], "id": "JQUERY-UI_1_13_0.NASL", "href": "https://www.tenable.com/plugins/nessus/156443", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156443);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-41182\", \"CVE-2021-41183\", \"CVE-2021-41184\");\n script_xref(name:\"IAVB\", value:\"2021-B-0071-S\");\n\n script_name(english:\"JQuery UI < 1.13.0 Multiple XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple cross-site scripting vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of JQuery UI library hosted on the remote web server is prior to 1.13.0. It is, therefore, affected by\nmultiple cross-site scripting vulnerabilities:\n\n - Accepting the value of the 'altField' option of the Datepicker widget from untrusted sources may execute untrusted\n code. (CVE-2021-41182)\n\n - Accepting the value of various '*Text' options of the Datepicker widget from untrusted sources may execute\n untrusted code. (CVE-2021-41183)\n\n - Accepting the value of the 'of' option of the '.position()' util from untrusted sources may execute untrusted\n code. (CVE-2021-41184)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JQuery UI version 1.13.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/31\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jquery_ui_detect.nasl\");\n script_require_keys(\"Settings/ParanoidReport\", \"installed_sw/jquery_ui\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar appname = 'jquery ui';\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nvar port = get_http_port(default:80);\nvar app_info = vcf::get_app_info(app:appname, port:port, webapp:TRUE);\n\nvar constraints = [{'fixed_version':'1.13.0'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{xss:TRUE});\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-22T15:04:11", "description": "According to its self-reported version number, jQuery UI is prior to 1.13.0. It is, therefore, affected by multiple vulnerabilities:\n\n - A Cross-Site Scripting (XSS) in the altField option of the Datepicker widget (CVE-2021-41182)\n\n - A Cross-Site Scripting (XSS) in *Text options of the Datepicker widget (CVE-2021-41183)\n\n - A Cross-Site Scripting (XSS) in the of option of the .position() util (CVE-2021-41184)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-04T00:00:00", "type": "nessus", "title": "jQuery UI < 1.13.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113042", "href": "https://www.tenable.com/plugins/was/113042", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-21T14:07:02", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3230 advisory.\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( refresh )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`. (CVE-2022-31160)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-08T00:00:00", "type": "nessus", "title": "Debian DLA-3230-1 : jqueryui - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-09-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjs-jquery-ui", "p-cpe:/a:debian:debian_linux:libjs-jquery-ui-docs", "p-cpe:/a:debian:debian_linux:node-jquery-ui", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3230.NASL", "href": "https://www.tenable.com/plugins/nessus/168485", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3230. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168485);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-31160\"\n );\n\n script_name(english:\"Debian DLA-3230-1 : jqueryui - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3230 advisory.\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a\n CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as\n pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted\n sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is\n fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A\n workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of\n jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a\n checkboxradio widget on an input enclosed within a label makes that parent label contents considered as\n the input label. Calling `.checkboxradio( refresh )` on such a widget and the initial HTML contained\n encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing\n JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can\n change the initial HTML can wrap all the non-input contents of the `label` in a `span`. (CVE-2022-31160)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/jqueryui\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-31160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/jqueryui\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the jqueryui packages.\n\nFor Debian 10 buster, these problems have been fixed in version 1.12.1+dfsg-5+deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-31160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjs-jquery-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjs-jquery-ui-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:node-jquery-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'libjs-jquery-ui', 'reference': '1.12.1+dfsg-5+deb10u1'},\n {'release': '10.0', 'prefix': 'libjs-jquery-ui-docs', 'reference': '1.12.1+dfsg-5+deb10u1'},\n {'release': '10.0', 'prefix': 'node-jquery-ui', 'reference': '1.12.1+dfsg-5+deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjs-jquery-ui / libjs-jquery-ui-docs / node-jquery-ui');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:08", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86, 9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. (CVE-2021-41183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-19T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-11-20T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_9_3_3.NASL", "href": "https://www.tenable.com/plugins/nessus/156863", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156863);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2010-5312\",\n \"CVE-2016-7103\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\"\n );\n script_xref(name:\"IAVA\", value:\"2016-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2018-A-0230-S\");\n script_xref(name:\"IAVB\", value:\"2021-B-0071-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86,\n9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before\n 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject\n arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a\n CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as\n pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted\n sources. (CVE-2021-41183)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2022-002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\");\n # https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?92b10be6\");\n # https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?85264131\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.86\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/jquery_update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/9.2.11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/9.3.3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.86 / 9.2.11 / 9.3.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/19\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar port = get_http_port(default:80, php:TRUE);\n\nvar app_info = vcf::get_app_info(app:'Drupal', port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nvar constraints = [\n { 'min_version' : '7.0', 'fixed_version' : '7.86' },\n { 'min_version' : '9.2', 'fixed_version' : '9.2.11' },\n { 'min_version' : '9.3', 'fixed_version' : '9.3.3' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING,\n flags:{'xss':TRUE}\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-14T09:53:14", "description": "The remote Ubuntu 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory.\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( refresh )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`. (CVE-2022-31160)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-10-05T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-10-13T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "cpe:/o:canonical:ubuntu_linux:18.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:libjs-jquery-ui", "p-cpe:/a:canonical:ubuntu_linux:node-jquery-ui"], "id": "UBUNTU_USN-6419-1.NASL", "href": "https://www.tenable.com/plugins/nessus/182583", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-6419-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(182583);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/13\");\n\n script_cve_id(\n \"CVE-2016-7103\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-31160\"\n );\n script_xref(name:\"USN\", value:\"6419-1\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-6419-1 advisory.\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject\n arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a\n CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as\n pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted\n sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is\n fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A\n workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of\n jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a\n checkboxradio widget on an input enclosed within a label makes that parent label contents considered as\n the input label. Calling `.checkboxradio( refresh )` on such a widget and the initial HTML contained\n encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing\n JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can\n change the initial HTML can wrap all the non-input contents of the `label` in a `span`. (CVE-2022-31160)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-6419-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libjs-jquery-ui and / or node-jquery-ui packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-31160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjs-jquery-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:node-jquery-ui\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'libjs-jquery-ui', 'pkgver': '1.10.1+dfsg-1ubuntu0.16.04.1~esm1'},\n {'osver': '18.04', 'pkgname': 'libjs-jquery-ui', 'pkgver': '1.12.1+dfsg-5ubuntu0.18.04.1~esm3'},\n {'osver': '18.04', 'pkgname': 'node-jquery-ui', 'pkgver': '1.12.1+dfsg-5ubuntu0.18.04.1~esm3'},\n {'osver': '20.04', 'pkgname': 'libjs-jquery-ui', 'pkgver': '1.12.1+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'node-jquery-ui', 'pkgver': '1.12.1+dfsg-5ubuntu0.20.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjs-jquery-ui / node-jquery-ui');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:57:27", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4711 advisory.\n\n - nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n - nodejs-normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n - nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n - jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n - jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n - jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-27T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.0] (RHSA-2022:4711)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23425", "CVE-2021-33502", "CVE-2021-3807", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2023-10-26T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm"], "id": "REDHAT-RHSA-2022-4711.NASL", "href": "https://www.tenable.com/plugins/nessus/161619", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:4711. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161619);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/26\");\n\n script_cve_id(\n \"CVE-2021-3807\",\n \"CVE-2021-23425\",\n \"CVE-2021-33502\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\"\n );\n script_xref(name:\"RHSA\", value:\"2022:4711\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.0] (RHSA-2022:4711)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:4711 advisory.\n\n - nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n - nodejs-normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n - nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n - jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n - jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n - jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23425\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33502\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-41182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-41183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-41184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:4711\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1964461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1995793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2007557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2019144\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2019148\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2019153\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-ui-extensions-1.3.3-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.8.1-2.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.5.0.7-0.9.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T19:05:27", "description": "The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data. (CVE-2022-25271)\n\n - In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the private file system. However, some contributed modules provide additional file systems, or schemes, which may lead to this vulnerability. This vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9) $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7) $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing files or image styles after updating. (CVE-2022-25275)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-23T00:00:00", "type": "nessus", "title": "Fedora 36 : drupal7 (2022-9d655503ea)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-25271", "CVE-2022-25275"], "modified": "2023-09-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "p-cpe:/a:fedoraproject:fedora:drupal7"], "id": "FEDORA_2022-9D655503EA.NASL", "href": "https://www.tenable.com/plugins/nessus/169174", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2022-9d655503ea\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169174);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\n \"CVE-2010-5312\",\n \"CVE-2016-7103\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-25271\",\n \"CVE-2022-25275\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0090-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0296-S\");\n script_xref(name:\"FEDORA\", value:\"2022-9d655503ea\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Fedora 36 : drupal7 (2022-9d655503ea)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2022-9d655503ea advisory.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before\n 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject\n arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a\n CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as\n pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted\n sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is\n fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A\n workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be\n vulnerable to improper input validation. This could allow an attacker to inject disallowed values or\n overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or\n sensitive data. (CVE-2022-25271)\n\n - In some situations, the Image module does not correctly check access to image files not stored in the\n standard public files directory when generating derivative images using the image styles system. Access to\n a non-public file is checked only if it is stored in the private file system. However, some contributed\n modules provide additional file systems, or schemes, which may lead to this vulnerability. This\n vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9)\n $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7)\n $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and\n Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration\n changes following this security release. Review the release notes for your Drupal version if you have\n issues accessing files or image styles after updating. (CVE-2022-25275)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2022-9d655503ea\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25271\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-25275\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^36([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 36', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'drupal7-7.92-1.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'drupal7');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T17:12:20", "description": "The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf18450366 advisory.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data. (CVE-2022-25271)\n\n - In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system. Access to a non-public file is checked only if it is stored in the private file system. However, some contributed modules provide additional file systems, or schemes, which may lead to this vulnerability. This vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9) $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7) $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing files or image styles after updating. (CVE-2022-25275)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-22T00:00:00", "type": "nessus", "title": "Fedora 35 : drupal7 (2022-bf18450366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-25271", "CVE-2022-25275"], "modified": "2023-09-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:35", "p-cpe:/a:fedoraproject:fedora:drupal7"], "id": "FEDORA_2022-BF18450366.NASL", "href": "https://www.tenable.com/plugins/nessus/169112", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2022-bf18450366\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169112);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\n \"CVE-2010-5312\",\n \"CVE-2016-7103\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-25271\",\n \"CVE-2022-25275\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0090-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0296-S\");\n script_xref(name:\"FEDORA\", value:\"2022-bf18450366\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Fedora 35 : drupal7 (2022-bf18450366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2022-bf18450366 advisory.\n\n - Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before\n 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.\n (CVE-2010-5312)\n\n - Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject\n arbitrary web script or HTML via the closeText parameter of the dialog function. (CVE-2016-7103)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a\n CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n (CVE-2021-41182)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The\n issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as\n pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted\n sources. (CVE-2021-41183)\n\n - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of\n the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is\n fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A\n workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)\n\n - Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be\n vulnerable to improper input validation. This could allow an attacker to inject disallowed values or\n overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or\n sensitive data. (CVE-2022-25271)\n\n - In some situations, the Image module does not correctly check access to image files not stored in the\n standard public files directory when generating derivative images using the image styles system. Access to\n a non-public file is checked only if it is stored in the private file system. However, some contributed\n modules provide additional file systems, or schemes, which may lead to this vulnerability. This\n vulnerability is mitigated by the fact that it only applies when the site sets (Drupal 9)\n $config['image.settings']['allow_insecure_derivatives'] or (Drupal 7)\n $conf['image_allow_insecure_derivatives'] to TRUE. The recommended and default setting is FALSE, and\n Drupal core does not provide a way to change that in the admin UI. Some sites may require configuration\n changes following this security release. Review the release notes for your Drupal version if you have\n issues accessing files or image styles after updating. (CVE-2022-25275)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2022-bf18450366\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected drupal7 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25271\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-25275\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^35([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 35', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'drupal7-7.92-1.fc35', 'release':'FC35', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'drupal7');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-06T23:08:37", "description": "According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.4.0. It is, therefore, affected by multiple vulnerabilities, including:\n\n - An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a scenario where unauthorized disclosure of agent logs and data is present. (CVE-2022-3499) \n - An authenticated attacker could modify the client-side behavior to bypass the protection mechanisms resulting in potentially unexpected interactions between the client and server. (CVE-2022-3498)\n\n - Cross-site scripting in the checkboxradio widget in JQuery UI. (CVE-2022-31160)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-28T00:00:00", "type": "nessus", "title": "Tenable Nessus 10.x < 10.4.0 Multiple Vulnerabilities (TNS-2022-21)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10744", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160", "CVE-2022-3498", "CVE-2022-3499"], "modified": "2023-10-06T00:00:00", "cpe": ["cpe:/a:tenable:nessus"], "id": "NESSUS_TNS-2022-21.NASL", "href": "https://www.tenable.com/plugins/nessus/166670", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166670);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/06\");\n\n script_cve_id(\n \"CVE-2016-10744\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-3498\",\n \"CVE-2022-3499\",\n \"CVE-2022-31160\"\n );\n\n script_name(english:\"Tenable Nessus 10.x < 10.4.0 Multiple Vulnerabilities (TNS-2022-21)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Tenable Nessus running on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to \n10.4.0. It is, therefore, affected by multiple vulnerabilities, including:\n\n - An authenticated attacker could utilize the identical agent and cluster node linking keys to potentially allow for a\n scenario where unauthorized disclosure of agent logs and data is present. (CVE-2022-3499)\n \n - An authenticated attacker could modify the client-side behavior to bypass the protection mechanisms resulting in\n potentially unexpected interactions between the client and server. (CVE-2022-3498)\n\n - Cross-site scripting in the checkboxradio widget in JQuery UI. (CVE-2022-31160)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2022-21\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable Nessus version 10.4.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41184\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3499\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nessus_detect.nasl\", \"nessus_installed_win.nbin\", \"nessus_installed_linux.nbin\", \"macos_nessus_installed.nbin\");\n script_require_keys(\"installed_sw/Tenable Nessus\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar app_info, constraints;\n\napp_info = vcf::combined_get_app_info(app:'Tenable Nessus');\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n {'min_version':'10.0.0', 'max_version':'10.3.1', 'fixed_version':'10.4.0'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-28T15:05:28", "description": "The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 6.0.1. It is, therefore, affected by multiple vulnerabilities in third-party software.\n\n Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-16T00:00:00", "type": "nessus", "title": "Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3711", "CVE-2021-3712", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-4160", "CVE-2022-0778"], "modified": "2023-10-27T00:00:00", "cpe": ["cpe:/a:tenable:nnm"], "id": "NNM_6_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/161211", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161211);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/27\");\n\n script_cve_id(\n \"CVE-2021-3711\",\n \"CVE-2021-3712\",\n \"CVE-2021-4160\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-0778\"\n );\n\n script_name(english:\"Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A vulnerability scanner installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 6.0.1. It is, therefore, affected\nby multiple vulnerabilities in third-party software.\n\n Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported \n version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2022-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Nessus Network Monitor version 6.0.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3711\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nnm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nnm_installed_win.nbin\", \"nnm_installed_nix.nbin\");\n script_require_keys(\"installed_sw/Tenable NNM\", \"Host/nnm_installed\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_name = 'Tenable NNM';\n\nvar app_info = vcf::get_app_info(app:app_name);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'fixed_version' : '6.0.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-01T15:16:39", "description": "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less than 5.21.0 and is therefore affected by multiple vulnerabilities:\n\n - A command injection vulnerability exists in Composer. An unauthenticated, remote attacker can exploit this to execute arbitrary commands by installing untrusted dependencies. (CVE-2021-41116) \n - A code injection vulnerability exists in Composer. An unauthenticated, remote attacker can exploit this to execute arbitrary commands by controlling the $file or $identifier argument. (CVE-2022-24828) \n - Read/write beyond bounds - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. (CVE-2022-23943) Note that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter < 5.21.0 Multiple Vulnerabilities (TNS-2022-09)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-24785", "CVE-2021-41116", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-21707", "CVE-2022-23943", "CVE-2022-24828"], "modified": "2023-11-07T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_5_21_0_TNS_2022_04.NASL", "href": "https://www.tenable.com/plugins/nessus/160883", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160883);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2021-24785\",\n \"CVE-2021-41116\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-21707\",\n \"CVE-2022-24828\"\n );\n\n script_name(english:\"Tenable SecurityCenter < 5.21.0 Multiple Vulnerabilities (TNS-2022-09)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less \nthan 5.21.0 and is therefore affected by multiple vulnerabilities:\n\n - A command injection vulnerability exists in Composer. An unauthenticated, remote attacker can exploit this\n to execute arbitrary commands by installing untrusted dependencies. (CVE-2021-41116)\n \n - A code injection vulnerability exists in Composer. An unauthenticated, remote attacker can exploit this\n to execute arbitrary commands by controlling the $file or $identifier argument. (CVE-2022-24828)\n \n - Read/write beyond bounds - Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to\n overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version \n 2.4.52 and prior versions. (CVE-2022-23943)\n \nNote that successful exploitation of the most serious issues can result in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2022-09\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the security patch referenced in the vendor advisory or upgrade to 5.21.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41116\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\");\n script_require_ports(\"installed_sw/SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::tenable_sc::get_app_info();\n\nvar constraints = [\n { 'min_version' : '5.12.0', 'max_version': '5.20', 'fixed_display' : 'Upgrade to 5.21.0 or later'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-08T20:30:18", "description": "The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5c6f32db6f advisory.\n\n - The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. (CVE-2021-35065)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-12T00:00:00", "type": "nessus", "title": "Fedora 36 : yarnpkg (2023-5c6f32db6f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-35065"], "modified": "2023-09-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "p-cpe:/a:fedoraproject:fedora:yarnpkg"], "id": "FEDORA_2023-5C6F32DB6F.NASL", "href": "https://www.tenable.com/plugins/nessus/169934", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2023-5c6f32db6f\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169934);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/08\");\n\n script_cve_id(\"CVE-2021-35065\");\n script_xref(name:\"FEDORA\", value:\"2023-5c6f32db6f\");\n\n script_name(english:\"Fedora 36 : yarnpkg (2023-5c6f32db6f)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2023-5c6f32db6f advisory.\n\n - The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service)\n attacks against the enclosure regular expression. (CVE-2021-35065)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2023-5c6f32db6f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected yarnpkg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-35065\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:yarnpkg\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^36([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 36', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'yarnpkg-1.22.19-2.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'yarnpkg');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:49:35", "description": "Security fix for CVE-2018-7489\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : jackson-databind (2018-633acf0ed6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7489"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jackson-databind", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-633ACF0ED6.NASL", "href": "https://www.tenable.com/plugins/nessus/120474", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-633acf0ed6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120474);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-7489\");\n script_xref(name:\"FEDORA\", value:\"2018-633acf0ed6\");\n\n script_name(english:\"Fedora 28 : jackson-databind (2018-633acf0ed6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-7489\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-633acf0ed6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jackson-databind package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"jackson-databind-2.9.4-3.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jackson-databind\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-07T18:36:58", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4312 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:4312)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25649"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc"], "id": "REDHAT-RHSA-2020-4312.NASL", "href": "https://www.tenable.com/plugins/nessus/170324", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4312. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170324);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\"CVE-2020-25649\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"RHSA\", value:\"2020:4312\");\n\n script_name(english:\"RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:4312)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:4312 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity\n (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4312\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1887664\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven35-jackson-databind and / or rh-maven35-jackson-databind-javadoc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25649\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-jackson-databind-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-maven35-jackson-databind-2.7.6-2.12.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven35-jackson-databind / rh-maven35-jackson-databind-javadoc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:19", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0381 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-03T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4] (Low) (RHSA-2021:0381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25649"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-grafana-integration-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhv-log-collector-analyzer", "p-cpe:/a:redhat:enterprise_linux:rhvm", "p-cpe:/a:redhat:enterprise_linux:vdsm-jsonrpc-java"], "id": "REDHAT-RHSA-2021-0381.NASL", "href": "https://www.tenable.com/plugins/nessus/146074", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:0381. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146074);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2020-25649\");\n script_xref(name:\"RHSA\", value:\"2021:0381\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 8 : RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4] (Low) (RHSA-2021:0381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:0381 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity\n (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:0381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1887664\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25649\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-grafana-integration-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhv-log-collector-analyzer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vdsm-jsonrpc-java\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-4.4.4.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-grafana-integration-setup-4.4.4.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-setup-4.4.4.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.6.6-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhv-log-collector-analyzer-1.0.6-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.4.4.5-0.10.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'vdsm-jsonrpc-java-1.6.0-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:38", "description": "The remote Redhat Enterprise Linux 6 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4401 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-29T00:00:00", "type": "nessus", "title": "RHEL 6 / 8 : Red Hat JBoss Enterprise Application Platform 7.3 (RHSA-2020:4401)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25649"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind"], "id": "REDHAT-RHSA-2020-4401.NASL", "href": "https://www.tenable.com/plugins/nessus/142028", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4401. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142028);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2020-25649\");\n script_xref(name:\"RHSA\", value:\"2020:4401\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 6 / 8 : Red Hat JBoss Enterprise Application Platform 7.3 (RHSA-2020:4401)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 / 8 host has a package installed that is affected by a vulnerability as referenced\nin the RHSA-2020:4401 advisory.\n\n - jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity\n (XXE) (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4401\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1887664\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected eap7-jackson-databind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25649\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(611);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['6','8'])) audit(AUDIT_OS_NOT, 'Red Hat 6.x / 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/jbeap/7.3/debug',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.3/os',\n 'content/dist/layered/rhel8/x86_64/jbeap/7.3/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-jackson-databind-2.10.4-1.redhat_00002.1.el8eap', 'release':'8', 'el_string':'el8eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.3/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.3/os',\n 'content/dist/rhel/server/6/6Server/x86_64/jbeap/7.3/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'eap7-jackson-databind-2.10.4-1.redhat_00002.1.el6eap', 'release':'6', 'el_string':'el6eap', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'eap7-jboss'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'eap7-jackson-databind');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:13", "description": "The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-1d8254899c advisory.\n\n - A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly.\n This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity. (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-10T00:00:00", "type": "nessus", "title": "Fedora 32 : jackson-databind (2021-1d8254899c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25649"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:jackson-databind"], "id": "FEDORA_2021-1D8254899C.NASL", "href": "https://www.tenable.com/plugins/nessus/146373", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-1d8254899c\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146373);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-25649\");\n script_xref(name:\"FEDORA\", value:\"2021-1d8254899c\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Fedora 32 : jackson-databind (2021-1d8254899c)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the\nFEDORA-2021-1d8254899c advisory.\n\n - A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly.\n This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this\n vulnerability is data integrity. (CVE-2020-25649)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-1d8254899c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jackson-databind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25649\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 32', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\npkgs = [\n {'reference':'jackson-databind-2.10.5.1-1.fc32', 'release':'FC32', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jackson-databind');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:48", "description": "It was discovered that there was an external entity expansion vulnerability in jackson-databind, a Java library for processing JSON.\n\nFor Debian 9 'Stretch', this problem has been fixed in version 2.8.6-1+deb9u8.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFor the detailed security status of jackson-databind please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/jackson-databind\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-10-15T00:00:00", "type": "nessus", "title": "Debian DLA-2406-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25649"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2406.NASL", "href": "https://www.tenable.com/plugins/nessus/141463", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2406-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141463);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-25649\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Debian DLA-2406-1 : jackson-databind security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that there was an external entity expansion\nvulnerability in jackson-databind, a Java library for processing JSON.\n\nFor Debian 9 'Stretch', this problem has been fixed in version\n2.8.6-1+deb9u8.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jackson-databind\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/10/msg00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n # https://security-tracker.debian.org/tracker/source-package/jackson-databind\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61134ddf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:57:54", "description": "According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to 10.2.0. It is, therefore, affected by multiple vulnerabilities in third-party libraries, including:\n\n - An integer overflow in storeRawNames in Expat (aka libexpat) before 2.4.5. (CVE-2022-25315)\n\n - Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. (CVE-2022-23990)\n\n - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. (CVE-2022-23852)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-27T00:00:00", "type": "nessus", "title": "Tenable Nessus 10.x < 10.2.0 Third-Party Vulnerabilities (TNS-2022-11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25032", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315"], "modified": "2023-10-26T00:00:00", "cpe": ["cpe:/a:tenable:nessus"], "id": "NESSUS_TNS-2022-11.NASL", "href": "https://www.tenable.com/plugins/nessus/161616", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161616);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/26\");\n\n script_cve_id(\n \"CVE-2018-25032\",\n \"CVE-2021-41182\",\n \"CVE-2021-41183\",\n \"CVE-2021-41184\",\n \"CVE-2022-23852\",\n \"CVE-2022-23990\",\n \"CVE-2022-25235\",\n \"CVE-2022-25236\",\n \"CVE-2022-25313\",\n \"CVE-2022-25314\",\n \"CVE-2022-25315\"\n );\n\n script_name(english:\"Tenable Nessus 10.x < 10.2.0 Third-Party Vulnerabilities (TNS-2022-11)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Tenable Nessus running on the remote host is affected by multiple third-party vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable Nessus application running on the remote host is 10.x prior to \n10.2.0. It is, therefore, affected by multiple vulnerabilities in third-party libraries, including:\n\n - An integer overflow in storeRawNames in Expat (aka libexpat) before 2.4.5. (CVE-2022-25315)\n\n - Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. (CVE-2022-23990)\n\n - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. (CVE-2022-23852)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2022-11\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable Nessus version 10.2.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-25315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nessus_detect.nasl\", \"nessus_installed_win.nbin\", \"nessus_installed_linux.nbin\", \"macos_nessus_installed.nbin\");\n script_require_keys(\"installed_sw/Tenable Nessus\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nvar app_info, constraints;\n\napp_info = vcf::combined_get_app_info(app:'Tenable Nessus');\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n {'min_version':'10.0.0', 'fixed_version':'10.2.0'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:40", "description": "The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2870 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-01T00:00:00", "type": "nessus", "title": "Debian DLA-2870-1 : apache-log4j2 - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2023-11-21T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "p-cpe:/a:debian:debian_linux:liblog4j2-java", "p-cpe:/a:debian:debian_linux:liblog4j2-java-doc"], "id": "DEBIAN_DLA-2870.NASL", "href": "https://www.tenable.com/plugins/nessus/156449", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2870. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156449);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-44832\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"Debian DLA-2870-1 : apache-log4j2 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2870\nadvisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are\n vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI\n LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by\n limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002813\");\n # https://security-tracker.debian.org/tracker/source-package/apache-log4j2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a7f9f2b8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-44832\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/apache-log4j2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the apache-log4j2 packages.\n\nFor Debian 9 stretch, this problem has been fixed in version 2.12.4-0+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44832\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblog4j2-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblog4j2-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'liblog4j2-java', 'reference': '2.12.4-0+deb9u1'},\n {'release': '9.0', 'prefix': 'liblog4j2-java-doc', 'reference': '2.12.4-0+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'liblog4j2-java / liblog4j2-java-doc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:40", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0002-1 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-03T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : log4j (openSUSE-SU-2022:0002-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:log4j", "p-cpe:/a:novell:opensuse:log4j-javadoc", "p-cpe:/a:novell:opensuse:log4j-jcl", "p-cpe:/a:novell:opensuse:log4j-slf4j", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2022-0002-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156450", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0002-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156450);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-44832\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"openSUSE 15 Security Update : log4j (openSUSE-SU-2022:0002-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2022:0002-1 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are\n vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI\n LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by\n limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194127\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBITTL424FAEN3BI2PM3NGBMPREUS3P4/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b6a14fa0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44832\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j, log4j-javadoc, log4j-jcl and / or log4j-slf4j packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44832\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-jcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'log4j-2.17.0-lp152.3.15.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-2.17.0-lp152.3.15.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-jcl-2.17.0-lp152.3.15.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-slf4j-2.17.0-lp152.3.15.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-javadoc / log4j-jcl / log4j-slf4j');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T15:34:21", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:4208-1 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-31T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : log4j (openSUSE-SU-2021:4208-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:log4j", "p-cpe:/a:novell:opensuse:log4j-javadoc", "p-cpe:/a:novell:opensuse:log4j-jcl", "p-cpe:/a:novell:opensuse:log4j-slf4j", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-4208.NASL", "href": "https://www.tenable.com/plugins/nessus/156435", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:4208-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156435);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-44832\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n\n script_name(english:\"openSUSE 15 Security Update : log4j (openSUSE-SU-2021:4208-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2021:4208-1 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are\n vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI\n LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by\n limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194127\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QD3TW7GD6PF3ZSKL2TJG3Z462FFFLJND/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?56a66ce3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-44832\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j, log4j-javadoc, log4j-jcl and / or log4j-slf4j packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44832\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-jcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:log4j-slf4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'log4j-2.17.0-4.16.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-javadoc-2.17.0-4.16.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-jcl-2.17.0-4.16.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'log4j-slf4j-2.17.0-4.16.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'log4j / log4j-javadoc / log4j-jcl / log4j-slf4j');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-04T22:23:22", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 27c822a0-addc-11ed-a9ee-dca632b19f10 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-19T00:00:00", "type": "nessus", "title": "FreeBSD : Rundeck3 -- Log4J RCE vulnerability (27c822a0-addc-11ed-a9ee-dca632b19f10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2023-09-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rundeck3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_27C822A0ADDC11EDA9EEDCA632B19F10.NASL", "href": "https://www.tenable.com/plugins/nessus/171634", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171634);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/04\");\n\n script_cve_id(\"CVE-2021-44832\");\n\n script_name(english:\"FreeBSD : Rundeck3 -- Log4J RCE vulnerability (27c822a0-addc-11ed-a9ee-dca632b19f10)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a\nvulnerability as referenced in the 27c822a0-addc-11ed-a9ee-dca632b19f10 advisory.\n\n - Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are\n vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI\n LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by\n limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n (CVE-2021-44832)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832\");\n # https://vuxml.freebsd.org/freebsd/27c822a0-addc-11ed-a9ee-dca632b19f10.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5485f8f2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44832\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rundeck3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'rundeck3<3.4.10'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T15:34:25", "description": "The version of Apache Log4j on the remote host is 2.0 < 2.3.2, 2.4 < 2.12.4, or 2.13 < 2.17.1. It is, therefore, affected by a remote code execution vulnerability. Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. \n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-28T00:00:00", "type": "nessus", "title": "Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-44832"], "modified": "2023-11-22T00:00:00", "cpe": ["cpe:/a:apache:log4j"], "id": "APACHE_LOG4J_2_17_1.NASL", "href": "https://www.tenable.com/plugins/nessus/156327", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156327);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/22\");\n\n script_cve_id(\"CVE-2021-44832\");\n script_xref(name:\"IAVA\", value:\"2021-A-0573\");\n script_xref(name:\"IAVA\", value:\"0001-A-0650\");\n\n script_name(english:\"Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A package installed on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Log4j on the remote host is 2.0 < 2.3.2, 2.4 < 2.12.4, or 2.13 < 2.17.1. It is, therefore,\naffected by a remote code execution vulnerability. Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security\nfix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission\nto modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data\nsource referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to\nthe java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. \n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://logging.apache.org/log4j/2.x/security.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation.\n\nUpgrading to the latest versions for Apache Log4j is highly recommended as intermediate \nversions / patches have known high severity vulnerabilities and the vendor is updating \ntheir advisories often as new research and knowledge about the impact of Log4j is \ndiscovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest \nversions.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-44832\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:log4j\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_log4j_nix_installed.nbin\", \"apache_log4j_win_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Log4j\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'Apache Log4j';\n\nvar app_info = vcf::get_app_info(app:app);\n\nif (app_info['JdbcAppender.class association'] == \"Not Found\")\n audit(AUDIT_OS_CONF_NOT_VULN, app, app_info.version);\n\nvar constraints = [\n {'min_version':'2.0', 'fixed_version':'2.3.2'},\n {'min_version':'2.4', 'fixed_version':'2.12.4'},\n {'min_version':'2.13', 'fixed_version':'2.17.1'}\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "f5": [{"lastseen": "2023-02-08T16:18:59", "description": " * [CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>)\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n\n * [CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>)\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.\n\n * [CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>)\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.\n\nImpact\n\nThere is no impact; F5 products are not affected by these vulnerabilities.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-28T18:24:00", "type": "f5", "title": "jQuery vulnerabilities CVE-2021-41182, CVE-2021-41183, and CVE-2021-41184", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-03-28T18:24:00", "id": "F5:K50455702", "href": "https://support.f5.com/csp/article/K50455702", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T22:28:21", "description": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. ([CVE-2021-44832](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832>)) \n\nImpact\n\nAn attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code.\n", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-30T02:06:00", "type": "f5", "title": "Apache Log4j2 vulnerability CVE-2021-44832", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-02-04T20:41:00", "id": "F5:K14122652", "href": "https://support.f5.com/csp/article/K14122652", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-12-06T16:29:52", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-3230-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Utkarsh Gupta\nDecember 07, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : jqueryui\nVersion : 1.12.1+dfsg-5+deb10u1\nCVE ID : CVE-2021-41182 CVE-2021-41183 CVE-2021-41184\n CVE-2022-31160\nDebian Bug : 1015982\n\njQuery-UI, the official jQuery user interface library, is a curated set\nof user interface interactions, effects, widgets, and themes built on top\nof jQuery were reported to have the following vulnerabilities.\n\nCVE-2021-41182\n\n jQuery-UI was accepting the value of the `altField` option of the\n Datepicker widget from untrusted sources may execute untrusted code.\n This has been fixed and now any string value passed to the `altField`\n option is now treated as a CSS selector.\n\nCVE-2021-41183\n\n jQuery-UI was accepting the value of various `*Text` options of the\n Datepicker widget from untrusted sources may execute untrusted code.\n This has been fixed and now the values passed to various `*Text`\n options are now always treated as pure text, not HTML.\n\nCVE-2021-41184\n\n jQuery-UI was accepting the value of the `of` option of the\n `.position()` util from untrusted sources may execute untrusted code.\n This has been fixed and now any string value passed to the `of`\n option is now treated as a CSS selector.\n\nCVE-2022-31160\n\n jQuery-UI was potentially vulnerable to cross-site scripting.\n Initializing a checkboxradio widget on an input enclosed within a\n label makes that parent label contents considered as the input label.\n Calling `.checkboxradio( &quot;refresh&quot; )` on such a widget and the initial\n HTML contained encoded HTML entities will make them erroneously get\n decoded. This can lead to potentially executing JavaScript code.\n\nFor Debian 10 buster, these problems have been fixed in version\n1.12.1+dfsg-5+deb10u1.\n\nWe recommend that you upgrade your jqueryui packages.\n\nFor the detailed security status of jqueryui please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jqueryui\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-12-07T10:30:00", "type": "debian", "title": "[SECURITY] [DLA 3230-1] jqueryui security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2022-12-07T10:30:00", "id": "DEBIAN:DLA-3230-1:233EC", "href": "https://lists.debian.org/debian-lts-announce/2022/12/msg00015.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T16:44:36", "description": "Package : drupal7\nVersion : 7.52-2+deb9u17\nCVE ID : CVE-2021-41182 CVE-2021-41183 CVE-2016-7103 CVE-2010-5312\n\nThe Drupal project includes a very old version of jQuery. Security\nvulnerabilities leading to cross-site scripting attacks in different\ncomponents of the jQuery UI libraries were found and fixed for Drupal\nversion 7.86.\n\nThe fixes for said vulnerabilities were backported to the version in\nDebian 9 Stretch (7.52).\n\nDrupal is a rich Web content management system; it was included in\nDebian until Stretch, but is not present in any newer releases. If you\nrun a web server with Drupal7, we strongly recommend you to upgrade\nthe drupal7 package.\n\nFor the detailed security status of drupal7 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-19T20:00:29", "type": "debian", "title": "[SECURITY] [DLA-2889-1] drupal7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183"], "modified": "2022-01-19T20:00:29", "id": "DEBIAN:DLA-2889-1:E0D6C", "href": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:22:28", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2406-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Chris Lamb\nOctober 14, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : jackson-databind\nVersion : 2.8.6-1+deb9u8\nCVE ID : CVE-2020-25649\n\nIt was discovered that there was an external entity expansion\nvulnerability in jackson-databind, a Java library for processing\nJSON.\n\nFor Debian 9 &quot;Stretch&quot;, this problem has been fixed in version\n2.8.6-1+deb9u8.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jackson-databind\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-14T10:31:09", "type": "debian", "title": "[SECURITY] [DLA 2406-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-10-14T10:31:09", "id": "DEBIAN:DLA-2406-1:5CA04", "href": "https://lists.debian.org/debian-lts-announce/2020/10/msg00018.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-22T11:00:05", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2406-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Chris Lamb\nOctober 14, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : jackson-databind\nVersion : 2.8.6-1+deb9u8\nCVE ID : CVE-2020-25649\n\nIt was discovered that there was an external entity expansion\nvulnerability in jackson-databind, a Java library for processing\nJSON.\n\nFor Debian 9 &quot;Stretch&quot;, this problem has been fixed in version\n2.8.6-1+deb9u8.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nFor the detailed security status of jackson-databind please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/jackson-databind\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-14T10:31:09", "type": "debian", "title": "[SECURITY] [DLA 2406-1] jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-10-14T10:31:09", "id": "DEBIAN:DLA-2406-1:00733", "href": "https://lists.debian.org/debian-lts-announce/2020/10/msg00018.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:45:51", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2870-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nDecember 29, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : apache-log4j2\nVersion : 2.12.4-0+deb9u1\nCVE ID : CVE-2021-44832\nDebian Bug : 1002813\n\nApache Log4j2, a Java Logging Framework, is vulnerable to a remote code\nexecution (RCE) attack where an attacker with permission to modify the logging\nconfiguration file can construct a malicious configuration using a JDBC\nAppender with a data source referencing a JNDI URI which can execute remote\ncode. This issue is fixed by limiting JNDI data source names to the java\nprotocol.\n\nFor Debian 9 stretch, this problem has been fixed in version\n2.12.4-0+deb9u1.\n\nWe recommend that you upgrade your apache-log4j2 packages.\n\nFor the detailed security status of apache-log4j2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache-log4j2\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-29T22:57:42", "type": "debian", "title": "[SECURITY] [DLA 2870-1] apache-log4j2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2021-12-29T22:57:42", "id": "DEBIAN:DLA-2870-1:54673", "href": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-12-07T11:19:36", "description": "\njQuery-UI, the official jQuery user interface library, is a curated set\nof user interface interactions, effects, widgets, and themes built on top\nof jQuery were reported to have the following vulnerabilities.\n\n\n* [CVE-2021-41182](https://security-tracker.debian.org/tracker/CVE-2021-41182)\njQuery-UI was accepting the value of the `altField` option of the\n Datepicker widget from untrusted sources may execute untrusted code.\n This has been fixed and now any string value passed to the `altField`\n option is now treated as a CSS selector.\n* [CVE-2021-41183](https://security-tracker.debian.org/tracker/CVE-2021-41183)\njQuery-UI was accepting the value of various `\\*Text` options of the\n Datepicker widget from untrusted sources may execute untrusted code.\n This has been fixed and now the values passed to various `\\*Text`\n options are now always treated as pure text, not HTML.\n* [CVE-2021-41184](https://security-tracker.debian.org/tracker/CVE-2021-41184)\njQuery-UI was accepting the value of the `of` option of the\n `.position()` util from untrusted sources may execute untrusted code.\n This has been fixed and now any string value passed to the `of`\n option is now treated as a CSS selector.\n* [CVE-2022-31160](https://security-tracker.debian.org/tracker/CVE-2022-31160)\njQuery-UI was potentially vulnerable to cross-site scripting.\n Initializing a checkboxradio widget on an input enclosed within a\n label makes that parent label contents considered as the input label.\n Calling `.checkboxradio( refresh )` on such a widget and the initial\n HTML contained encoded HTML entities will make them erroneously get\n decoded. This can lead to potentially executing JavaScript code.\n\n\nFor Debian 10 buster, these problems have been fixed in version\n1.12.1+dfsg-5+deb10u1.\n\n\nWe recommend that you upgrade your jqueryui packages.\n\n\nFor the detailed security status of jqueryui please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/jqueryui>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-12-07T00:00:00", "type": "osv", "title": "jqueryui - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2022-12-07T11:19:33", "id": "OSV:DLA-3230-1", "href": "https://osv.dev/vulnerability/DLA-3230-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-05T05:19:18", "description": "\nThe Drupal project includes a very old version of jQuery. Security\nvulnerabilities leading to cross-site scripting attacks in different\ncomponents of the jQuery UI libraries were found and fixed for Drupal\nversion 7.86.\n\n\nThe fixes for said vulnerabilities were backported to the version in\nDebian 9 Stretch (7.52).\n\n\nDrupal is a rich Web content management system; it was included in\nDebian until Stretch, but is not present in any newer releases. If you\nrun a web server with Drupal7, we strongly recommend you to upgrade\nthe drupal7 package.\n\n\nFor the detailed security status of drupal7 please refer to its\nsecurity tracker page at:\n<https://security-tracker.debian.org/tracker/drupal7>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n--AWNW9msBK4+52Jxu\nContent-Type: application/pgp-signature; name=\"signature.asc\"\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2022-01-19T00:00:00", "type": "osv", "title": "drupal7 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2016-7103", "CVE-2010-5312", "CVE-2021-41183"], "modified": "2022-08-05T05:19:17", "id": "OSV:DLA-2889-1", "href": "https://osv.dev/vulnerability/DLA-2889-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T22:17:59", "description": "In TypeStack class-validator, `validate()` input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional `forbidUnknownValues` parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input.\n\nThe default settings for `forbidUnknownValues` has been changed to `true` in 0.14.0.\n\nNOTE: a software maintainer agrees with the \"is not documented\" finding but suggests that much of the responsibility for the risk lies in a different product.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T16:35:45", "type": "osv", "title": "SQL Injection and Cross-site Scripting in class-validator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18413"], "modified": "2023-01-11T21:59:18", "id": "OSV:GHSA-FJ58-H2FR-3PP2", "href": "https://osv.dev/vulnerability/GHSA-fj58-h2fr-3pp2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-11T01:35:28", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-09T19:15:11", "type": "osv", "title": "Serialization gadgets exploit in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2023-04-11T01:35:25", "id": "OSV:GHSA-R3GR-CXRF-HG25", "href": "https://osv.dev/vulnerability/GHSA-r3gr-cxrf-hg25", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-11T21:34:04", "description": "### Impact\nAccepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way:\n```js\n$( \"#datepicker\" ).datepicker( {\n\tshowButtonPanel: true,\n\tshowOn: \"both\",\n\tcloseText: \"<script>doEvilThing( 'closeText XSS' )</script>\",\n\tcurrentText: \"<script>doEvilThing( 'currentText XSS' )</script>\",\n\tprevText: \"<script>doEvilThing( 'prevText XSS' )</script>\",\n\tnextText: \"<script>doEvilThing( 'nextText XSS' )</script>\",\n\tbuttonText: \"<script>doEvilThing( 'buttonText XSS' )</script>\",\n\tappendText: \"<script>doEvilThing( 'appendText XSS' )</script>\",\n} );\n```\nwill call `doEvilThing` with 6 different parameters coming from all `*Text` options.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML.\n\n### Workarounds\nA workaround is to not accept the value of the `*Text` options from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:21", "type": "osv", "title": "XSS in `*Text` options of the Datepicker widget in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41183"], "modified": "2021-10-27T17:00:26", "id": "OSV:GHSA-J7QV-PGF6-HVH4", "href": "https://osv.dev/vulnerability/GHSA-j7qv-pgf6-hvh4", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-11T01:42:29", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-09T19:15:00", "type": "osv", "title": "Serialization gadgets exploit in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2023-04-11T01:42:27", "id": "OSV:GHSA-WH8G-3J2C-RQJ5", "href": "https://osv.dev/vulnerability/GHSA-wh8g-3j2c-rqj5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-04T21:56:26", "description": "### Impact\nAccepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following code:\n```js\n$( \"#element\" ).position( {\n\tmy: \"left top\",\n\tat: \"right bottom\",\n\tof: \"<img onerror='doEvilThing()' src='/404' />\",\n\tcollision: \"none\"\n} );\n```\nwill call the `doEvilThing()` function.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector.\n\n### Workarounds\nA workaround is to not accept the value of the `of` option from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:12", "type": "osv", "title": "XSS in the `of` option of the `.position()` util in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2022-10-04T21:36:19", "id": "OSV:GHSA-GPQQ-952Q-5327", "href": "https://osv.dev/vulnerability/GHSA-gpqq-952q-5327", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-06T21:31:54", "description": "glob-parent 6.0.0 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1.\n\nThis vulnerability is separate from [GHSA-ww39-953v-wcq6](https://github.com/advisories/GHSA-ww39-953v-wcq6).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-18T17:03:23", "type": "osv", "title": "glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-06T03:13:53", "id": "OSV:GHSA-CJ88-88MR-972W", "href": "https://osv.dev/vulnerability/GHSA-cj88-88mr-972w", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-05T05:18:56", "description": "\nIt was discovered that there was an external entity expansion vulnerability\nin jackson-databind, a Java library for processing JSON.\n\n\n* [CVE-2020-25649](https://security-tracker.debian.org/tracker/CVE-2020-25649)\n\n\nFor Debian 9 Stretch, these problems have been fixed in version\n2.8.6-1+deb9u8.\n\n\nWe recommend that you upgrade your jackson-databind packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-14T00:00:00", "type": "osv", "title": "jackson-databind - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2022-08-05T05:18:55", "id": "OSV:DLA-2406-1", "href": "https://osv.dev/vulnerability/DLA-2406-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-05-11T21:34:04", "description": "### Impact\nAccepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way:\n```js\n$( \"#datepicker\" ).datepicker( {\n\taltField: \"<img onerror='doEvilThing()' src='/404' />\",\n} );\n```\nwill call the `doEvilThing` function.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector.\n\n### Workarounds\nA workaround is to not accept the value of the `altField` option from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:02", "type": "osv", "title": "XSS in the `altField` option of the Datepicker widget in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182"], "modified": "2021-10-27T17:00:10", "id": "OSV:GHSA-9GJ3-HWP5-PMWC", "href": "https://osv.dev/vulnerability/GHSA-9gj3-hwp5-pmwc", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-30T19:36:01", "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-18T20:51:54", "type": "osv", "title": "XML External Entity (XXE) Injection in Jackson Databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-05-30T19:34:09", "id": "OSV:GHSA-288C-CQ4H-88GQ", "href": "https://osv.dev/vulnerability/GHSA-288c-cq4h-88gq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-11T01:37:39", "description": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n\n\n# Affected packages\nOnly the `org.apache.logging.log4j:log4j-core` package is directly affected by this vulnerability. The `org.apache.logging.log4j:log4j-api` should be kept at the same version as the `org.apache.logging.log4j:log4j-core` package to ensure compatability if in use.\n\nThis issue does not impact default configurations of Log4j2 and requires an attacker to have control over the Log4j2 configuration, which reduces the likelihood of being exploited.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-04T16:14:20", "type": "osv", "title": "Improper Input Validation and Injection in Apache Log4j2", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2023-04-11T01:37:36", "id": "OSV:GHSA-8489-44MV-GGJ8", "href": "https://osv.dev/vulnerability/GHSA-8489-44mv-ggj8", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "checkpoint_advisories": [{"lastseen": "2022-03-14T19:47:10", "description": "A cross site scripting vulnerability exists in the jQuery UI Datepicker widget. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-14T00:00:00", "type": "checkpoint_advisories", "title": "jQuery UI Datepicker Widget Cross Site Scripting (CVE-2021-41182; CVE-2021-41183)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183"], "modified": "2022-03-14T00:00:00", "id": "CPAI-2021-1090", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-20T22:02:02", "description": "A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-19T00:00:00", "type": "checkpoint_advisories", "title": "jQuery UI Cross-site Scripting (CVE-2021-41184)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2022-10-19T00:00:00", "id": "CPAI-2021-1288", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T22:02:16", "description": "A remote code execution vulnerability exists in Apache Log4j. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-03T00:00:00", "type": "checkpoint_advisories", "title": "Apache Log4j Remote Code Execution (CVE-2021-44832)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-03T00:00:00", "id": "CPAI-2021-1011", "href": "", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "drupal": [{"lastseen": "2023-12-06T14:02:20", "description": "jQuery UI is a third-party library used by Drupal. The jQuery UI Datepicker module provides the jQuery UI Datepicker library, which is not included in Drupal 9 core. jQuery UI was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. As part of this 1.13.0 update, they disclosed the following security issues that may affect site using the jQuery UI Datepicker module: CVE-2021-41182: XSS in the altField option of the Datepicker widget CVE-2021-41183: XSS in *Text options of the Datepicker widget \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-19T00:00:00", "type": "drupal", "title": "jQuery UI Datepicker - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-004\n", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182", "CVE-2021-41183"], "modified": "2022-01-19T00:00:00", "id": "DRUPAL-SA-CONTRIB-2022-004", "href": "https://www.drupal.org/sa-contrib-2022-004", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T14:02:36", "description": "jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security vulnerabilities disclosed in jQuery UI 1.13.0 may affect Drupal 7 only: CVE-2021-41182: XSS in the altField option of the Datepicker widget CVE-2021-41183: XSS in *Text options of the Datepicker widget Furthermore, other vulnerabilities listed below were previously unaddressed in the version of jQuery UI included in Drupal 7 or in the jQuery Update module: CVE-2016-7103: XSS in closeText option of Dialog CVE-2010-5312: XSS in the title option of Dialog (applicable only to the jQuery UI version included in D7 core) It is possible that these vulnerabilities are exploitable via contributed Drupal modules or custom code. As a precaution, this Drupal security release applies the fix for the above cross-site scripting issues, without making other changes to the jQuery UI version that is included in Drupal. This advisory is not covered by Drupal Steward. Important note regarding the jQuery Update contrib module These backport fixes in D7 have also been tested with the version of jQuery UI provided by the most recent releases of the jQuery Update module (jQuery UI 1.10.2) and the fixes confirmed. Therefore, there is no accompanying security release for jQuery Update. However, in early 2022 the currently supported release of jQuery Update (7.x-2.7 from 2015) will be deprecated and replaced by a new release from the 7.x-4.x branch. The stable release from that branch will then be the only release considered by Drupal Security Team when new jQuery security issues arise. Please check the jQuery Update project page for more details, and for announcements when the changes are made to supported releases.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-19T00:00:00", "type": "drupal", "title": "Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002\n", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-5312", "CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183"], "modified": "2022-01-19T00:00:00", "id": "DRUPAL-SA-CORE-2022-002", "href": "https://www.drupal.org/sa-core-2022-002", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T14:02:13", "description": "jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. As part of this 1.13.0 update, they disclosed the following security issue that may affect Drupal 9 and 7: CVE-2021-41184: XSS in the `of` option of the `.position()` util It is possible that this vulnerability is exploitable with some Drupal modules. As a precaution, this Drupal security release applies the fix for the above cross-site description issue, without making any of the other changes to the jQuery version that is included in Drupal. This advisory is not covered by Drupal Steward.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-19T00:00:00", "type": "drupal", "title": "Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2022-001\n", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2022-01-19T00:00:00", "id": "DRUPAL-SA-CORE-2022-001", "href": "https://www.drupal.org/sa-core-2022-001", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "ubuntu": [{"lastseen": "2023-12-06T18:14:15", "description": "## Releases\n\n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * jqueryui \\- JavaScript UI library for dynamic web applications\n\nHong Phat Ly discovered that jQuery UI did not properly manage parameters \nfrom untrusted sources, which could lead to arbitrary web script or HTML \ncode injection. A remote attacker could possibly use this issue to perform \na cross-site scripting (XSS) attack. This issue only affected \nUbuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-7103)\n\nEsben Sparre Andreasen discovered that jQuery UI did not properly handle \nvalues from untrusted sources in the Datepicker widget. A remote attacker \ncould possibly use this issue to perform a cross-site scripting (XSS) \nattack and execute arbitrary code. This issue only affected \nUbuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. \n(CVE-2021-41182, CVE-2021-41183)\n\nIt was discovered that jQuery UI did not properly validate values from \nuntrusted sources. An attacker could possibly use this issue to cause a \ndenial of service or execute arbitrary code. This issue only affected \nUbuntu 20.04 LTS. (CVE-2021-41184)\n\nIt was discovered that the jQuery UI checkboxradio widget did not properly \ndecode certain values from HTML entities. An attacker could possibly use \nthis issue to perform a cross-site scripting (XSS) attack and cause a \ndenial of service or execute arbitrary code. This issue only affected \nUbuntu 20.04 LTS. (CVE-2022-31160)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-10-05T00:00:00", "type": "ubuntu", "title": "jQuery UI vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7103", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-10-05T00:00:00", "id": "USN-6419-1", "href": "https://ubuntu.com/security/notices/USN-6419-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "redhat": [{"lastseen": "2023-12-06T18:41:28", "description": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-26T16:04:07", "type": "redhat", "title": "(RHSA-2022:4711) Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23425", "CVE-2021-33502", "CVE-2021-3807", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-05-26T16:04:55", "id": "RHSA-2022:4711", "href": "https://access.redhat.com/errata/RHSA-2022:4711", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-12-06T22:41:43", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.7.0 serves as a replacement for Red Hat AMQ Streams 1.6.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-19T17:59:54", "type": "redhat", "title": "(RHSA-2021:1260) Low: Red Hat AMQ Streams 1.7.0 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-04-19T18:00:46", "id": "RHSA-2021:1260", "href": "https://access.redhat.com/errata/RHSA-2021:1260", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T22:41:49", "description": "This release of Red Hat build of Eclipse Vert.x 3.9.4 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)(CVE-2020-25649)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-11-09T16:15:41", "type": "redhat", "title": "(RHSA-2020:4379) Important: Red Hat build of Eclipse Vert.x 3.9.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-11-09T18:23:11", "id": "RHSA-2020:4379", "href": "https://access.redhat.com/errata/RHSA-2020:4379", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T22:41:49", "description": "Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-28T21:02:44", "type": "redhat", "title": "(RHSA-2020:4402) Important: Red Hat JBoss Enterprise Application Platform 7.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-10-28T21:03:44", "id": "RHSA-2020:4402", "href": "https://access.redhat.com/errata/RHSA-2020:4402", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T22:41:49", "description": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-22T16:23:56", "type": "redhat", "title": "(RHSA-2020:4312) Important: rh-maven35-jackson-databind security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-10-22T16:36:58", "id": "RHSA-2020:4312", "href": "https://access.redhat.com/errata/RHSA-2020:4312", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T22:41:49", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-28T21:00:43", "type": "redhat", "title": "(RHSA-2020:4401) Important: Red Hat JBoss Enterprise Application Platform 7.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2020-10-28T21:05:49", "id": "RHSA-2020:4401", "href": "https://access.redhat.com/errata/RHSA-2020:4401", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T22:41:43", "description": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nThe Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization Manager now requires Ansible 2.9.15. (BZ#1901946)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-02T13:32:57", "type": "redhat", "title": "(RHSA-2021:0381) Low: RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4]", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2021-02-02T13:49:56", "id": "RHSA-2021:0381", "href": "https://access.redhat.com/errata/RHSA-2021:0381", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Openshift Logging Bug Fix Release (5.0.12)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-20T21:04:07", "type": "redhat", "title": "(RHSA-2022:0225) Moderate: Red Hat OpenShift Enterprise Logging bug fix and security update (5.0.12)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-01-20T21:04:20", "id": "RHSA-2022:0225", "href": "https://access.redhat.com/errata/RHSA-2022:0225", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-12-06T14:59:08", "description": "In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the \"is not documented\" finding but suggests that much of the responsibility for the risk lies in a different product.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-24T18:15:00", "type": "cve", "title": "CVE-2019-18413", "cwe": ["CWE-79", "CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18413"], "modified": "2023-02-28T15:10:00", "cpe": ["cpe:/a:typestack_class-validator_project:typestack_class-validator:0.10.2"], "id": "CVE-2019-18413", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18413", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:typestack_class-validator_project:typestack_class-validator:0.10.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:07:36", "description": "IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-21T18:15:00", "type": "cve", "title": "CVE-2022-22308", "cwe": ["CWE-829"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22308"], "modified": "2023-08-08T14:22:00", "cpe": ["cpe:/a:ibm:planning_analytics:2.0"], "id": "CVE-2022-22308", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22308", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T16:16:07", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-17T19:15:00", "type": "cve", "title": "CVE-2020-35490", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2022-09-08T21:32:00", "cpe": ["cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:oracle:banking_virtual_account_management:14.3.0", "cpe:/a:oracle:retail_xstore_point_of_service:18.0.3", "cpe:/a:oracle:communications_offline_mediation_controller:12.0.0.3", "cpe:/a:oracle:retail_xstore_point_of_service:16.0.6", "cpe:/a:oracle:webcenter_portal:12.2.1.4.0", "cpe:/a:oracle:retail_xstore_point_of_service:19.0.2", "cpe:/a:oracle:insurance_policy_administration_j2ee:11.2.0", "cpe:/a:oracle:banking_virtual_account_management:14.2.0", "cpe:/a:oracle:documaker:12.6.4", "cpe:/a:oracle:banking_platform:2.7.1", "cpe:/a:oracle:banking_platform:2.7.0", "cpe:/a:oracle:banking_virtual_account_management:14.5.0", "cpe:/a:oracle:blockchain_platform:21.1.2", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/a:oracle:banking_treasury_management:14.4", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/a:oracle:communications_pricing_design_center:12.0.0.4.0", "cpe:/a:oracle:retail_xstore_point_of_service:17.0.4", "cpe:/a:oracle:communications_evolved_communications_application_server:7.1", "cpe:/a:oracle:retail_merchandising_system:15.0.3", "cpe:/a:netapp:service_level_manager:-", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:documaker:12.6.3", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.3", "cpe:/a:oracle:banking_platform:2.10.0", "cpe:/a:oracle:banking_platform:2.8.0", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.5.0", "cpe:/a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0", "cpe:/a:oracle:communications_diameter_signaling_router:8.5.0", "cpe:/a:oracle:communications_cloud_native_core_policy:1.14.0", "cpe:/a:oracle:webcenter_portal:12.2.1.3.0", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2", "cpe:/a:oracle:communications_unified_inventory_management:7.4.1"], "id": "CVE-2020-35490", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35490", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_treasury_management:14.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T16:16:09", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-17T19:15:00", "type": "cve", "title": "CVE-2020-35491", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2022-09-08T21:32:00", "cpe": ["cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:oracle:banking_virtual_account_management:14.3.0", "cpe:/a:oracle:retail_xstore_point_of_service:18.0.3", "cpe:/a:oracle:communications_offline_mediation_controller:12.0.0.3", "cpe:/a:oracle:retail_xstore_point_of_service:16.0.6", "cpe:/a:oracle:webcenter_portal:12.2.1.4.0", "cpe:/a:oracle:retail_xstore_point_of_service:19.0.2", "cpe:/a:oracle:banking_virtual_account_management:14.2.0", "cpe:/a:oracle:documaker:12.6.4", "cpe:/a:oracle:banking_platform:2.7.1", "cpe:/a:oracle:sd-wan_edge:9.0", "cpe:/a:oracle:banking_platform:2.7.0", "cpe:/a:oracle:banking_virtual_account_management:14.5.0", "cpe:/a:oracle:communications_diameter_signaling_route:-", "cpe:/a:oracle:blockchain_platform:21.1.2", "cpe:/a:oracle:banking_treasury_management:14.4", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/a:oracle:communications_pricing_design_center:12.0.0.4.0", "cpe:/a:oracle:retail_xstore_point_of_service:17.0.4", "cpe:/a:oracle:communications_evolved_communications_application_server:7.1", "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0", "cpe:/a:oracle:retail_merchandising_system:15.0.3", "cpe:/a:netapp:service_level_manager:-", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:insurance_policy_administration_j2ee:11.0.2", "cpe:/a:oracle:documaker:12.6.3", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_diameter_signaling_route:8.5.0.0", "cpe:/a:oracle:banking_platform:2.10.0", "cpe:/a:oracle:banking_platform:2.8.0", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.5.0", "cpe:/a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0", "cpe:/a:oracle:communications_cloud_native_core_policy:1.14.0", "cpe:/a:oracle:webcenter_portal:12.2.1.3.0", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2", "cpe:/a:oracle:communications_unified_inventory_management:7.4.1"], "id": "CVE-2020-35491", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35491", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_treasury_management:14.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_diameter_signaling_route:8.5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_diameter_signaling_route:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:29:22", "description": "The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-26T07:15:00", "type": "cve", "title": "CVE-2021-35065", "cwe": ["CWE-1333"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-23T18:32:00", "cpe": [], "id": "CVE-2021-35065", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-12-06T15:55:41", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "cve", "title": "CVE-2021-41183", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41183"], "modified": "2023-08-31T03:15:00", "cpe": ["cpe:/a:oracle:primavera_gateway:21.12.0", "cpe:/a:oracle:primavera_gateway:18.8.0", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/o:netapp:h300e_firmware:-", "cpe:/o:netapp:h500e_firmware:-", "cpe:/a:oracle:hospitality_suite8:8.10.2", "cpe:/o:netapp:h700s_firmware:-", "cpe:/a:oracle:policy_automation:12.2.5", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:banking_platform:2.12.0", "cpe:/o:netapp:h700e_firmware:-", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:oracle:communications_operations_monitor:4.4", "cpe:/a:oracle:big_data_spatial_and_graph:23.1", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:communications_operations_monitor:4.3", "cpe:/o:netapp:h410c_firmware:-", "cpe:/a:oracle:mysql_enterprise_monitor:8.0.29", "cpe:/o:fedoraproject:fedora:36", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:oracle:primavera_gateway:20.12.0", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:primavera_gateway:17.12", "cpe:/a:oracle:communications_operations_monitor:5.0", "cpe:/o:netapp:h410s_firmware:-", "cpe:/a:oracle:hospitality_inventory_management:9.1.0", "cpe:/a:oracle:primavera_gateway:19.12.0", "cpe:/a:oracle:hospitality_suite8:11.14.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:rest_data_services:22.1.1", "cpe:/o:netapp:h500s_firmware:-", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59"], "id": "CVE-2021-41183", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41183", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_suite8:11.14.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:55:41", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "cve", "title": "CVE-2021-41184", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2023-08-31T03:15:00", "cpe": ["cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3", "cpe:/a:oracle:hospitality_suite8:8.14.0", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/o:netapp:h300e_firmware:-", "cpe:/a:oracle:policy_automation:12.2.25", "cpe:/o:netapp:h500e_firmware:-", "cpe:/a:oracle:hospitality_suite8:8.10.2", "cpe:/o:netapp:h700s_firmware:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:banking_platform:2.12.0", "cpe:/a:oracle:hospitality_materials_control:18.1", "cpe:/o:netapp:h700e_firmware:-", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:oracle:communications_operations_monitor:4.4", "cpe:/a:oracle:big_data_spatial_and_graph:23.1", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59", "cpe:/a:oracle:primavera_unifier:19.12", "cpe:/a:oracle:communications_operations_monitor:4.3", "cpe:/o:netapp:h410c_firmware:-", "cpe:/o:fedoraproject:fedora:36", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:primavera_unifier:21.12", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:communications_operations_monitor:5.0", "cpe:/o:netapp:h410s_firmware:-", "cpe:/a:oracle:hospitality_inventory_management:9.1.0", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/o:fedoraproject:fedora:34", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:rest_data_services:22.1.1", "cpe:/o:netapp:h500s_firmware:-", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:primavera_unifier:20.12"], "id": "CVE-2021-41184", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41184", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:55:41", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "cve", "title": "CVE-2021-41182", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182"], "modified": "2023-08-31T03:15:00", "cpe": ["cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3", "cpe:/a:oracle:hospitality_suite8:8.14.0", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/o:netapp:h300e_firmware:-", "cpe:/a:oracle:primavera_unifier:17.11", "cpe:/a:oracle:policy_automation:12.2.25", "cpe:/o:netapp:h500e_firmware:-", "cpe:/a:oracle:hospitality_suite8:8.10.2", "cpe:/o:netapp:h700s_firmware:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:banking_platform:2.12.0", "cpe:/a:oracle:hospitality_materials_control:18.1", "cpe:/o:netapp:h700e_firmware:-", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:oracle:communications_operations_monitor:4.4", "cpe:/a:oracle:big_data_spatial_and_graph:23.1", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59", "cpe:/a:oracle:primavera_unifier:19.12", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:communications_operations_monitor:4.3", "cpe:/a:oracle:primavera_unifier:17.8", "cpe:/o:netapp:h410c_firmware:-", "cpe:/a:oracle:mysql_enterprise_monitor:8.0.29", "cpe:/o:fedoraproject:fedora:36", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:primavera_unifier:21.12", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:communications_operations_monitor:5.0", "cpe:/o:netapp:h410s_firmware:-", "cpe:/a:oracle:hospitality_inventory_management:9.1.0", "cpe:/a:oracle:primavera_unifier:17.9", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/a:oracle:primavera_unifier:17.7", "cpe:/o:fedoraproject:fedora:34", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/a:oracle:primavera_unifier:17.10", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:rest_data_services:22.1.1", "cpe:/o:netapp:h500s_firmware:-", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:primavera_unifier:20.12"], "id": "CVE-2021-41182", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41182", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:56:23", "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-03T17:15:00", "type": "cve", "title": "CVE-2020-25649", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-11-07T03:20:00", "cpe": ["cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:oracle:retail_service_backbone:15.0.3.1", "cpe:/a:oracle:commerce_platform:11.3.2", "cpe:/a:oracle:retail_xstore_point_of_service:18.0.3", "cpe:/a:oracle:insurance_rules_palette:11.3.0", "cpe:/a:oracle:communications_offline_mediation_controller:12.0.0.3", "cpe:/a:oracle:retail_xstore_point_of_service:16.0.6", "cpe:/a:oracle:primavera_gateway:20.12.0", "cpe:/a:oracle:communications_network_charging_and_control:12.0.4.0.0", "cpe:/a:oracle:webcenter_portal:12.2.1.4.0", "cpe:/a:oracle:banking_apis:18.3", "cpe:/a:oracle:utilities_framework:4.3.0.6.0", "cpe:/a:oracle:banking_apis:19.2", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5.0.23.0", "cpe:/a:quarkus:quarkus:1.6.1", "cpe:/a:oracle:commerce_platform:11.2.0", "cpe:/a:oracle:utilities_framework:4.4.0.0.0", "cpe:/a:oracle:retail_xstore_point_of_service:19.0.2", "cpe:/a:oracle:insurance_rules_palette:11.0.2", "cpe:/a:oracle:retail_xstore_point_of_service:20.0.1", "cpe:/a:oracle:goldengate_application_adapters:19.1.0.0.0", "cpe:/a:oracle:banking_treasury_management:4.4", "cpe:/a:oracle:primavera_gateway:17.12.11", "cpe:/a:oracle:health_sciences_empirica_signal:9.1", "cpe:/a:oracle:coherence:12.2.1.4.0", "cpe:/a:oracle:banking_platform:2.7.1", "cpe:/a:oracle:primavera_gateway:18.8.11", "cpe:/a:oracle:primavera_gateway:17.12", "cpe:/a:oracle:sd-wan_edge:9.0", "cpe:/a:oracle:banking_platform:2.7.0", "cpe:/o:fedoraproject:fedora:32", "cpe:/a:netapp:oncommand_workflow_automation:-", "cpe:/a:oracle:communications_convergent_charging_controller:12.0.4.0.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/a:oracle:retail_service_backbone:16.0.3", "cpe:/a:oracle:insurance_policy_administration:11.3.0", "cpe:/a:oracle:utilities_framework:4.4.0.3.0", "cpe:/a:oracle:retail_service_backbone:14.1.3.2", "cpe:/a:oracle:banking_apis:19.1", "cpe:/a:oracle:communications_pricing_design_center:12.0.0.4.0", "cpe:/o:oracle:communications_messaging_server:8.0.2", "cpe:/a:oracle:agile_product_lifecycle_management_integration_pack:3.6", "cpe:/a:oracle:banking_apis:21.1", "cpe:/a:netapp:oncommand_api_services:-", "cpe:/a:oracle:retail_xstore_point_of_service:17.0.4", "cpe:/a:oracle:communications_evolved_communications_application_server:7.1", "cpe:/a:netapp:service_level_manager:-", "cpe:/a:oracle:primavera_gateway:19.12.10", "cpe:/a:oracle:health_sciences_empirica_signal:9.0", "cpe:/a:oracle:banking_platform:2.9.0", "cpe:/a:oracle:communications_interactive_session_recorder:6.3", "cpe:/a:oracle:utilities_framework:4.4.0.2.0", "cpe:/a:oracle:banking_platform:2.8.0", "cpe:/a:oracle:banking_platform:2.10.0", "cpe:/a:oracle:utilities_framework:4.3.0.5.0", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.5.0", "cpe:/a:oracle:insurance_policy_administration:11.0.2", "cpe:/o:oracle:communications_messaging_server:8.1", "cpe:/a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0", "cpe:/a:oracle:webcenter_portal:12.2.1.3.0", "cpe:/a:oracle:banking_apis:20.1", "cpe:/a:oracle:agile_plm:9.3.6", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:oracle:coherence:14.1.1.0.0", "cpe:/a:oracle:communications_unified_inventory_management:7.4.1"], "id": "CVE-2020-25649", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25649", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:quarkus:quarkus:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:16.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:e-business_suite:*:*", "cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_framework:4.3.0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_empirica_signal:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:oracle:communications_messaging_server:8.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_treasury_management:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_empirica_signal:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:commerce_platform:11.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T16:10:55", "description": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-28T20:15:00", "type": "cve", "title": "CVE-2021-44832", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2023-11-07T03:39:00", "cpe": ["cpe:/a:oracle:primavera_gateway:17.12.11", "cpe:/a:oracle:primavera_gateway:21.12.0", "cpe:/a:oracle:retail_xstore_point_of_service:18.0.3", "cpe:/a:cisco:cloudcenter:4.10.0.16", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/a:apache:log4j:2.0", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:20.12.12.0", "cpe:/a:oracle:product_lifecycle_analytics:3.6.1", "cpe:/a:oracle:retail_order_broker:19.1", "cpe:/a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0", "cpe:/a:oracle:flexcube_private_banking:12.1.0", "cpe:/a:oracle:retail_xstore_point_of_service:19.0.2", "cpe:/a:oracle:communications_interactive_session_recorder:6.3", "cpe:/a:oracle:siebel_ui_framework:21.12", "cpe:/a:oracle:health_sciences_data_management_workbench:3.1.0.3", "cpe:/a:oracle:health_sciences_data_management_workbench:2.5.2.1", "cpe:/a:oracle:retail_xstore_point_of_service:20.0.1", "cpe:/a:oracle:primavera_unifier:19.12", "cpe:/a:oracle:communications_diameter_signaling_router:8.5.1.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:primavera_unifier:21.12", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/a:oracle:retail_xstore_point_of_service:17.0.4", "cpe:/a:oracle:communications_offline_mediation_controller:12.0.0.5.0", "cpe:/a:oracle:policy_automation:12.2.24", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.24", "cpe:/a:oracle:primavera_gateway:20.12.7", "cpe:/a:oracle:primavera_gateway:19.12.12", "cpe:/a:oracle:retail_order_broker:18.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:19.12.18.0", "cpe:/a:oracle:retail_xstore_point_of_service:21.0.1", "cpe:/a:oracle:health_sciences_data_management_workbench:3.0.0.0", "cpe:/a:oracle:primavera_gateway:18.8.13", "cpe:/a:oracle:retail_assortment_planning:16.0.3", "cpe:/a:oracle:retail_fiscal_management:14.2", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:primavera_unifier:20.12"], "id": "CVE-2021-44832", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44832", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:policy_automation:12.2.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:20.12.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.12:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.13:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:19.12.18.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2023-04-18T11:29:59", "description": "class-validator is vulnerable to arbitrary code execution. The vulnerability exists due to the insecure defaults where the property of forbidUnknownValues is not set to true, allowing unknown objects from passing validation.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-08T02:50:30", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18413"], "modified": "2023-02-28T17:57:13", "id": "VERACODE:25621", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-25621/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-26T15:38:50", "description": "jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because untrusted classes `org.apache.commons.dbcp2.datasources.SharedPoolDataSource` was not filtered by default from the interaction between serialization gadgets and polymorphic typing.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-07T09:36:35", "type": "veracode", "title": "Deserialization Of Untrusted Object", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2022-07-25T21:05:15", "id": "VERACODE:28909", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-28909/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T12:29:05", "description": "jackson-databind is vulnerable to XML external entity (XXE) attack. The external DTDs and doctype declarations not disabled by default and allows an attacker to perform XXE attacks against the application using the library.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-15T05:10:32", "type": "veracode", "title": "XML External Entity (XXE)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-02-02T17:32:39", "id": "VERACODE:27584", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27584/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-26T16:25:05", "description": "jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because untrusted classes `org.apache.commons.dbcp2.datasources.SharedPoolDataSource` was not filtered by default from the interaction between serialization gadgets and polymorphic typing.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T06:05:45", "type": "veracode", "title": "Deserialization Of Untrusted Object", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2022-07-25T21:04:58", "id": "VERACODE:28632", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-28632/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-25T13:07:19", "description": "jQuery-UI is vulnerable to cross-site scripting. The value of 'of' option of the '.position()' in 'position.js' is not properly encoded, which allows a malicious attacker to inject and execute arbitrary Javascript.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-27T05:33:22", "type": "veracode", "title": "Cross-site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2022-10-24T16:15:19", "id": "VERACODE:32740", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32740/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-25T13:07:21", "description": "jquery-ui is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the `_updateAlternate` function in `datepicker.js` as it does not properly sanitize `altField` \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-27T06:12:09", "type": "veracode", "title": "Cross-site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182"], "modified": "2022-10-24T16:15:21", "id": "VERACODE:32741", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32741/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-25T13:07:17", "description": "jquery-ui is vulnerable to cross-site scripting attacks. The vulnerability exists because the 'Text' option of the 'datepicker.js' widget is not properly handled allowing a malicious attacker to send and execute arbitrary Javascript. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-27T17:26:37", "type": "veracode", "title": "Cross-site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41183"], "modified": "2022-10-24T16:15:20", "id": "VERACODE:32744", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32744/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-13T00:41:11", "description": "log4j-core is vulnerable to remote code execution. Lack of limiting JNDI access to data source names allows an attacker with privilege to modify logging configuration to send malicious configuration via JDBC Appender with a data source referencing a JNDI URI.\n", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-29T01:02:12", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-08-09T06:22:24", "id": "VERACODE:33476", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33476/summary", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}], "cnvd": [{"lastseen": "2022-08-27T05:04:22", "description": "IBM Planning Analytics is a business planning and analysis solution from IBM Corporation. A security vulnerability exists in IBM Planning Analytics, which stems from the fact that IBM Planning Analytics 2.0 is vulnerable to a remote file inclusion (RFI) attack. User input could be passed to the file include command and the Web application could be tricked into including remote files with malicious code. No details of the vulnerability are currently available.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-23T00:00:00", "type": "cnvd", "title": "IBM Planning Analytics has an unspecified vulnerability (CNVD-2022-13923)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22308"], "modified": "2022-02-24T00:00:00", "id": "CNVD-2022-13923", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-13923", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T02:07:33", "description": "In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the \"is not documented\" finding but suggests that much of the responsibility for the risk lies in a different product.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-24T18:15:00", "type": "prion", "title": "Sql injection", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18413"], "modified": "2023-02-28T15:10:00", "id": "PRION:CVE-2019-18413", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2019-18413", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-20T23:24:23", "description": "IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-21T18:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22308"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-22308", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2022-22308", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T01:37:41", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-17T19:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2022-09-08T21:32:00", "id": "PRION:CVE-2020-35491", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-35491", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T01:37:42", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-17T19:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2022-09-08T21:32:00", "id": "PRION:CVE-2020-35490", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-35490", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T00:54:23", "description": "The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-26T07:15:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-23T18:32:00", "id": "PRION:CVE-2021-35065", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-35065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T01:02:59", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41183"], "modified": "2023-08-31T03:15:00", "id": "PRION:CVE-2021-41183", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-41183", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T01:02:58", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2023-08-31T03:15:00", "id": "PRION:CVE-2021-41184", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-41184", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T01:02:58", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T15:15:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182"], "modified": "2023-08-31T03:15:00", "id": "PRION:CVE-2021-41182", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-41182", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T01:31:04", "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}}, "published": "2020-12-03T17:15:00", "type": "prion", "title": "Xxe", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-11-07T03:20:00", "id": "PRION:CVE-2020-25649", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-25649", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T01:07:47", "description": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", "cvss3": {"cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-12-28T20:15:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "MULTIPLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44832"], "modified": "2022-08-09T01:24:00", "id": "PRION:CVE-2021-44832", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2021-44832", "cvss": {"score": 4.3, "vector": "AV:N/AC:H/Au:M/C:P/I:P/A:P"}}], "github": [{"lastseen": "2023-12-06T17:29:17", "description": "In TypeStack class-validator, `validate()` input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional `forbidUnknownValues` parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input.\n\nThe default settings for `forbidUnknownValues` has been changed to `true` in 0.14.0.\n\nNOTE: a software maintainer agrees with the \"is not documented\" finding but suggests that much of the responsibility for the risk lies in a different product.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T16:35:45", "type": "github", "title": "SQL Injection and Cross-site Scripting in class-validator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18413"], "modified": "2023-01-27T05:03:13", "id": "GHSA-FJ58-H2FR-3PP2", "href": "https://github.com/advisories/GHSA-fj58-h2fr-3pp2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:29:10", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-09T19:15:00", "type": "github", "title": "Serialization gadgets exploit in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2023-01-27T05:02:27", "id": "GHSA-WH8G-3J2C-RQJ5", "href": "https://github.com/advisories/GHSA-wh8g-3j2c-rqj5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:29:16", "description": "### Impact\nAccepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way:\n```js\n$( \"#datepicker\" ).datepicker( {\n\taltField: \"<img onerror='doEvilThing()' src='/404' />\",\n} );\n```\nwill call the `doEvilThing` function.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector.\n\n### Workarounds\nA workaround is to not accept the value of the `altField` option from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:02", "type": "github", "title": "XSS in the `altField` option of the Datepicker widget in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41182"], "modified": "2023-09-26T21:52:24", "id": "GHSA-9GJ3-HWP5-PMWC", "href": "https://github.com/advisories/GHSA-9gj3-hwp5-pmwc", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:27:38", "description": "glob-parent 6.0.0 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1.\n\nThis vulnerability is separate from [GHSA-ww39-953v-wcq6](https://github.com/advisories/GHSA-ww39-953v-wcq6).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-18T17:03:23", "type": "github", "title": "glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-01-29T05:01:16", "id": "GHSA-CJ88-88MR-972W", "href": "https://github.com/advisories/GHSA-cj88-88mr-972w", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T17:29:10", "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-09T19:15:11", "type": "github", "title": "Serialization gadgets exploit in jackson-databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2023-01-27T05:02:19", "id": "GHSA-R3GR-CXRF-HG25", "href": "https://github.com/advisories/GHSA-r3gr-cxrf-hg25", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:29:16", "description": "### Impact\nAccepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way:\n```js\n$( \"#datepicker\" ).datepicker( {\n\tshowButtonPanel: true,\n\tshowOn: \"both\",\n\tcloseText: \"<script>doEvilThing( 'closeText XSS' )</script>\",\n\tcurrentText: \"<script>doEvilThing( 'currentText XSS' )</script>\",\n\tprevText: \"<script>doEvilThing( 'prevText XSS' )</script>\",\n\tnextText: \"<script>doEvilThing( 'nextText XSS' )</script>\",\n\tbuttonText: \"<script>doEvilThing( 'buttonText XSS' )</script>\",\n\tappendText: \"<script>doEvilThing( 'appendText XSS' )</script>\",\n} );\n```\nwill call `doEvilThing` with 6 different parameters coming from all `*Text` options.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML.\n\n### Workarounds\nA workaround is to not accept the value of the `*Text` options from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:21", "type": "github", "title": "XSS in `*Text` options of the Datepicker widget in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41183"], "modified": "2023-09-26T18:11:05", "id": "GHSA-J7QV-PGF6-HVH4", "href": "https://github.com/advisories/GHSA-j7qv-pgf6-hvh4", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:29:16", "description": "### Impact\nAccepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following code:\n```js\n$( \"#element\" ).position( {\n\tmy: \"left top\",\n\tat: \"right bottom\",\n\tof: \"<img onerror='doEvilThing()' src='/404' />\",\n\tcollision: \"none\"\n} );\n```\nwill call the `doEvilThing()` function.\n\n### Patches\nThe issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector.\n\n### Workarounds\nA workaround is to not accept the value of the `of` option from untrusted sources.\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery UI repo](https://github.com/jquery/jquery-ui/issues). If you don't find an answer, open a new issue.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-26T14:55:12", "type": "github", "title": "XSS in the `of` option of the `.position()` util in jquery-ui", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41184"], "modified": "2023-10-05T05:03:48", "id": "GHSA-GPQQ-952Q-5327", "href": "https://github.com/advisories/GHSA-gpqq-952q-5327", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:29:56", "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-18T20:51:54", "type": "github", "title": "XML External Entity (XXE) Injection in Jackson Databind", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25649"], "modified": "2023-05-30T19:28:08", "id": "GHSA-288C-CQ4H-88GQ", "href": "https://github.com/advisories/GHSA-288c-cq4h-88gq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "redhatcve": [{"lastseen": "2023-12-06T17:49:10", "description": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n#### Mitigation\n\nThe following conditions are needed for an exploit, we recommend avoiding all if possible: \n* Deserialization from sources you do not control \n* `enableDefaultTyping()` \n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS` \n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath \n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T19:09:06", "type": "redhatcve", "title": "CVE-2020-35491", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35491"], "modified": "2023-11-04T11:32:06", "id": "RH:CVE-2020-35491", "href": "https://access.redhat.com/security/cve/cve-2020-35491", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:49:12", "description": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n#### Mitigation\n\nThe following conditions are needed for an exploit, we recommend avoiding all if possible: \n* Deserialization from sources you do not control \n* `enableDefaultTyping()` \n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS` \n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath \n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T19:09:06", "type": "redhatcve", "title": "CVE-2020-35490", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35490"], "modified": "2023-11-04T11:32:00", "id": "RH:CVE-2020-35490", "href": "https://access.redhat.com/security/cve/cve-2020-35490", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:36:52", "description": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-26T12:34:50", "type": "redhatcve", "title": "CVE-2021-35065", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-35065"], "modified": "2023-12-05T00:40:48", "id": "RH:CVE-2021-35065", "href": "https://access.redhat.com/security/cve/cve-2021-35065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T17:43:35", "description": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `al