## Summary
In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF024 and 23.0.1-IF002.
## Vulnerability Details
**CVEID: **[CVE-2021-33813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>)
**DESCRIPTION: **JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[CVE-2023-1428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>)
**DESCRIPTION: **gRPC is vulnerable to a denial of service. By sending a specially crafted header, an attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>)
**DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.4
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)
**CVEID: **[CVE-2023-32732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>)
**DESCRIPTION: **gRPC is vulnerable to a denial of service, caused by a base64 encoding error for "-bin" suffixed headers. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a termination of connection between a HTTP2 proxy and a gRPC server, and results in a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>)
**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>)
**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>)
**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID: **[CVE-2023-33858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>)
**DESCRIPTION: **IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[CVE-2023-35899](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>)
**DESCRIPTION: **IBM ICP4A - Business Automation Insights Core is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents.
CVSS Base score: 7
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>) for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
**CVEID: **[CVE-2022-41862](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>)
**DESCRIPTION: **PostgreSQL could allow a remote attacker to obtain sensitive information, caused by a client memory disclosure flaw. By sending an unterminated string during the establishment of Kerberos transport encryption, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/248100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[CVE-2023-24815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>)
**DESCRIPTION: **Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. By sending a specially-crafted request, an attacker could exploit this vulnerability to exfiltrate any class path resource, and use this information to launch further attacks against the affected system.
CVSS Base score: 3.7
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
**CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>)
**DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>)
**DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[CVE-2020-8908](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>)
**DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions.
CVSS Base score: 5.4
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
**CVEID: **[CVE-2012-5783](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>)
**DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.
CVSS Base score: 4.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
**CVEID: **[CVE-2020-13956](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>)
**DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
**CVEID: **[CVE-2017-12621](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>)
**DESCRIPTION: **Apache Commons Jelly could allow a remote attacker to bypass security restrictions, caused by improper handling of XML External Entity (XXE) entries when parsing to an XML file. By persuading a victim to open a jelly file containing a specially crafted custom doctype entity in a SYSTEM entity that contains a URL, an attacker could exploit this vulnerability to conduct XML External Entity (XXE) attacks.
CVSS Base score: 6.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132761](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
**CVEID: **[CVE-2022-22976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>)
**DESCRIPTION: **Spring Security could provide weaker than expected security, caused by an integer overflow vulnerability which results in a lack of salt rounds when using the BCrypt class with the maximum work factor. A local authenticated attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>) for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N)
**CVEID: **[CVE-2016-1000027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>)
**DESCRIPTION: **Pivota Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw in the library. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
**CVEID: **[CVE-2020-7760](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>)
**DESCRIPTION: **Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
**CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>)
**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[CVE-2019-11358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>)
**DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>)
**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>)
**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
**CVEID: **[CVE-2021-26291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>)
**DESCRIPTION: **Apache Maven could allow a remote attacker to bypass security restrictions, caused by the use of http (non-SSL) repository references by default. By sending a specially-crafted request, an attacker could exploit this vulnerability to take over the repository or to insert themselves into a position to pretend to be that repository.
CVSS Base score: 9.1
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200608](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
**IBM X-Force ID: **256137
**DESCRIPTION: **FasterXML Jackson Core is vulnerable to a denial of service, caused by improper input validation by the StreamReadConstraints value field. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/256137 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256137>) for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
## Affected Products and Versions
Affected Product(s) | Version(s) | Status
---|---|---
IBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | affected
IBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | affected
IBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF006 and later fixes
V22.0.1 - V22.0.1-IF006 and later fixes
V21.0.2 - V21.0.2-IF012 and later fixes
V21.0.1 - V21.0.1-IF007 and later fixes
V20.0.1 - V20.0.3 and later fixes
V19.0.1 - V19.0.3 and later fixes
V18.0.0 - V18.0.2 and later fixes | affected
## Remediation/Fixes
Any open source library may be included in one or more sub-components of IBM Cloud Pak for Business Automation. Open source updates are not always synchronized across all components. The CVE in this bulletin are specifically addressed by
CVE ID | Addressed in component
---|---
CVE-2012-5783 | Automation Decision Services
CVE-2015-9251 | Automation Decision Services
CVE-2016-1000027 | Automation Decision Services
CVE-2017-12621 | Automation Decision Services
CVE-2019-11358 | Automation Decision Services
CVE-2020-11022 | Automation Decision Services
CVE-2020-11023 | Automation Decision Services
CVE-2020-13956 | Automation Decision Services
CVE-2020-7760 | Automation Decision Services
CVE-2020-8908 | Automation Decision Services
CVE-2021-26291 | Automation Decision Services
CVE-2021-33813 | Business Automation Workflow, Business Automation Studio
CVE-2022-22976 | Automation Decision Services
CVE-2022-25883 | Business Automation Application
CVE-2022-41862 | Operational Decision Manager
CVE-2023-1428 | Automation Decision Services
CVE-2023-24815 | Automation Decision Services
CVE-2023-26115 | Business Automation Application
CVE-2023-32731 | Automation Decision Services
CVE-2023-32732 | Automation Decision Services
CVE-2023-33858 | Business Automation Workflow, Business Automation Studio
CVE-2023-34453 | Business Automation Workflow, Business Automation Studio
CVE-2023-34454 | Business Automation Workflow, Business Automation Studio
CVE-2023-34455 | Business Automation Workflow, Business Automation Studio
CVE-2023-35899 | Business Automation Insights
PRISMA-2023-0067 | Business Automation Insights
Affected Product(s) | Version(s) | Remediation / Fix
---|---|---
IBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> "23.0.1-IF002" )
IBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF005 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> "23.0.1-IF002" )
IBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | Apply security fix [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> "21.0.3-IF024" ) or upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> "23.0.1-IF002" )
IBM Cloud Pak for Business Automation | V21.0.1 - V21.0.1-IF008
V20.0.1 - V20.0.3
V19.0.1 - V19.0.3
V18.0.0 - V18.0.2 | Upgrade to [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> "21.0.3-IF024" ) or [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> "23.0.1-IF002" )
## Workarounds and Mitigations
None
##
{"id": "D1C70BE32DEEA561F5BD20121B6CE6B04522C3B0A34D7DF273B2AA52F0E58277", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2023", "description": "## Summary\n\nIn addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF024 and 23.0.1-IF002.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2021-33813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) \n**DESCRIPTION: **JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-1428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) \n**DESCRIPTION: **gRPC is vulnerable to a denial of service. By sending a specially crafted header, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n**DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n**CVEID: **[CVE-2023-32732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) \n**DESCRIPTION: **gRPC is vulnerable to a denial of service, caused by a base64 encoding error for \"-bin\" suffixed headers. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a termination of connection between a HTTP2 proxy and a gRPC server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-33858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) \n**DESCRIPTION: **IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2023-35899](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>) \n**DESCRIPTION: **IBM ICP4A - Business Automation Insights Core is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. \nCVSS Base score: 7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-41862](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>) \n**DESCRIPTION: **PostgreSQL could allow a remote attacker to obtain sensitive information, caused by a client memory disclosure flaw. By sending an unterminated string during the establishment of Kerberos transport encryption, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/248100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2023-24815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) \n**DESCRIPTION: **Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. By sending a specially-crafted request, an attacker could exploit this vulnerability to exfiltrate any class path resource, and use this information to launch further attacks against the affected system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) \n**DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) \n**DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2020-8908](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) \n**DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2012-5783](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) \n**DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n**CVEID: **[CVE-2020-13956](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) \n**DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2017-12621](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>) \n**DESCRIPTION: **Apache Commons Jelly could allow a remote attacker to bypass security restrictions, caused by improper handling of XML External Entity (XXE) entries when parsing to an XML file. By persuading a victim to open a jelly file containing a specially crafted custom doctype entity in a SYSTEM entity that contains a URL, an attacker could exploit this vulnerability to conduct XML External Entity (XXE) attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132761](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2022-22976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>) \n**DESCRIPTION: **Spring Security could provide weaker than expected security, caused by an integer overflow vulnerability which results in a lack of salt rounds when using the BCrypt class with the maximum work factor. A local authenticated attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2016-1000027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) \n**DESCRIPTION: **Pivota Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw in the library. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-7760](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) \n**DESCRIPTION: **Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-11358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) \n**DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2021-26291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>) \n**DESCRIPTION: **Apache Maven could allow a remote attacker to bypass security restrictions, caused by the use of http (non-SSL) repository references by default. By sending a specially-crafted request, an attacker could exploit this vulnerability to take over the repository or to insert themselves into a position to pretend to be that repository. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200608](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n**IBM X-Force ID: **256137 \n**DESCRIPTION: **FasterXML Jackson Core is vulnerable to a denial of service, caused by improper input validation by the StreamReadConstraints value field. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/256137 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) | Status \n---|---|--- \nIBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | affected \nIBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | affected \nIBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF006 and later fixes \nV22.0.1 - V22.0.1-IF006 and later fixes \nV21.0.2 - V21.0.2-IF012 and later fixes \nV21.0.1 - V21.0.1-IF007 and later fixes \nV20.0.1 - V20.0.3 and later fixes \nV19.0.1 - V19.0.3 and later fixes \nV18.0.0 - V18.0.2 and later fixes | affected \n \n## Remediation/Fixes\n\nAny open source library may be included in one or more sub-components of IBM Cloud Pak for Business Automation. Open source updates are not always synchronized across all components. The CVE in this bulletin are specifically addressed by\n\nCVE ID | Addressed in component \n---|--- \nCVE-2012-5783 | Automation Decision Services \nCVE-2015-9251 | Automation Decision Services \nCVE-2016-1000027 | Automation Decision Services \nCVE-2017-12621 | Automation Decision Services \nCVE-2019-11358 | Automation Decision Services \nCVE-2020-11022 | Automation Decision Services \nCVE-2020-11023 | Automation Decision Services \nCVE-2020-13956 | Automation Decision Services \nCVE-2020-7760 | Automation Decision Services \nCVE-2020-8908 | Automation Decision Services \nCVE-2021-26291 | Automation Decision Services \nCVE-2021-33813 | Business Automation Workflow, Business Automation Studio \nCVE-2022-22976 | Automation Decision Services \nCVE-2022-25883 | Business Automation Application \nCVE-2022-41862 | Operational Decision Manager \nCVE-2023-1428 | Automation Decision Services \nCVE-2023-24815 | Automation Decision Services \nCVE-2023-26115 | Business Automation Application \nCVE-2023-32731 | Automation Decision Services \nCVE-2023-32732 | Automation Decision Services \nCVE-2023-33858 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34453 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34454 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34455 | Business Automation Workflow, Business Automation Studio \nCVE-2023-35899 | Business Automation Insights \nPRISMA-2023-0067 | Business Automation Insights \n \nAffected Product(s) | Version(s) | Remediation / Fix \n---|---|--- \nIBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF005 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | Apply security fix [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> \"21.0.3-IF024\" ) or upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V21.0.1 - V21.0.1-IF008 \nV20.0.1 - V20.0.3 \nV19.0.1 - V19.0.3 \nV18.0.0 - V18.0.2 | Upgrade to [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> \"21.0.3-IF024\" ) or [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2023-09-01T19:56:42", "modified": "2023-09-01T19:56:42", "epss": [{"cve": "CVE-2012-5783", "epss": 0.00238, "percentile": 0.61653, "modified": "2023-12-06"}, {"cve": "CVE-2015-9251", "epss": 0.0066, "percentile": 0.7724, "modified": "2023-12-06"}, {"cve": "CVE-2016-1000027", "epss": 0.02444, "percentile": 0.88822, "modified": "2023-12-06"}, {"cve": "CVE-2017-12621", "epss": 0.00583, "percentile": 0.75614, "modified": "2023-12-06"}, {"cve": "CVE-2019-11358", "epss": 0.02952, "percentile": 0.89758, "modified": "2023-12-06"}, {"cve": "CVE-2020-11022", "epss": 0.02634, "percentile": 0.89199, "modified": "2023-12-06"}, {"cve": "CVE-2020-11023", "epss": 0.00675, "percentile": 0.77526, "modified": "2023-12-06"}, {"cve": "CVE-2020-13956", "epss": 0.00162, "percentile": 0.52683, "modified": "2023-12-06"}, {"cve": "CVE-2020-7760", "epss": 0.01484, "percentile": 0.85327, "modified": "2023-12-06"}, {"cve": "CVE-2020-8908", "epss": 0.0006, "percentile": 0.23497, "modified": "2023-12-06"}, {"cve": "CVE-2021-26291", "epss": 0.00135, "percentile": 0.48508, "modified": "2023-12-06"}, {"cve": "CVE-2021-33813", "epss": 0.00403, "percentile": 0.70734, "modified": "2023-12-06"}, {"cve": "CVE-2022-22976", "epss": 0.00146, "percentile": 0.50333, "modified": "2023-12-06"}, {"cve": "CVE-2022-25883", "epss": 0.00091, "percentile": 0.38438, "modified": "2023-12-06"}, {"cve": "CVE-2022-41862", "epss": 0.00051, "percentile": 0.17419, "modified": "2023-12-06"}, {"cve": "CVE-2023-1428", "epss": 0.00046, "percentile": 0.1438, "modified": "2023-11-08"}, {"cve": "CVE-2023-24815", "epss": 0.00051, "percentile": 0.17987, "modified": "2023-11-08"}, {"cve": "CVE-2023-26115", "epss": 0.00055, "percentile": 0.20864, "modified": "2023-11-30"}, {"cve": "CVE-2023-32731", "epss": 0.00112, "percentile": 0.4429, "modified": "2023-11-08"}, {"cve": "CVE-2023-32732", "epss": 0.00052, "percentile": 0.18641, "modified": "2023-11-11"}, {"cve": "CVE-2023-34453", "epss": 0.00056, "percentile": 0.21455, "modified": "2023-11-08"}, {"cve": "CVE-2023-34454", "epss": 0.00056, "percentile": 0.21455, "modified": "2023-11-08"}, {"cve": "CVE-2023-34455", "epss": 0.00056, "percentile": 0.21425, "modified": "2023-11-11"}], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://www.ibm.com/support/pages/node/7030357", "reporter": "IBM", "references": [], "cvelist": ["CVE-2012-5783", "CVE-2015-9251", "CVE-2016-1000027", "CVE-2017-12621", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-7760", "CVE-2020-8908", "CVE-2021-26291", "CVE-2021-33813", "CVE-2022-22976", "CVE-2022-25883", "CVE-2022-41862", "CVE-2023-1428", "CVE-2023-24815", "CVE-2023-26115", "CVE-2023-32731", "CVE-2023-32732", "CVE-2023-33858", "CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455", "CVE-2023-35899"], "immutableFields": [], "lastseen": "2023-12-07T18:00:23", "viewCount": 33, "enchantments": {"dependencies": {"references": [{"type": "adobe", "idList": ["APSB19-38"]}, {"type": "aix", "idList": ["COMMONSHTTP_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4670", "ALSA-2020:4847", "ALSA-2021:1846", "ALSA-2021:4142", "ALSA-2022:1860", "ALSA-2022:1861", "ALSA-2023:1576", "ALSA-2023:1693", "ALSA-2023:4535", "ALSA-2023:5360", "ALSA-2023:5362", "ALSA-2023:5363", "ALSA-2023:6429", "ALSA-2023:7016"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2015-9251", "ALPINE:CVE-2019-11358", "ALPINE:CVE-2020-11022", "ALPINE:CVE-2020-11023", "ALPINE:CVE-2021-26291", "ALPINE:CVE-2022-41862", "ALPINE:CVE-2023-32731"]}, {"type": "altlinux", "idList": ["10A64263593E5D4ACDC94E02E52B7059", "19D9D4CF9E621238B64E7009C574A2B2", "42BC904D75FC9304D407D50110046FC2", "4F191EA8E2A668CF7A349312F90C9ED7", "6F915B6999234F09276DF4EF0BA6AE8E", "A0F9BC49313C0174AEBD1110CF80D063", "B3637B4143317F3EF89506F8A87A1616", "CDE0C1843620F8553BED357CD3F689AA", "DBAF0FD4FDF438644FA7AB8A9E8B4FA3"]}, {"type": "amazon", "idList": ["ALAS-2013-169", "ALAS-2014-410", "ALAS-2020-1422", "ALAS2-2020-1519", "ALAS2-2021-1626", "ALAS2-2023-1905", "ALAS2-2023-1946", "ALAS2-2023-2045"]}, {"type": "archlinux", "idList": ["ASA-201906-2", "ASA-201910-4", "ASA-201910-5"]}, {"type": "atlassian", "idList": ["ATLASSIAN:BSERV-11753", "ATLASSIAN:CRUC-8408", "ATLASSIAN:CWD-4355", "ATLASSIAN:CWD-5683", "ATLASSIAN:FE-7196", "ATLASSIAN:FE-7344", "ATLASSIAN:JRASERVER-43422", "ATLASSIAN:JRASERVER-69725", "ATLASSIAN:JRASERVER-70929", "ATLASSIAN:JRASERVER-72052", "BSERV-11753", "BSERV-13449", "CRUC-8408", "CWD-4355", "CWD-5683", "FE-7196", "FE-7344", "JRASERVER-69725", "JRASERVER-72052"]}, {"type": "attackerkb", "idList": ["AKB:22C3A43F-3CEE-464A-9C77-FEE26DBE757A", "AKB:4A2FD572-63FD-426B-8D34-A9914260EF72", "AKB:5C46E63B-643E-4656-B654-4FBA061ECF66", "AKB:7651D6FA-BDFA-4A6E-81F2-E5CF545CD088"]}, {"type": "broadcom", "idList": ["BSNSA22456"]}, {"type": "cbl_mariner", "idList": ["CBLMARINER:13758", "CBLMARINER:13777", "CBLMARINER:25952", "CBLMARINER:27207", "CBLMARINER:27208", "CBLMARINER:4164", "CBLMARINER:7240"]}, {"type": "centos", "idList": ["CESA-2013:0270", "CESA-2020:3936"]}, {"type": "cgr", "idList": ["CHAINGUARD:CVE-2020-13956", "CHAINGUARD:CVE-2020-8908", "CHAINGUARD:CVE-2022-41862", "CHAINGUARD:CVE-2023-1428", "CHAINGUARD:CVE-2023-32731", "CHAINGUARD:CVE-2023-32732"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0561", "CPAI-2020-1183"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:871AE561BA64280CEEDB0200B9838843", "CFOUNDRY:C370A62B434194F5EF14ED1C2BCC807A"]}, {"type": "cnvd", "idList": ["CNVD-2023-07750"]}, {"type": "cve", "idList": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2015-9251", "CVE-2016-1000027", "CVE-2017-12621", "CVE-2017-16012", "CVE-2019-11358", "CVE-2019-5428", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-7760", "CVE-2020-8908", "CVE-2021-26291", "CVE-2021-33813", "CVE-2022-22976", "CVE-2022-25883", "CVE-2022-41862", "CVE-2023-1428", "CVE-2023-24815", "CVE-2023-26115", "CVE-2023-32731", "CVE-2023-32732", "CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455", "CVE-2023-47174"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1777-1:55799", "DEBIAN:DLA-1797-1:1A7B8", "DEBIAN:DLA-1797-1:A2877", "DEBIAN:DLA-2118-1:5E0A4", "DEBIAN:DLA-222-1:38FAF", "DEBIAN:DLA-2405-1:2470B", "DEBIAN:DLA-2405-1:33C7A", "DEBIAN:DLA-2608-1:50303", "DEBIAN:DLA-2696-1:E06B2", "DEBIAN:DLA-2696-1:E71CD", "DEBIAN:DLA-2712-1:691FD", "DEBIAN:DLA-2712-1:79853", "DEBIAN:DLA-3316-1:A7883", "DEBIAN:DSA-4434-1:82FB6", "DEBIAN:DSA-4434-1:D2F07", "DEBIAN:DSA-4460-1:50632", "DEBIAN:DSA-4693-1:F5786", "DEBIAN:DSA-4772-1:DCCA8", "DEBIAN:DSA-4789-1:72A9C", "DEBIAN:DSA-4789-1:817CC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-5783", "DEBIANCVE:CVE-2012-6153", "DEBIANCVE:CVE-2015-9251", "DEBIANCVE:CVE-2016-1000027", "DEBIANCVE:CVE-2019-11358", "DEBIANCVE:CVE-2020-11022", "DEBIANCVE:CVE-2020-11023", "DEBIANCVE:CVE-2020-13956", "DEBIANCVE:CVE-2020-7760", "DEBIANCVE:CVE-2020-8908", "DEBIANCVE:CVE-2021-26291", "DEBIANCVE:CVE-2021-33813", "DEBIANCVE:CVE-2022-25883", "DEBIANCVE:CVE-2022-41862", "DEBIANCVE:CVE-2023-1428", "DEBIANCVE:CVE-2023-32731", "DEBIANCVE:CVE-2023-32732"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2019-006", "DRUPAL-SA-CORE-2020-002"]}, {"type": "exploitdb", "idList": ["EDB-ID:49766", "EDB-ID:49767"]}, {"type": "f5", "idList": ["F5:K02453220", "F5:K15364328", "F5:K20455158", "F5:K29562170", "F5:K66544153", "SOL15364328", "SOL15741"]}, {"type": "fedora", "idList": ["FEDORA:0E6FD60E1861", "FEDORA:10ED96049C48", "FEDORA:11C9F606DF50", "FEDORA:163EB313ED0F", "FEDORA:190E631AD8E6", "FEDORA:25F4A2151F", "FEDORA:2B920607600F", "FEDORA:320386075B54", "FEDORA:3230260BA78B", "FEDORA:343A82044D83", "FEDORA:3787360525AF", "FEDORA:38DE2220D8", "FEDORA:3AEB830B2656", "FEDORA:3F234602D69C", "FEDORA:438D16045644", "FEDORA:4A1276046F94", "FEDORA:5B904214E6", "FEDORA:5D10B2170F", "FEDORA:5F36E6079A0D", "FEDORA:69E4320097F2", "FEDORA:77A873096A19", "FEDORA:86D5D3097097", "FEDORA:9BFED31347B3", "FEDORA:C7AFE309727E", "FEDORA:DC7DF3111B2E", "FEDORA:EE17520E26"]}, {"type": "fortinet", "idList": ["FG-IR-18-013"]}, {"type": "freebsd", "idList": ["1FB13175-ED52-11EA-8B93-001B217B3468", "20006B5F-A0BC-11EB-8AE6-FC4DD43E2B6A", "3C5A4FE0-9EBB-11E9-9169-FCAA147E860E", "416CA0F4-3FE0-11E9-BBDD-6805CA0B3D42", "7A8B6170-A889-11ED-BBAE-6CC21735F730", "CD2DC126-CFE4-11EA-9172-4C72B94353B5", "ED8D5535-CA78-11E9-980B-999FF59C22EA", "FFC73E87-87F0-11E9-AD56-FCAA147E860E"]}, {"type": "gentoo", "idList": ["GLSA-202007-03"]}, {"type": "github", "idList": ["GHSA-2363-CQG2-863C", "GHSA-2F88-5HG8-9X2X", "GHSA-2X83-R56G-CV47", "GHSA-3832-9276-X7GF", "GHSA-4GW3-8F77-F72C", "GHSA-4WRC-F8PQ-FPQP", "GHSA-53JX-VVF9-4X38", "GHSA-55G7-9CWV-5QFV", "GHSA-5MG8-W23W-74H3", "GHSA-6628-Q6J9-W8VG", "GHSA-6C3J-C64M-QHGQ", "GHSA-6G33-82GC-3PW5", "GHSA-7R82-7XV7-XCPJ", "GHSA-9HXF-PPJV-W6RQ", "GHSA-C2QF-RXJJ-QQGW", "GHSA-CFGP-2977-2FMM", "GHSA-CQCC-MM6X-VMVW", "GHSA-F7XJ-RG7H-MC87", "GHSA-FJPJ-2G6W-X25R", "GHSA-GXR4-XJJ5-5PX2", "GHSA-HWVM-VFW8-93MW", "GHSA-J8XG-FQG3-53R7", "GHSA-JPCQ-CGW6-V4J6", "GHSA-PQR6-CMR2-H8HF", "GHSA-QCWQ-55HX-V3VH", "GHSA-RMXG-73GG-4P98", "GHSA-V73W-R9XG-7CR9", "GHSA-WX54-3278-M5G4"]}, {"type": "githubexploit", "idList": ["1960C98A-289F-51BE-A556-7E603B53D820", "2B8C7714-D2D7-50C4-BEB8-B616BD51A554", "458891C6-0BE7-5AC1-8119-7DD6B0884A9A", "9E63B0B5-5583-5FC0-85B1-048296D9FC6A", "B38C8387-765B-587E-BBED-9336E586B3E2", "C0148A2C-75C9-5375-AE2F-DBEDCCD0999F", "C7E2EC97-A49D-5063-BC43-995A0E058FCF", "E83D6606-6F89-5700-B703-B87CF90D6565"]}, {"type": "hackerone", "idList": ["H1:1812768", "H1:454365", "H1:519061"]}, {"type": "hp", "idList": ["HP:C06911998"]}, {"type": "ibm", "idList": ["0033C585CDAF2B08BC84588E41908BB6DE4940B360CC4DAFD5083973876D7586", "0144489F29388BC174AAA21C4FC7BD9538865AE7DA8DF51DB8699E1B93888AAB", "01CFF49A8E945385D7DAF195723AF2400A442375CCE77F93B4CF72774A757E1D", "02208B95DC0377482AA2F9D9C05755BE90534C1B3F7475FC805AC14769FE9106", "0251DBCB96D0ED10DA628D06B0978F8DE5AB5BDFE82E017184802BFCC0709826", "0284A9C9E051B4865405E64F5A3763DE5BDDD913D368CA68D8232FD8BADE82FC", "02AC3D75FB5E9A395164B03D2835B59279C245C81FF95300ED74B35ADE723D5F", "02D6EE1E9E5CB5B35FAC43E27D1A3EE630F299D70324D0FF2D2FD4D9D9DF6AE5", "031AB80137983FA206B8FD452A65FA0ADD155D250DA679ADC4DC628C2E106C7E", "03E329DD2D954DF1EF032D20D937B9B5CA0EC21247578FB24792D8362E49E7F3", "07F45B223B1FF0E8026169440EC20471B6AA5D57BF636E7BEE3651903C06AF5C", "081BC01DD73DF350B73C4A6E4D45832D7D495B9692C2733721B221DD85439F0A", "08B3175215AD4DEFB628DD93761C69F3CCA255E041A3C9919F92554893D11ACD", "08B92D9A359AA2182A33A02394264D846CF74792C1490396DF12E0FFBB6DC869", "08E4652A35B12E43E70CAFEE0E9ECB0CABA8ABFA2E3FE408B255CB631BEDAABC", "092A5FFF63DF2D24AE105A3D4A7EFA1386A4FF9DBF7D2F354A30991E0CB4C671", "09859535BBD73886942005381F7140B37F4079C86A8279AC944AB83F5FC012DB", "098A0B0BBDA18721083717F103FE7FB2B2BBE2394E33149D968FE7B59A7B2AD4", "0A6BBC4DFBB5FEFCEDCBE9F7C11994171A57DC8ECA368D2E6508C015BE0285CA", "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "11418E60E1822B830D82A048693283E95E67F4E9FDA0F50B96E87F6BD33A1B1A", "12EFB707E056F27AA11980D2F9CC90B6739FAC22EC63709581DBBBA13033E1C9", "12F85CC5A8EFCFF0DEDC60E306AE4A76E4432E819CC3E482CD313736BE92C771", "1409CD05A45669BF88F7CEAB610D65B1F84FD0522659550C3AD802B5214CCF7A", "147034297FA06FFC53548CA4AC157AA2ED7A202101A16E2BEE4988E0F71A823C", "14B45CE958F99B93156873D6975DBFB3B70D3F58837AC0781D687F5A60FDE9BF", "167951D4CB6682B161C7C63B81A840E45EF18CAE83E9A3ED32C423308A35D68F", "1848F19E4A9D657CFDD89FE5711D83D71A004BF9663A7AF8BA4F4FEFEA5207A9", "1884864549E9954D0DBBE2AC224F348D2E593A0CB7BB89635A0316AA5AAFB22E", "18DDA265CB7B4E214C6EFCB156D33E6D34EBCFD2E6011EAE63D45B5143814F6B", "18F70AA47E2E43F4DA8767A4A95C24F6E49AC9CA2DA52A0DD0B10595AB37B715", "197752D0B69AF888CE7AF99246D335AC9552CC8C184EA78393A8AD7AC4312BC2", "1C10137FF68CB856FD9AD7134BD2C08872AD50A8C6A862CF5D424CB10E785171", "1CEBE5719DDCDEE0CE5C8E7073130153D5805F73149CCAC28EE85FCF1AE8E2C8", "1DBB84B31D8520BDA21FAB49DCBBC65BDA4B25DC581755F0005F890A0D31D1F8", "1E8EB664DDC627C3309FB200921E9D61D835AF04A5F675805F93C64918337FD4", "1F7A45CD4D73686FA6C9591207830D1B405EB9704E1C5F2BE5F439A0FE018D74", "20372756D0D4D41E4530AE121905256C2AF155E987D21A7B2CC7D85274A6AE1D", "205D8E291F00D69928AE2777BC3A52CC5094D59B30AB5BF479F77703C17C0EBE", "226FFFCDF94FA8471AA279C7EA3B887FAA510E3463B5ABDBC303B7D6583EE6BE", "229A4B43FE77515F8665EB39BE40365AEA78A7E6905A77143AA0029AE91AE79C", "269ED09DF8DEC59D6D5C76BBBEC1A3E9EB81FC2A6B977AF71E1341BCCE84CE32", "2778C5D6C324BC30DB7DAEAED1BB702CE80B1BCFF6D36121D0025E1E4A547CBD", "27BC70E2EA08EE1D00F1DC696806FF0E8D5E261D13D8DFE4629529B49DBE187D", "285F4595F3EA893F5D6623AF8FF9969259FB35597456697B71E9AB5BD317ED72", "2955FD677307C59BC4E381D8CA0275D629803259C2176CE4E845D6B42BA2E178", "2A203D8BF52DCAFF8B5E95996A1B55C43D9BF20BC5F58B0B4D388698819D6CF7", "2B8ED03AFB64688F7C236312BC8155AB0C092B0BB10F225899EEE28BFC95B925", "2BE1B762E9F077419A696E0C1B88E2D3F236BE3549BFC2182468480E071BF032", "2BF718F14FF19DE8D51FB2B6D6FB57B7CEDA39B7415BAE84A63B5263E7D5C5A4", "2C89CFD58F3D4EE971D17C1294FCDAF90987B18CD1793833204AB66E2BE29729", "2C8AC5B006429736039334AE81FEBEB33B177D66F06E2FCA009B44325938A335", "2FBA4A0FB6AAAC5B96D5638614DE0F0DD6C37754E93BCB6DD5A92FF9E1771D92", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "32A552C9D601D5556D9E77A4710C33359E9E59554828DF5DF32E88FA7D8B12FD", "332EB7C24BEDDB6A08EB1D2E56168DBF8FB7B8EE1E89939D477827DEB2BC62FA", "333C119D3A0437BF92826DA551039CEEC4C96ACBE2B033BC949AB1809D25154B", "3530DF8DA972875E9B1FD6F767CF9BCE12DD28AEEAAF4F127105D1281DCB6CC5", "363194759880A2629F1827F95B7711802399CF82ACF347AE6D563F797174F9E5", "3669E45D7FE2AA83192FF44FAA60FB349B5D39469F2B30F7D69463B2868B4908", "37E84D76257762D12F144C420A6FA36A16C6055B49D7AE073144BE16FFF7F0A0", "38673841651CC84F9C5F463EBAA4FCB1CD8DB260C4DB4DE5C5EB13515B8DE043", "390281289B3F4343A1E1F6452AD13173E9D0CC35AEA58C89794C77A0CF60DD5B", "3B659ECA0A3490E43A993E28F17C28259C30674E3C1D43656C4A5B37F135FF29", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3F50B90AA067D7B221DE01833CF094A0A4B8DFCEFA2F20192B47FCC636918D02", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "41966D937E2990F0F57325CC9C4284044D0D7B15F0E27C73F2A0083F424017E0", "43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59", "441A6459C1CBE843EDD7F5C4D862AA7C6F90584EA901F82EF1B6D31B418078EB", "44AFDEAFD41860F69D32A81AF82FFCC07CB70BCD09283311989298641C60901F", "44F758CF50615D6423B5252CCDE483B13BFAA1C220750C2CA4ADC6F324F9C560", "4501BE88AFC4704F050A929A4C62F41052B90E877F82DAAB169427507253D6F6", "46408A14D896F2590474D3B129B44EA3EC035B71D283468445233579BDC6BEE8", "46CE56C60CF59C2CE96E832E3949D9036A709BD9A0B3F2E5A02B11F84C34294E", "4777F5C1553B23793B9C264645B77DC8564BD5ADDE40E26C0417DA938016C274", "4979AE00A6ED0C539B1400C19C9582B63BBE318402F26C5329EFDF836AF802D1", "4BDE70E43A19F50FF60A2F5CB6ED1C095A92727557F41F17F3F3059A4D00A95B", "4BF7A5E750431865636D92E71393396C252B3F778FB89C0C3E599627DCB87306", "4C098F2F4DD25A03B6FD67587B106604BA4957943FBB7B66868AD8F6F9AEAA0C", "5102E26F5F9D162F10D7A53504320571C340046D1DC087AD20DBEB386B11F545", "534BE42CCFEBF334619AFF9C2FB1955CE0C058A0559E49A3D0C26AB6F743C73E", "539FD5A344951CB3146EC1C6256AC3A91344217924BD86DB5242BF2BD9D82C91", "53B532B87CEA78B57E2ED69FBCEA8B269DE8F2659CD1185FAB9174B1B7BD0971", "53F32964A2275244A5F7A1D6BE61A50BA12236B3F5CF9F259D3080CEA722858F", "55923ED420C179F971232A4F5E4CF51BF327A5F37E4447B3D3C9438B1E25C29F", "56CD6AE6D0DF3EA40055F52FCE3D2A173AAC3373E3B34A2E44FC4EEB4D56D289", "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "573A263702E2421AD12EE5454F7BA3408D7BF4D97944BB1DE6425810F67730C5", "57AE760DFB50538BE1F8A0AE6498718A547B70C0FEC4480282AF8A01140729ED", "5A92F226FB1AD5C0A26E79FEA7F5A169E0099442EF66208413981EB804ED87CD", "5AE66A815C09DD47F62D38868FF362CC931317EC0E3C4E8C405300DB0C2B5872", "5B0090FD2F9C31B1AAD8132D77F2F3A9BAFFC62B4D89F4FF59E14ABE175A3067", "5CFA2CCBFE05295C7186239383AF12E6EC68C33A3ED0A1976150849CCB589A37", "6227E56DAD73769F0362D834B90EB9B1D9A60C3227B1A4516F314052662E33C8", "629818E44ECBBC14327D01DD31BD162798FE2E718C78D969624EEE5130B4EFF8", "62AB7AC24488F173A89872D59386DECFC7922873C9D9AEEE45566043DC46C8A8", "63C0560C61FE9A9777F6402C4988E794A31F66C8118AFA944D2596065F5D0454", "643278CE1BB636D8764FFFB99832A74E1EB43BC79E059A2AF6DA2A9DF4BB4FCB", "6440B3CEEF4AA572EDBCEC6666974E017AFAAA0983E4E7486BF1811FD9CBC173", "64990A9FB6B7236B4ED85D724F1147C602BF5A02973B27E9FB3D61D8AA4823FA", "64ADFD088203597B59C398AB3DEF28DC4F72D37A4C48C7FA81C6531EDA6A9877", "66435AF1D3103D91874CD293A9EF77BE9BB7F876A75BC2F025715299C6CBF6AE", "672ED98E9AB8BD15ACA2079635029450D742DBDD7246A12534BFFA7D54E83F8A", "685144E7CAC9FF3324BB0BF0C6A7FD723FC8F31C74697ED3FED9D0604A4FD166", "697411C1D0B6EAAD03E8D2A5EB53C7D54B1A12C31BE0CB63F6EA92666FE7AECA", "699DB686974ABCA52FB620795DAC7B047FFAA5656DE194976FF4A8DFB18DE2BA", "69A7BBE7E184D381227C71421482BE6C273D970A393395AD8328BF4E6942595B", "6A6E39DD491635EAA208C18F7248C78C78878F6B4E00DDE6172488639667CAB9", "6B6CE9F202E660300CE36E02212419B587FED63C787599626A5A346895CA72E3", "6BA70D78F086D07D5D04D35657C565B766597C9DE86C3B8D586D271713B4D89A", "6BC9040B51F3B0282E132873A0D807E58D8450D20237A38329B62B37AB7F1BD6", "6BEA9F84DC62EEF2F81452A495EE058F7071A48DAFE4BA729BEFD2D5AB77F224", "6D4BC30FC7D54719CC8531DD40CAEF904411E8A769D791119C3658B78C353F56", "727A7F289CB7DD0BC0F572A28A0468B296B607D19CE6157408E791767F139AC8", "731BBFECC40F2EF7784FEBE5505A0DC4D4C5517BF2BAA0989024E9CC37129731", "7394B6FDD8E91DB4A9C5E7CDF0273B6CD45AEDBEC40949BEF26187DEF8BCB3C1", "73C56B324A2080FA9C0CB45D26C0A4523AA2C160E0E404D5B47EF65512D83AFF", "74D0E5AD4F657233552369F17E052268A86658331A40E0F3BB6D4070311F727D", "7577BCAD9072181E579BF3A80532F420C8424F287BE8B450E9A58DF0F61C21A9", "759B56FD4AA17873CFEF240471D53E2CE3CC4A7775D72A8FF17D44E868820C96", "7673ECA7C26C82F326589C66582D68F7F87357B4FB250AD73DE7E7F5EC924344", "77972D63681B5C5CF5A756975D81048480CF1445F8B84D8F700DE1C7A1F2B459", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "77F932BEF94741D1CD7E843331A844A8F7FB52F0B613A485A45CAA9346DE6AE7", "792B85A8DB94781D66D2F4C4B62AF0AB0D8345DE0EDC163D9DF3146450CB58F8", "7C1B5D0FA031DA8FE69676846CB3E888C4ECACD67FAECEEE869017FFAD05FC00", "7C6822723C8DED69D9FBC4D1DC69A54DC5A848CD239869AB0C90FC327D194CAA", "7C6868DF7570F67513CD79FFFE949C20A91FB069E0BF035BB536049992C5168D", "7D54DEDCB070F04D196472839D45289A985D90E09E6691D23E4F07B99E304644", "7D67D80D4B93C266A649B84CAFDD0C7C0525E4EF25DE3D86F84615A02E71F9A3", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E198CE5A0ADEBB8D8E13DB5406E27B8CAE2B095A5AF6A169BEA982CC9A5A270", "7E1CB2FDA212C7A8FC0CCD8803720285F00C1F62F3E2628C7217A85BFA5FFBC8", "7E2F5BE2E736F37A5C7CCF26C9B454B432809BD7A4C2F260E0156222D3F030DF", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "810B84D30510E1DF553A9851BF1992B1D779D424BC77EFEC4F325FF5888FD93F", "817AF808ECFB2DB89B8957CB7948F2576360D0AD07783BA6C641C17BF4EC867B", "81D5F6F41E5617EDA7FF694BBE43496FC48B7577BB4C9C238127ECCCB1D40118", "8273F0B6AE1E66EB147DE5F94E39AFAA7F1C554FFD3854272CF9EE32A631FAE8", "82F8BBD304C3AC1475AE424890BE919478BF7AA50216C2335DA22E3F782D3832", "835FCF49B2EBCFFC5200209068B261BC0CB3C70D61CE55BE126A525CE230D1D6", "83DE818C5932FD800E5449ABA82FA7FDCAC7A0E2B41C5C07CC9E5CC56A3B9296", "8491CF1F3DD8116411BD720BFCBC2272BEB04446394152CADFC6BA73F4D21149", "855B4BA1D8689E5499796780BB5F84A821CB5A58C4CA127B1C70F27CEB7E6AFF", "858896131EA815FB74E9BDD335996EEADB31086755EBD223F4051866A0275C41", "86C605E3543D3B83BA0A25B4F9686B938438FDAB955B33BD0721D21AA9B6A946", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "88982C3BC765C275837ADC018CDBF4C480BAB80750C3DC007054B3AED0A5724E", "896C37C2DF3ED859B2FCF88A82CF7C8845D796C56DB67CAB2014DB5BF3A76642", "89780D4585A20488FEED7686A5CA76A1831A95DB741EA06511648ED27850EC1B", "89BE9EE6717FD5FE5CAC882E73D515D8E83F7EB08EF93BE1CF98227C2B6807B1", "89FA8C3D609DA37A07A9176E3D62CD317A632452E0252F1F53DB21BDB9518B31", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8AB60941C13A8D0C0BA386286200DA8E303A224997B3F7971CD5F03D04936D00", "8B6CE64BECA68519204B7FAC94B33436E7D2A33A58B4CDEBFF8E1615DD04F371", "8CEB781B9D2AC04FD985BFAD70ABC5E91AC5A3B5AD49FFA62E58DF0126E7028B", "8D964A6D85AB92A093A54D98B52835DA52D646F29F4FB8F77B0F37827E6FEFB1", "8F7E9BC38CC1D5886DD8998C93E683C9367649830B463A9A5032011B60846A4C", "8F855655365113FB66D8E1F186B21DC153770667ADB1C9A5219DEC2EA4AB1356", "8FB323EC50EB5CCD3380176BF2571DDA8C7739DBF4BC558C9B57458B912FEEF7", "915C40C3847839BAFC1ADC3A4E386F48D7716C2F3DA53EC6BE7228D7003DDC0D", "91D7C6C9A5739FEE5F42D389A6790AF75591DE3F4B00792DEC9B2F9736C9AA92", "92046D7E22F9D85F792C6047C0784EE0809D6F8B566DA133FBC9695D2E75FDF1", "92C2D58DB9DA7102D7F9C515B4EE2CED16C0735F48AA49B707B24837E12E16B9", "9308099D073B8B4A5B875ABF63A2A8BA4F4ABCB691E71E14B89B4833B4ED12AD", "93A2C56B0AB96E65E4360EC6548816D3C33DE282AFCF4BF7B723C6CAF3370854", "93FB43619692E9A4D81819FDEE2EC14BE9B5E62B4E287FD49E3F7D0FE31D653A", "941A5FB04B6C4DF5F07E2FBC7A84EADD1A839385EC770AAC6BDFEF5BC82847D9", "949B9DDB0FA651783655B4ED031BA950E0AB7E2D3614F091F8916CBB4FC837FA", "956A624E237CD5950CF708D6365F746A4303B7B9542EA80B8178F887BF9CB81B", "96AA6E96C459B552487D37879C1210BD7926BC641E7FD69543382941733FFB5F", "96B854658FB25B1C41C7953D07DFA40702863F7DF3DA2149F3BC57ED6B4B5CAA", "9761259BA69756C38441FA26E76B73F6B5EB43301C8C58943F0B0ABB8BAFB613", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "97DBA1E30952A387E9FFBBCBC4073EB22E406C0722006EEFFCFE53B1712D7E07", "97E9E01F522CE2A09AC967C331BE23B1A4AB13C8109B20ABE3C3938564FA88BC", "98B323422CA792F32B2EA7482D9D79B9F9D15C3830E9ED03453DF7CC38205557", "99084FFA789D95BADF692928B0618A889A000D098F055B05388851B9A57D3682", "9A20509E1E544EB20A59DA9FC7AF82F400FE5F811F4BF6223A61E0E7FD269C22", "9B4A660DC59FDA6065DC45501A2E117A7010B19EF8A21DCCDC799BD89E6DA49F", "9D9A01E02514803E9E0E5DD88830752E1595E1F1CC50F35B26CA6DC44AE2E184", "9DB895C4F270F43F8C3560CBAF624FA9E5871EFCEAC3EDCFEBBD1FDDC90D847E", "9ED959A552F1F1135D021720BFEF601A33E4FF298A735DCF0648EF0558E731A9", "9F95AEBD8EC232C9A5958CB17E5C9C4116B02F62221BC66A39487A0F95F36A9F", "A06F12F99F7545DFE07CD344050360202C552320F55B7BB3CB0C7A8EBF4E76E4", "A380C4CD3FFEF0D1AD28C9019320AF0085267A1FC55FD33D40E61A6A71DFDFF1", "A3F6D65D3EA97E094C257339EC4715196C6675E29E7CB80EC727C62BC21B1B01", "A491BD6DC6AF5A623AEDFEDF7E779F24335832EEADC2D8516572D7CD002EA565", "A857491C12F9690D2E334D725B20D01FDC9D61A02AE30B77254F5FA19329D7D1", "A8A1B567F944BADF2C3904883B086755440DF569158EEB6B0C8C2202276A6F6E", "A9887BC773EA30E99327B19185BAE49ADF6DFB03C06E2572F64DF123E8602ACE", "A9B608450EE2B2505174F8F497D891A822A15EB84A1C302BA28DE13FA45B34D4", "AA0FA20ED074CB7E35A56FA4B12E7D09759EB12D77D601A38288548C729671F2", "AA6F08F01A079565B77B09647282DFF85E99CF9A1905EAF67DAE8F9CCF81DB85", "AAFF9E87667B35D62A52D77B8E5C3A000AE2419974F7C14545C23704BDDC171B", "ACBA42A9F266755DB30CE35DBA1907FB61B1687AAD3415499AF5573BC67595AA", "AD312E8136AB3DB47391171303ACD5ECA07F85E94A7D51B4A029E2E363EB0513", "AE395445C7C7240CD17B06CE58A20D98731AA33DE1AAF047F3A02C424CBD3F87", "AEC0722767EA21CDE0F10129C001F976425E48E7F302D7C24108AFF251D12D6D", "AEE1E07E02908A4212ED88924C990183361238A19EF8B2B4F9E503525ED5F8E2", "AF3CBD718F3297D87FDA4616011F4CD425D9EBE3BB2880108811A5CAEF018EB6", "AF6ABB14A6D607E15C5B5E8D5407EEF7D810349AC6111648229782BB7B5A95B8", "AFEA4FE7785D0CF94A68BF920671D47C694E431E7FB3944A2D25FA8728D0725B", "B0FB4CCA6C2AAF4AE7DFA7516AE94640B71BE0BE346F669F7A4393C673251F3D", "B0FF85DCDE8644B3484BD6CF258480DD40154E7BDFEEDF7A128BF747F3AC618F", "B14EB1551FB935CBDB90A852C1C192530C38DAACEDB3B6EA8584BF37FEA14B81", "B26820DB27A2FAA1ACA38AC50789692CF5EFEEBC3CBAF202DB49324399109A51", "B27DA056142E4A36303B347414215536E8239DB802E03F91A0697BC6B1A02B13", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B351BE97E8F81401E64869E29913CE726CFB99DA63C9E66CB38B17082FB655A8", "B36D4D104A4F6AABE76B2FD840B292FAFEABCFA232BB38EEB768F68D12E9D548", "B42C7766BD6D792BF0266E15786582D0D78318B74807A7CC5A72B4D0D490AD59", "B609D685D630C87BB458CB89A66B87A64831A7617912F7856869B7F1B264C40C", "B61430FF02D2BBFFC51F443C00CA0AEE8270C012141BA15B5D5AABD29C436091", "B62A0DF1BA325616E310706F59A3DD07DD7DC7356D343963E6F99C6D89411ED3", "B673694C2888EE95A6BAB04A5C155DEAA18A41E4DF0C4AE45D1C5C2E3FD7151D", "B6D98686FB4CE3794F12AA810C56116765161F3CB64E9212B301423AF70BBA48", "B7F356915A28B9170C4F7E7052ACCF6150441808722D8591A7AE82035D391CBA", "B895392A74ED197662991415267981B8C80385CF8D50D839B21162A7435541BC", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "BA385C300E1AB69708D8E5042F5220F275493E2AE45A5E3A1DD992DE1DAB492E", "BAFE1432B61D78F2B29438C3606D2D46643F4DA3DFC6DD0FB0C4962ECD44C150", "BC8C71EB9C8A2815359425C885010973357943CA7BEDA11D7B4BF9826BCB3CBC", "C021276479A221FF692D12EAC01BCEC659EBC1F683C613ABE22EAA9B3749726A", "C1043F35FF1F630A47D32A8195A08331316B4A0E682E22CCC64ED3A8793D1A86", "C1F769D030FC2C40F30870B89602B6E37C63D9738974975088F5749826F8EED3", "C240DF09D934E998A5A6E9F16EE5D00606D3852B389FD502ED34EB411645C177", "C247CDADCEBD86F6926A5A03AD862F20EC878D5E1054BCF2C6B70778E3741BB7", "C3B567818F0068A4E76BF412FA5CD0354D004804480FA49A2095407B12E1C65E", "C5C3A875E50DB700220E26BE110391D11F736F71096D75C525AE9DDA14ABD8F7", "C633E3F919C9BCD1EAFB625FB054DC01CA44ECB316E9D13E7A22A44BF1FFF391", "C936C0289F6D1ECF2F7B1179FC0DBCBE1DBDAE4E68A5D3CDEF9291869F5779CC", "CA6E62CB32AA91296638D9DAB5072711CB69A35615F7FC69D8B55BD25BE71F67", "CB2895AB64BE5DA21F8454A3599392A38AF9EA9FB50CF874EC2F101FB25194B3", "CB8D3B0114576C613A2239EFF04E3E68A8776A9C679BC09DCEBCCB03B8CE58D2", "CBA598237EC6F84B53BABD94A4C1A8896539FE5863458FA4408BD6DB2D7A57BB", "CBE509FEA22A618B4653E456513C3FF93685431FDCB2E718DD0A763823DB62AC", "CC3CA2E6A057BD0C432A1C280BCDA473EAA13F9A6EA2532C58C5E8FD129BF2B1", "CCFBBF17D9A696428033DD621D20DBA44A61CCB92DE126AC9B8A8CA1DDE1D0EB", "CFCC0798CDF713DF824D5A326207194D6B958FDE4555B27C773AACA218FEDFBF", "D0934964E9B56702CBED525517F4EA576FF2F33A8BA6C800C34ECA9B7FE90236", "D119D49C63D565CF5FF1DB2A9639F03B8A262F13941341F6EE7F4F012125086C", "D11AB976F85F6CB2A151F18E4C7DCD45359DDB99578FE739D459AA7C71585CEB", "D16BB3B63F820806338161CA1080F3C27550FA2CD017A11E0C7250AB6C05CD77", "D21E913C6ADECF8EF09DE3D9AEE7C0E5E9B0753FDE5C8D754FBFEF41B5821AD7", "D4F9AE28EA501CF2A176391E0E920E7B7FC3A2D7D8CE5319FAE6CA44DF5B1E04", "D63678498B94CE4636F5CEB8FAB7C8F6F571F578E6D0EF1B23F011C3A5778E9E", "D66B903250F05C7E6F628063E46BB788B758ACF5470BDBDCE9A7DDCF98ED3362", "D68C800775F3FF091EBBA6CDD9876B557C32AE8057306E8C377C8D67C60953EB", "D69CAB0B695FDB3F4A13D03095C9000050A31CA1EEA0F9ED3CBD01DC6FA43F1A", "D737A8C94C930B47803CAEB6FC01A6B08302D409FE64A0E40960433AFCACF7A4", "D73D3EC11078FBD322287FA1CD4D278DC6757E7F27EB2AF32CBA897EE086EB0D", "D76F4980D06F4400991FAE8F98C49106DCF125713B9325635CCA2480D3904342", "D783A7F4DFFB9905E79E357ACA80CE9623FFC55147AEC4BAF71DFFC0CC45C9F3", "DA815A7C4A42ED491F84873B4248BBC6BF0CD175F8AA4219C89E764FB61FECD4", "DAFB6976639A3A0CD92E6E7C328A7D79DE7ABB5427325AE9867BF17CA6FD2D68", "DB21F6160E03B6122C498B14479D8591179C3DBE218BCD893BF4F64F3154AC0A", "DB866DC8DC23646847AE5E9E25C02B2DF2A195A414B2734DCAA102E637957BAF", "DC103410561C74F2BE482D1DC9D39673C4CA0201FA7430A6DA0052ED558DCC5F", "DC1E3E2C447E8C34410E5BFCF98F1BF0BA115FC736AA77AB7956DD329EB71F5D", "DC73D3D91A720FE8A2EC31821A55F86974C290FCEA44B41084BB75389D260241", "DD3DD96D8064D65093AA9C7A9CFD186B2731F20C9C4F12C15232298160BDD6CD", "DD5BF5116E5741EB672335643731F4B54ACDBD92F34C019A128C14DD0EF87E44", "DDB6BECDB2F6AD03325FC289A06D647AF83BD3A8B6A5886DB4466FD926B7E25D", "DE46BF6F090121E98D358952D04EFBEF93EFD7E32E719B8173227C3E5CB26E90", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "DED899C681C4F01F658F5349E77058BDF8C51E88FADBC17AC63AAD856B4CADE5", "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "DFEB027D63B2C15191EC1FDE8836EE3B8F24CFA4B42FE77E7E1820B6BBD77AC9", "E04F9DE1174EFB4A26CD756DF59E4C46606A4BD4063992B465E76804515C6833", "E05CC151FBA87195514CB65A3CB00BD8B2697F1C08602EC6A35EBF3E97CE31AB", "E4F82B1EF36905183E848EAEFF844914F58061E9D484E205B7784B8B5BE99E13", "E51AD2501331015E7E19A3AC49A96E1AC1A7C291EEE9E468031B3BA17AE28285", "E5C9021CFF3428F4B3B0F66CCD3134EB51552CD8CB2E83DF36DD8403ADFA8179", "E71855EC48855BE02A16779F38C95DDF6E9480BA43A32DC813AE1E9FCDEB7139", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E7B26F1EAEFB4260D24EE36CC6F4BF7A433546C3ED0AB3E0C2C3FEF44B61DA61", "E7E04B70726DC92117EFD1600854DA68BEC091FCE0F6B926CC5950ECF1629C1B", "E81A7993ACBB1516F7D6F53AF0BD65493FE3E87E11CC696DB43234F62A8E5303", "E865AEC861081DF4FF67DBF0B04D3E134D71A5914681CD7C13E100D35E6CDBA7", "E933811CDCAC11BDF93700BE22AFC6FCC37CF8CE9AA70F21BE8098A186DE482E", "E9C53D2F51964D4EC70C227FD230B86A74310670A3BF941241307D8597CA4222", "EBCC12197854D7C444B518B80A223576FCB219A088A0CC929C19FF2993DC431A", "EBD6110D65EB41702B40A5795DBF9BE4F150B84442976771BAD2D5EE26847349", "ED796DA12F35B849EC739966324C81FE11BDCC6E2DCB25F912D4D4A08B754359", "EDBB640D9C964C319A40ED15C23232FA8D49C6B495D6EF19F248B4A314B7651D", "EDFA9D5968081EDE399774767050C178F730BD070533CFA73DE5F24F7E8E7A52", "F009B229BA58179FC3CB8F633C40E30BDC72B91C95C8FC1634F3C8FD8DBB7689", "F06557E676BEE33840ABDCBC8B63800AEF257D21E96813D19608264A0DF5ED04", "F10B278BFBFA868C361722B3DE18CDFFBEA415174A88751DEB4AB93FA4D5705C", "F15BA9EC0C1FC4624C7DDC90D046A7A3558B86CF13B121A8778B5BA8562491DC", "F1A3DFA7EB79FE51E9EE40DE7EE818B3181F7D6FFEBD16C7E5DC5676556369E6", "F1E13830189EF724267AE210258121182D99740D98A2D34B36F92619C8D706D7", "F26EE38CBA6B93A0B0967DD4DF0B628E7EDCBF41134B0358C7BD18C0EBEC7F60", "F43AC4AD74C202F4FEB76EA0BC3429642A773A92CA519668F55C67ABFA59AEB0", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F", "F64DA47FC3702B8685BBFAF6F11CB66B162143A42893C2917F13E1D839D0A9E6", "F65F1D96E364841337F0770420AA39E180E57CF181628F15C7259D9D9A9E8BDD", "F85B5EB603978E35DA96F203B1B3AC1597B9043782D0A8B088128372573029E6", "F976E6D48149579C30755509014967F1B6A7163FEAAB9453EBE9572696C3DDDD", "F9CB770C5B8A2294DF8EA0EF427572827C6FA0BB5C5E3EA1766A8830336C32AE", "FC2BEDDC9B0A20E14CE30F6B90D14256565AADCC69A534CA0557D8F35594D108", "FC367D3847B3B18A075985BFC8A2A8898C7B9AFE3FE16A6F84968131CD5047B4", "FC7F68E0222DFE0CD0F9243D471FABAED6E98B8EFE68407B48452DA1CB1F95FB", "FD3F7FDFA4DAAB71D175F1E137285D1F69A465922921368206BF33D36AB43D22", "FD89F92B8829CE7392B47C0ED84C6AFC3595DB7DDA24639A8AB325F2C83DE0D3", "FE92891352F62141E1660E1A95087A794A20D312AEFF1AED380D11E9110B3439", "FF4840FA7F2317CBB6130A281376F7290C3227EB77D653FDB8C95433F1FE2137"]}, {"type": "ics", "idList": ["ICSA-18-212-04", "ICSA-20-133-02", "ICSA-21-306-01", "ICSA-22-055-02", "ICSA-22-097-01", "ICSA-22-342-02", "ICSMA-21-187-01"]}, {"type": "joomla", "idList": ["JOOMLA-779", "JOOMLA-816"]}, {"type": "kaspersky", "idList": ["KLA20223"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "laminas", "idList": ["LP-2020-01", "LP-2020-02"]}, {"type": "mageia", "idList": ["MGASA-2013-0199", "MGASA-2019-0279", "MGASA-2021-0021", "MGASA-2021-0314", "MGASA-2021-0381", "MGASA-2023-0064", "MGASA-2023-0230"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:0A61417A438C7DDFAF7749BDD909CF11"]}, {"type": "nessus", "idList": ["AIX_IJ44987.NASL", "AIX_IJ44994.NASL", "AIX_IJ45221.NASL", "AIX_IJ45224.NASL", "AL2022_ALAS2022-2022-168.NASL", "AL2023_ALAS2023-2023-014.NASL", "AL2023_ALAS2023-2023-282.NASL", "AL2023_ALAS2023-2023-290.NASL", "AL2_ALAS-2020-1519.NASL", "AL2_ALAS-2021-1626.NASL", "AL2_ALAS-2023-1905.NASL", "AL2_ALAS-2023-1946.NASL", "AL2_ALAS-2023-2045.NASL", "AL2_ALASPOSTGRESQL12-2023-001.NASL", "AL2_ALASPOSTGRESQL13-2023-001.NASL", "AL2_ALASPOSTGRESQL14-2023-001.NASL", "AL2_ALASRUBY2_6-2023-007.NASL", "ALA_ALAS-2013-169.NASL", "ALA_ALAS-2014-410.NASL", "ALA_ALAS-2020-1422.NASL", "ALMA_LINUX_ALSA-2021-4142.NASL", "ALMA_LINUX_ALSA-2022-1860.NASL", "ALMA_LINUX_ALSA-2022-1861.NASL", "ALMA_LINUX_ALSA-2023-1576.NASL", "ALMA_LINUX_ALSA-2023-4535.NASL", "ALMA_LINUX_ALSA-2023-5360.NASL", "ALMA_LINUX_ALSA-2023-5362.NASL", "ALMA_LINUX_ALSA-2023-5363.NASL", "CENTOS8_RHSA-2020-4670.NASL", "CENTOS8_RHSA-2020-4847.NASL", "CENTOS8_RHSA-2021-1846.NASL", "CENTOS8_RHSA-2021-4142.NASL", "CENTOS8_RHSA-2022-1860.NASL", "CENTOS8_RHSA-2022-1861.NASL", "CENTOS8_RHSA-2023-1576.NASL", "CENTOS8_RHSA-2023-4535.NASL", "CENTOS8_RHSA-2023-5362.NASL", "CENTOS_RHSA-2013-0270.NASL", "CENTOS_RHSA-2020-3936.NASL", "DEBIAN_DLA-1797.NASL", "DEBIAN_DLA-2118.NASL", "DEBIAN_DLA-222.NASL", "DEBIAN_DLA-2405.NASL", "DEBIAN_DLA-2608.NASL", "DEBIAN_DLA-2696.NASL", "DEBIAN_DLA-2712.NASL", "DEBIAN_DLA-3316.NASL", "DEBIAN_DLA-3551.NASL", "DEBIAN_DSA-4434.NASL", "DEBIAN_DSA-4460.NASL", "DEBIAN_DSA-4693.NASL", "DEBIAN_DSA-4772.NASL", "DEBIAN_DSA-4789.NASL", "DRUPAL_8_8_6.NASL", "EULEROS_SA-2020-2560.NASL", "EULEROS_SA-2021-1346.NASL", "EULEROS_SA-2021-1831.NASL", "EULEROS_SA-2022-1895.NASL", "EULEROS_SA-2022-1933.NASL", "EULEROS_SA-2022-2618.NASL", "F5_BIGIP_SOL02453220.NASL", "F5_BIGIP_SOL66544153.NASL", "FEDORA_2013-1189.NASL", "FEDORA_2013-1203.NASL", "FEDORA_2013-1289.NASL", "FEDORA_2014-9539.NASL", "FEDORA_2014-9581.NASL", "FEDORA_2019-1A3EDD7E8A.NASL", "FEDORA_2019-2A0CE0C58C.NASL", "FEDORA_2019-7EAF0BBE7C.NASL", "FEDORA_2019-A06DFFAB1C.NASL", "FEDORA_2019-EBA8E44EE6.NASL", "FEDORA_2019-F563E66380.NASL", "FEDORA_2020-0B32A59B54.NASL", "FEDORA_2020-11BE4B36D4.NASL", "FEDORA_2020-36D2DB5F51.NASL", "FEDORA_2020-FBB94073A1.NASL", "FEDORA_2023-15B3E80753.NASL", "FEDORA_2023-3A06C965B4.NASL", "FEDORA_2023-6CAD6E5003.NASL", "FEDORA_2023-8570E0055B.NASL", "FREEBSD_PKG_1FB13175ED5211EA8B93001B217B3468.NASL", "FREEBSD_PKG_20006B5FA0BC11EB8AE6FC4DD43E2B6A.NASL", "FREEBSD_PKG_3C5A4FE09EBB11E99169FCAA147E860E.NASL", "FREEBSD_PKG_416CA0F43FE011E9BBDD6805CA0B3D42.NASL", "FREEBSD_PKG_7A8B6170A88911EDBBAE6CC21735F730.NASL", "FREEBSD_PKG_CD2DC126CFE411EA91724C72B94353B5.NASL", "FREEBSD_PKG_ED8D5535CA7811E9980B999FF59C22EA.NASL", "FREEBSD_PKG_FFC73E8787F011E9AD56FCAA147E860E.NASL", "GENTOO_GLSA-202007-03.NASL", "IBM_TEM_9_5_12.NASL", "JIRA_8_15_0_JRASERVER-72052.NASL", "JOOMLA_3919.NASL", "JQUERY_3_0_0.NASL", "JQUERY_3_4_0.NASL", "JQUERY_CVE-2020-11022.NASL", "LCE_6_0_9.NASL", "NESSUS_TNS-2023-09.NASL", "NEWSTART_CGSL_NS-SA-2021-0045_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0104_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0171_IPA.NASL", "NEWSTART_CGSL_NS-SA-2022-0037_IPA.NASL", "NNM_5_13_0.NASL", "NUTANIX_NXSA-AOS-5_18_1.NASL", "NUTANIX_NXSA-AOS-5_19.NASL", "OPENSUSE-2013-161.NASL", "OPENSUSE-2013-304.NASL", "OPENSUSE-2013-305.NASL", "OPENSUSE-2019-1839.NASL", "OPENSUSE-2020-1060.NASL", "OPENSUSE-2020-1888.NASL", "OPENSUSE-2020-395.NASL", "OPENSUSE-2021-1031.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-2293.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-2795.NASL", "ORACLELINUX_ELSA-2013-0270.NASL", "ORACLELINUX_ELSA-2020-3936.NASL", "ORACLELINUX_ELSA-2020-4670.NASL", "ORACLELINUX_ELSA-2020-4847.NASL", "ORACLELINUX_ELSA-2021-0860.NASL", "ORACLELINUX_ELSA-2021-1846.NASL", "ORACLELINUX_ELSA-2021-9400.NASL", "ORACLELINUX_ELSA-2021-9552.NASL", "ORACLELINUX_ELSA-2022-1860.NASL", "ORACLELINUX_ELSA-2022-1861.NASL", "ORACLELINUX_ELSA-2022-7343.NASL", "ORACLELINUX_ELSA-2022-9177.NASL", "ORACLELINUX_ELSA-2023-1576.NASL", "ORACLELINUX_ELSA-2023-1693.NASL", "ORACLELINUX_ELSA-2023-4535.NASL", "ORACLELINUX_ELSA-2023-5360.NASL", "ORACLELINUX_ELSA-2023-5362.NASL", "ORACLELINUX_ELSA-2023-5363.NASL", "ORACLELINUX_ELSA-2023-6429.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_BI_PUBLISHER_CPU_OCT_2023.NASL", "ORACLE_BI_PUBLISHER_JUL_2019_CPU.NASL", "ORACLE_BI_PUBLISHER_OAS_CPU_JUL_2022.NASL", "ORACLE_BI_PUBLISHER_OCT_2019_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2020_CPU.NASL", "ORACLE_BPM_CPU_OCT_2020.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_OCT_2019_CPU_UI.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_OCT_2020_CPU.NASL", "ORACLE_GOLDENGATE_CPU_OCT_2021.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_JUL_2021.NASL", "ORACLE_JDEVELOPER_CPU_OCT_2020.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_OATS_CPU_JAN_2019.NASL", "ORACLE_OATS_CPU_JAN_2020.NASL", "ORACLE_OATS_CPU_JAN_2021.NASL", "ORACLE_OBIEE_CPU_JUL_2023_OAS.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_OCT_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2022.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2019.NASL", "ORACLE_RDBMS_CPU_APR_2021.NASL", "ORACLE_RDBMS_CPU_JUL_2021.NASL", "ORACLE_RDBMS_CPU_OCT_2020.NASL", "ORACLE_RDBMS_CPU_OCT_2022.NASL", "ORACLE_WEBCENTER_SITES_APR_2020_CPU.NASL", "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2023.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2021.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2023.NASL", "PHOTONOS_PHSA-2020-3_0-0141_COMMONS.NASL", "POSTGRESQL_20230209.NASL", "PULSE_CONNECT_SECURE-SA44601.NASL", "PULSE_POLICY_SECURE-SA44601.NASL", "REDHAT-RHSA-2013-0270.NASL", "REDHAT-RHSA-2013-0680.NASL", "REDHAT-RHSA-2014-0224.NASL", "REDHAT-RHSA-2014-1162.NASL", "REDHAT-RHSA-2014-1320.NASL", "REDHAT-RHSA-2014-1321.NASL", "REDHAT-RHSA-2019-3023.NASL", "REDHAT-RHSA-2019-3024.NASL", "REDHAT-RHSA-2020-1325.NASL", "REDHAT-RHSA-2020-2217.NASL", "REDHAT-RHSA-2020-2362.NASL", "REDHAT-RHSA-2020-3369.NASL", "REDHAT-RHSA-2020-3807.NASL", "REDHAT-RHSA-2020-3936.NASL", "REDHAT-RHSA-2020-4670.NASL", "REDHAT-RHSA-2020-4847.NASL", "REDHAT-RHSA-2020-5412.NASL", "REDHAT-RHSA-2020-5581.NASL", "REDHAT-RHSA-2021-0246.NASL", "REDHAT-RHSA-2021-0247.NASL", "REDHAT-RHSA-2021-0248.NASL", "REDHAT-RHSA-2021-0860.NASL", "REDHAT-RHSA-2021-0872.NASL", "REDHAT-RHSA-2021-0873.NASL", "REDHAT-RHSA-2021-0874.NASL", "REDHAT-RHSA-2021-1846.NASL", "REDHAT-RHSA-2021-4142.NASL", "REDHAT-RHSA-2021-4702.NASL", "REDHAT-RHSA-2022-0722.NASL", "REDHAT-RHSA-2022-1860.NASL", "REDHAT-RHSA-2022-1861.NASL", "REDHAT-RHSA-2022-6393.NASL", "REDHAT-RHSA-2022-7343.NASL", "REDHAT-RHSA-2023-0552.NASL", "REDHAT-RHSA-2023-0553.NASL", "REDHAT-RHSA-2023-0554.NASL", "REDHAT-RHSA-2023-1043.NASL", "REDHAT-RHSA-2023-1044.NASL", "REDHAT-RHSA-2023-1045.NASL", "REDHAT-RHSA-2023-1576.NASL", "REDHAT-RHSA-2023-1693.NASL", "REDHAT-RHSA-2023-4535.NASL", "REDHAT-RHSA-2023-5360.NASL", "REDHAT-RHSA-2023-5361.NASL", "REDHAT-RHSA-2023-5362.NASL", "REDHAT-RHSA-2023-5363.NASL", "REDHAT-RHSA-2023-5484.NASL", "REDHAT-RHSA-2023-5485.NASL", "REDHAT-RHSA-2023-5486.NASL", "REDHAT-RHSA-2023-6429.NASL", "REDHAT-RHSA-2023-7016.NASL", "ROCKY_LINUX_RLSA-2020-4670.NASL", "ROCKY_LINUX_RLSA-2021-1846.NASL", "ROCKY_LINUX_RLSA-2021-4142.NASL", "ROCKY_LINUX_RLSA-2022-1860.NASL", "ROCKY_LINUX_RLSA-2022-1861.NASL", "ROCKY_LINUX_RLSA-2023-1576.NASL", "ROCKY_LINUX_RLSA-2023-4535.NASL", "ROCKY_LINUX_RLSA-2023-5363.NASL", "SECURITYCENTER_5_14_0_TNS_2020_02.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08_XSS.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SL_20130219_JAKARTA_COMMONS_HTTPCLIENT_ON_SL5_X.NASL", "SL_20201001_IPA_ON_SL7_X.NASL", "SL_20221103_PCS_ON_SL7_X.NASL", "SOLARWINDS_ORION_CVE-2020-14005.NASL", "SUSE_11_JAKARTA-COMMONS-HTTPCLIENT3-130328.NASL", "SUSE_SU-2020-0737-1.NASL", "SUSE_SU-2021-2293-1.NASL", "SUSE_SU-2022-3547-1.NASL", "SUSE_SU-2023-0390-1.NASL", "SUSE_SU-2023-0391-1.NASL", "SUSE_SU-2023-0392-1.NASL", "SUSE_SU-2023-0393-1.NASL", "SUSE_SU-2023-0450-1.NASL", "SUSE_SU-2023-0479-1.NASL", "SUSE_SU-2023-0569-1.NASL", "SUSE_SU-2023-0583-1.NASL", "SUSE_SU-2023-0705-1.NASL", "SUSE_SU-2023-3090-1.NASL", "UBUNTU_USN-2769-1.NASL", "UBUNTU_USN-5239-1.NASL", "UBUNTU_USN-5245-1.NASL", "UBUNTU_USN-5805-1.NASL", "UBUNTU_USN-5906-1.NASL", "WEBSPHERE_6453091.NASL", "WEBSPHERE_711867.NASL", "WEB_APPLICATION_SCANNING_112430", "WEB_APPLICATION_SCANNING_112437", "WEB_APPLICATION_SCANNING_112438", "WEB_APPLICATION_SCANNING_112485", "WEB_APPLICATION_SCANNING_113626", "WEB_APPLICATION_SCANNING_113627", "WEB_APPLICATION_SCANNING_113628", "WEB_APPLICATION_SCANNING_113629"]}, {"type": "nodejs", "idList": ["NODEJS:1518", "NODEJS:1702"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108601", "OPENVAS:1361412562310108764", "OPENVAS:1361412562310108811", "OPENVAS:1361412562310113369", "OPENVAS:1361412562310120079", "OPENVAS:1361412562310120384", "OPENVAS:1361412562310123724", "OPENVAS:1361412562310141635", "OPENVAS:1361412562310142300", "OPENVAS:1361412562310142301", "OPENVAS:1361412562310142314", "OPENVAS:1361412562310142508", "OPENVAS:1361412562310142509", "OPENVAS:1361412562310143812", "OPENVAS:1361412562310143813", "OPENVAS:1361412562310144144", "OPENVAS:1361412562310144145", "OPENVAS:1361412562310704434", "OPENVAS:1361412562310704460", "OPENVAS:1361412562310704693", "OPENVAS:1361412562310842488", "OPENVAS:1361412562310852959", "OPENVAS:1361412562310853086", "OPENVAS:1361412562310865277", "OPENVAS:1361412562310865280", "OPENVAS:1361412562310865298", "OPENVAS:1361412562310868129", "OPENVAS:1361412562310868132", "OPENVAS:1361412562310870917", "OPENVAS:1361412562310876319", "OPENVAS:1361412562310876320", "OPENVAS:1361412562310876325", "OPENVAS:1361412562310876327", "OPENVAS:1361412562310876331", "OPENVAS:1361412562310876342", "OPENVAS:1361412562310876410", "OPENVAS:1361412562310876414", "OPENVAS:1361412562310876417", "OPENVAS:1361412562310877098", "OPENVAS:1361412562310877925", "OPENVAS:1361412562310877975", "OPENVAS:1361412562310881604", "OPENVAS:1361412562310891777", "OPENVAS:1361412562310891797", "OPENVAS:1361412562310892118", "OPENVAS:865277", "OPENVAS:865280", "OPENVAS:865298", "OPENVAS:870917", "OPENVAS:881604"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJAN2023", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUJUL2023", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022", "ORACLE:CPUOCT2023"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0270", "ELSA-2020-3936", "ELSA-2020-4670", "ELSA-2020-4847", "ELSA-2021-0860", "ELSA-2021-1846", "ELSA-2021-9400", "ELSA-2021-9552", "ELSA-2022-1860", "ELSA-2022-1861", "ELSA-2022-7343", "ELSA-2022-9177", "ELSA-2023-1576", "ELSA-2023-1693", "ELSA-2023-4535"]}, {"type": "osv", "idList": ["OSV:CVE-2015-9251", "OSV:CVE-2022-41862", "OSV:DLA-1797-1", "OSV:DLA-2118-1", "OSV:DLA-222-1", "OSV:DLA-2405-1", "OSV:DLA-2696-1", "OSV:DLA-2712-1", "OSV:DLA-3316-1", "OSV:DSA-4434-1", "OSV:DSA-4460-1", "OSV:DSA-4772-1", "OSV:DSA-4789-1", "OSV:GHSA-2363-CQG2-863C", "OSV:GHSA-2F88-5HG8-9X2X", "OSV:GHSA-2X83-R56G-CV47", "OSV:GHSA-3832-9276-X7GF", "OSV:GHSA-4GW3-8F77-F72C", "OSV:GHSA-4WRC-F8PQ-FPQP", "OSV:GHSA-53JX-VVF9-4X38", "OSV:GHSA-55G7-9CWV-5QFV", "OSV:GHSA-5MG8-W23W-74H3", "OSV:GHSA-6628-Q6J9-W8VG", "OSV:GHSA-6C3J-C64M-QHGQ", "OSV:GHSA-6G33-82GC-3PW5", "OSV:GHSA-7R82-7XV7-XCPJ", "OSV:GHSA-9HXF-PPJV-W6RQ", "OSV:GHSA-C2QF-RXJJ-QQGW", "OSV:GHSA-CFGP-2977-2FMM", "OSV:GHSA-CQCC-MM6X-VMVW", "OSV:GHSA-F7XJ-RG7H-MC87", "OSV:GHSA-FJPJ-2G6W-X25R", "OSV:GHSA-GXR4-XJJ5-5PX2", "OSV:GHSA-HWVM-VFW8-93MW", "OSV:GHSA-J8XG-FQG3-53R7", "OSV:GHSA-JPCQ-CGW6-V4J6", "OSV:GHSA-PQR6-CMR2-H8HF", "OSV:GHSA-QCWQ-55HX-V3VH", "OSV:GHSA-RMXG-73GG-4P98", "OSV:GHSA-V73W-R9XG-7CR9", "OSV:GHSA-WX54-3278-M5G4"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:162159", "PACKETSTORM:162160"]}, {"type": "photon", "idList": ["PHSA-2020-0141", "PHSA-2020-3.0-0141", "PHSA-2023-3.0-0531", "PHSA-2023-4.0-0336", "PHSA-2023-5.0-0068"]}, {"type": "prion", "idList": ["PRION:CVE-2012-5783", "PRION:CVE-2012-6153", "PRION:CVE-2015-9251", "PRION:CVE-2016-1000027", "PRION:CVE-2017-12621", "PRION:CVE-2019-11358", "PRION:CVE-2020-11022", "PRION:CVE-2020-11023", "PRION:CVE-2020-13956", "PRION:CVE-2020-7760", "PRION:CVE-2020-8908", "PRION:CVE-2021-26291", "PRION:CVE-2021-33813", "PRION:CVE-2022-22976", "PRION:CVE-2022-25883", "PRION:CVE-2022-41862", "PRION:CVE-2023-1428", "PRION:CVE-2023-24815", "PRION:CVE-2023-26115", "PRION:CVE-2023-32731", "PRION:CVE-2023-32732", "PRION:CVE-2023-34453", "PRION:CVE-2023-34454", "PRION:CVE-2023-34455", "PRION:CVE-2023-47174"]}, {"type": "redhat", "idList": ["RHSA-2013:0270", "RHSA-2013:0679", "RHSA-2013:0680", "RHSA-2013:0682", "RHSA-2013:1006", "RHSA-2013:1853", "RHSA-2014:0224", "RHSA-2014:1162", "RHSA-2014:1320", "RHSA-2014:1321", "RHSA-2014:1904", "RHSA-2015:0234", "RHSA-2015:0235", "RHSA-2015:0675", "RHSA-2015:0720", "RHSA-2015:0765", "RHSA-2015:0850", "RHSA-2015:0851", "RHSA-2017:0868", "RHSA-2019:1456", "RHSA-2019:2587", "RHSA-2019:3023", "RHSA-2019:3024", "RHSA-2020:0481", "RHSA-2020:0729", "RHSA-2020:0983", "RHSA-2020:1325", "RHSA-2020:2217", "RHSA-2020:2362", "RHSA-2020:2412", "RHSA-2020:2813", "RHSA-2020:3247", "RHSA-2020:3369", "RHSA-2020:3807", "RHSA-2020:3936", "RHSA-2020:4211", "RHSA-2020:4298", "RHSA-2020:4670", "RHSA-2020:4847", "RHSA-2020:5249", "RHSA-2020:5412", "RHSA-2020:5581", "RHSA-2021:0084", "RHSA-2021:0246", "RHSA-2021:0247", "RHSA-2021:0248", "RHSA-2021:0250", "RHSA-2021:0327", "RHSA-2021:0417", "RHSA-2021:0603", "RHSA-2021:0778", "RHSA-2021:0811", "RHSA-2021:0860", "RHSA-2021:0872", "RHSA-2021:0873", "RHSA-2021:0874", "RHSA-2021:0885", "RHSA-2021:0974", "RHSA-2021:1044", "RHSA-2021:1846", "RHSA-2021:2210", "RHSA-2021:3140", "RHSA-2021:3700", "RHSA-2021:3880", "RHSA-2021:4100", "RHSA-2021:4142", "RHSA-2021:4702", "RHSA-2022:0722", "RHSA-2022:1013", "RHSA-2022:1029", "RHSA-2022:1108", "RHSA-2022:1110", "RHSA-2022:1860", "RHSA-2022:1861", "RHSA-2022:5532", "RHSA-2022:6393", "RHSA-2022:7343", "RHSA-2023:0552", "RHSA-2023:0553", "RHSA-2023:0554", "RHSA-2023:0556", "RHSA-2023:1043", "RHSA-2023:1044", "RHSA-2023:1045", "RHSA-2023:1047", "RHSA-2023:1049", "RHSA-2023:1334", "RHSA-2023:1576", "RHSA-2023:1693", "RHSA-2023:3198", "RHSA-2023:3663", "RHSA-2023:3740", "RHSA-2023:3954", "RHSA-2023:3998", "RHSA-2023:4341", "RHSA-2023:4535", "RHSA-2023:5006", "RHSA-2023:5147", "RHSA-2023:5148", "RHSA-2023:5165", "RHSA-2023:5360", "RHSA-2023:5361", "RHSA-2023:5362", "RHSA-2023:5363", "RHSA-2023:5376", "RHSA-2023:5379", "RHSA-2023:5447", "RHSA-2023:5484", "RHSA-2023:5485", "RHSA-2023:5486", "RHSA-2023:5488", "RHSA-2023:6429", "RHSA-2023:7016", "RHSA-2023:7222", "RHSA-2023:7545", "RHSA-2023:7580", "RHSA-2023:7653", "RHSA-2023:7666", "RHSA-2023:7667", "RHSA-2023:7669", "RHSA-2023:7694", "RHSA-2023:7695", "RHSA-2023:7700", "RHSA-2023:7705"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1000027", "RH:CVE-2017-12621", "RH:CVE-2019-11358", "RH:CVE-2020-11022", "RH:CVE-2020-11023", "RH:CVE-2020-13956", "RH:CVE-2020-7760", "RH:CVE-2020-8908", "RH:CVE-2021-26291", "RH:CVE-2021-33813", "RH:CVE-2022-22976", "RH:CVE-2022-25883", "RH:CVE-2022-41862", "RH:CVE-2023-1428", "RH:CVE-2023-24815", "RH:CVE-2023-26115", "RH:CVE-2023-32731", "RH:CVE-2023-32732", "RH:CVE-2023-34453", "RH:CVE-2023-34454", "RH:CVE-2023-34455"]}, {"type": "rocky", "idList": ["RLSA-2020:4670", "RLSA-2020:4847", "RLSA-2021:1846", "RLSA-2021:4142", "RLSA-2022:1860", "RLSA-2022:1861", "RLSA-2023:1576", "RLSA-2023:4535", "RLSA-2023:5363"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32573"]}, {"type": "spring", "idList": ["SPRING:0A400737352FF4B32CD8407A2515D57D", "SPRING:D910A9047EA53BB42480F75D9C5916E5"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1839-1", "OPENSUSE-SU-2019:1872-1", "OPENSUSE-SU-2020:0395-1", "OPENSUSE-SU-2020:1060-1", "OPENSUSE-SU-2020:1106-1", "OPENSUSE-SU-2020:1888-1", "OPENSUSE-SU-2021:1031-1", "OPENSUSE-SU-2021:2293-1"]}, {"type": "symantec", "idList": ["SMNTC-108023"]}, {"type": "thn", "idList": ["THN:EF08CCF54E69481550D84949A563BAD5"]}, {"type": "typo3", "idList": ["TYPO3-EXT-SA-2020-015", "TYPO3-PSA-2019-004"]}, {"type": "ubuntu", "idList": ["USN-2769-1", "USN-5239-1", "USN-5245-1", "USN-5805-1", "USN-5906-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-5783", "UB:CVE-2012-6153", "UB:CVE-2015-9251", "UB:CVE-2016-1000027", "UB:CVE-2017-12621", "UB:CVE-2019-11358", "UB:CVE-2020-11022", "UB:CVE-2020-11023", "UB:CVE-2020-13956", "UB:CVE-2020-23064", "UB:CVE-2020-7760", "UB:CVE-2020-8908", "UB:CVE-2021-26291", "UB:CVE-2021-33813", "UB:CVE-2022-22976", "UB:CVE-2022-25883", "UB:CVE-2022-41862", "UB:CVE-2023-1428", "UB:CVE-2023-32731", "UB:CVE-2023-32732", "UB:CVE-2023-34453", "UB:CVE-2023-34454", "UB:CVE-2023-34455"]}, {"type": "veracode", "idList": ["VERACODE:11070", "VERACODE:11290", "VERACODE:13659", "VERACODE:22252", "VERACODE:25140", "VERACODE:25141", "VERACODE:27558", "VERACODE:27672", "VERACODE:27726", "VERACODE:30170", "VERACODE:31015", "VERACODE:31283", "VERACODE:35618", "VERACODE:39220", "VERACODE:39243", "VERACODE:40946", "VERACODE:40947", "VERACODE:40948", "VERACODE:41071", "VERACODE:41080", "VERACODE:41140", "VERACODE:41252", "VERACODE:41259", "VERACODE:5182"]}, {"type": "wolfi", "idList": ["WOLFI:CVE-2020-8908", "WOLFI:CVE-2022-41862", "WOLFI:CVE-2023-1428", "WOLFI:CVE-2023-32731", "WOLFI:CVE-2023-32732"]}, {"type": "zdt", "idList": ["1337DAY-ID-36102", "1337DAY-ID-36103"]}]}, "score": {"value": 9.2, "vector": "NONE"}, "vulnersScore": 9.2}, "_state": {"dependencies": 1701972354, "score": 1701972432}, "_internal": {"score_hash": "2f6fb023a7532a8d889065bdb3ba4e8e"}, "affectedSoftware": [{"version": "18.0.0", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "18.0.1", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "18.0.2", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "19.0.1", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "19.0.2", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "19.0.3", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "20.0.1", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "20.0.2", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "20.0.3", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "21.0.1", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "21.0.2", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "21.0.3", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "22.0.1", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "22.0.2", "operator": "eq", "name": "ibm cloud pak for automation"}, {"version": "18.0.0", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "18.0.1", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "18.0.2", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "19.0.1", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "19.0.2", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "19.0.3", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "20.0.1", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "20.0.2", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "20.0.3", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "21.0.1", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "21.0.2", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "21.0.3", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "22.0.1", "operator": "eq", "name": "ibm cloud pak for business automation"}, {"version": "22.0.2", "operator": "eq", "name": "ibm cloud pak for business automation"}]}
{"ibm": [{"lastseen": "2023-11-11T21:46:33", "description": "## Summary\n\nIBM Maximo Asset Management is affected by multiple vulnerabilities (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453) in snappy-java.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions of the IBM Maximo Asset Management core product. The recommended action is to update to the latest version.\n\n**Product versions affected:**\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Maximo Asset Management| 7.6.1.2 \nIBM Maximo Asset Management| 7.6.1.3 \n \n* To determine the core product version, log in and view System Information. The core product version is the \"Tivoli's process automation engine\" version. Please consult the [Platform Matrix](<https://www.ibm.com/support/pages/node/1288432> \"Platform Matrix\" ) for a list of supported product combinations.\n\n## Remediation/Fixes\n\nThe recommended solution is to download the appropriate Interim Fix or Fix Pack from Fix Central and apply for each affected product as soon as possible. Please see below for information on the fixes available for each product, version, and release. Follow the installation instructions in the \u2018readme\u2019 documentation provided with each fix pack or interim fix.\n\n**For Maximo Asset Management 7.6:**\n\nVRM| Fix Pack, Feature Pack, or Interim Fix| Download \n---|---|--- \n7.6.1.2| Maximo Asset Management 7.6.1.2 iFix: \n[7.6.1.2-TIV-MBS-IFI036](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.2&platform=All&function=fixId&fixids=7.6.1.2-TIV-MBS-IF036&includeSupersedes=0&source=fc> \"7.6.1.2-TIV-MBS-IFI036\" ) or latest Interim Fix available| [FixCentral](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.2&platform=All&function=all> \"FixCentral\" ) \n7.6.1.3| \n\nMaximo Asset Management 7.6.1.3 iFix:\n\n[7.6.1.3-TIV-MBS-IF011](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.3&platform=All&function=fixId&fixids=7.6.1.3-TIV-MBS-IF011&includeSupersedes=0&source=fc> \"7.6.1.3-TIV-MBS-IF011\" ) or latest Interim Fix available\n\n| \n\n[FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.3&platform=All&function=all> \"FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-10-26T18:07:04", "type": "ibm", "title": "Security Bulletin: IBM Maximo Asset Management is affected by multiple vulnerabilities (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453) in snappy-java.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-10-26T18:07:04", "id": "92046D7E22F9D85F792C6047C0784EE0809D6F8B566DA133FBC9695D2E75FDF1", "href": "https://www.ibm.com/support/pages/node/7059916", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:49:46", "description": "## Summary\n\nKafka nodes in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454). The resolving fix includes Kafka 3.5.1 which includes snappy-java 1.1.10.1\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM App Connect Enterprise| 12.0.1.0 - 12.0.9.0 \nIBM App Connect Enterprise| 11.0.0.1 - 11.0.0.22 \nIBM Integration Bus| 10.1 - 10.1.0.1 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability/vulnerabilities now by applying the appropriate fix to IBM App Connect Enterprise and IBM Integration Bus**\n\nAffected Product(s)| Version(s)| APAR| Remediation / Fixes \n---|---|---|--- \nIBM App Connect Enterprise| 12.0.1.0 - 12.0.9.0| IT44010| \n\nInterim Fix for APAR (IT44010) is available to apply to 12.0.9.0 from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.9.0&platform=All&function=aparId&apars=IT44010>) \n \nIBM App Connect Enterprise| 11.0.0.1 - 11.0.0.22| IT44010| \n\nInterim Fix for APAR (IT44010) is available to apply to 11.0.0.22 from \n \n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=11.0.0.22&platform=All&function=aparId&apars=IT44010>) \n \nIBM Integration Bus| 10.1 - 10.1.0.1| IT44010 | \n\nInterim fix for APAR (IT44010) is available to apply to 10.1.0.1 from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=10.1.0.1&platform=All&function=aparId&apars=IT44010>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-08-14T08:42:10", "type": "ibm", "title": "Security Bulletin: Kafka nodes in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-08-14T08:42:10", "id": "363194759880A2629F1827F95B7711802399CF82ACF347AE6D563F797174F9E5", "href": "https://www.ibm.com/support/pages/node/7026403", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-29T05:46:41", "description": "## Summary\n\nMultiple vulnerabilities in snappy-java used by IBM InfoSphere Information Server were addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n## Remediation/Fixes\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud| 11.7| [DT224479](<https://www.ibm.com/mysupport/aCI3p000000bpir> \"DT224479\" ) \n[DT224482](<https://www.ibm.com/mysupport/aCI3p000000bpiw> \"DT224482\" ) \n[DT224723](<https://www.ibm.com/mysupport/aCI3p000000Czu4> \"DT224723\" )| \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply InfoSphere Information Server version [11.7.1.4](<https://www.ibm.com/support/pages/node/6620275> \"\" ) \n\\--Apply InfoSphere Information Server [11.7.1.4 Service pack 1](<https://www.ibm.com/support/pages/node/6989459> \"\" ) \n\\--Apply Information Server [Microservices tier security patch](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=is11714sp1rollup1_v1_microservices&function=fixId&parent=ibm/Information%20Management> \"Microservices tier security patch\" ) \n\\--Apply Information Server [Kafka Connector patch](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=DT224479_cckafka&function=fixId&parent=ibm/Information%20Management> \"Kafka Connector patch\" ) \n\\--Apply Information Server [Cassandra Connector patch](<https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=DT224482_cccassandra> \"Cassandra Connector patch\" ) \n \n\\--For Information Server Enterprise Search, apply [11.7.1.4 Service pack 2](<https://www.ibm.com/support/pages/node/7065758> \"11.7.1.4 Service pack 2\" ) instead of Service pack 1 and the above three patches. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-11-28T22:41:45", "type": "ibm", "title": "Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in snappy-java", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-11-28T22:41:45", "id": "5AE66A815C09DD47F62D38868FF362CC931317EC0E3C4E8C405300DB0C2B5872", "href": "https://www.ibm.com/support/pages/node/7011483", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:49:32", "description": "## Summary\n\nIBM Event Streams is affected by snappy-java vulnerabilities (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Event Streams| \n\n| 10.0.0 to 11.2.2 \n--- \n \n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading\n\nUpgrade to IBM Event Streams 11.2.3 by following the [upgrading and migrating](<https://ibm.github.io/event-automation/es/installing/upgrading/>) documentation.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-08-29T09:37:52", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is vulnerable to denial of service attacks due to snappy-java (CVE-2023-34453, CVE-2023-34455, CVE-2023-34454)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-08-29T09:37:52", "id": "03E329DD2D954DF1EF032D20D937B9B5CA0EC21247578FB24792D8362E49E7F3", "href": "https://www.ibm.com/support/pages/node/7029640", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:50:11", "description": "## Summary\n\nJava component snappy-java is used by Kafka in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Java component snappy-java. [CVE-2023-34453], [CVE-2023-34454], [CVE-2023-34455]\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \nApp Connect Enterprise Certified Container| 5.0-lts \nApp Connect Enterprise Certified Container| 5.1 \nApp Connect Enterprise Certified Container| 5.2 \nApp Connect Enterprise Certified Container| 6.0 \nApp Connect Enterprise Certified Container| 6.1 \nApp Connect Enterprise Certified Container| 6.2 \nApp Connect Enterprise Certified Container| 7.0 \nApp Connect Enterprise Certified Container| 7.1 \nApp Connect Enterprise Certified Container| 7.2 \nApp Connect Enterprise Certified Container| 8.0 \nApp Connect Enterprise Certified Container| 8.1 \nApp Connect Enterprise Certified Container| 8.2 \nApp Connect Enterprise Certified Container| 9.0 \n \n## Remediation/Fixes\n\nIBM strongly suggests the following: \n**App Connect Enterprise Certified Container 4.1.x to 9.0.x (Continuous Delivery)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 9.1.0 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.9.0-r1 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n \n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.9 or higher, and ensure that all DesignerAuthoring and IntegrationServer components are at 12.0.9.0-r1-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect-contlts?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-07-27T16:03:18", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to denial of service due to [CVE-2023-34453], [CVE-2023-34454], [CVE-2023-34455]", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-07-27T16:03:18", "id": "8AB60941C13A8D0C0BA386286200DA8E303A224997B3F7971CD5F03D04936D00", "href": "https://www.ibm.com/support/pages/node/7015009", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:49:17", "description": "## Summary\n\nIBM Business Automation Workflow is vulnerable to a Denial of Serivce attack.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) | Status \n---|---|--- \nIBM Business Automation Workflow containers | \n\nV23.0.1 - V23.0.1-IF001 \nV22.0.2 all fixes \nV22.0.1 all fixes \nV21.0.3 - V21.0.3-IF023 \nV21.0.2 all fixes \nV20.0.0.2 all fixes \nV20.0.0.1 all fixes\n\n| affected \nIBM Business Automation Workflow traditional | V23.0.1 \nV22.0.1 - V22.0.2 \nV21.0.1 - V21.0.3.1 \nV20.0.0.1 - V20.0.0.2 \nV19.0.0.1 - V19.0.0.3 | affected \nIBM Business Automation Workflow Enterprise Service Bus | V23.0.1 \nV22.0.2 | affected \n \nFor earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [DT224071](<https://www.ibm.com/mysupport/aCI3p000000XmBvGAK> \"DT224071\" ) as soon as practical.\n\nAffected Product(s) | Version(s) | Remediation / Fix \n---|---|--- \nIBM Business Automation Workflow containers | V23.0.1 | Apply [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) \nIBM Business Automation Workflow containers | V21.0.3 | Apply [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow containers | V22.0.1 - V22.0.2 \nV21.0.1 - V21.0.2 \nV20.0.0.1 - V20.0.0.2 | Upgrade to [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus | V23.0.1 | Apply [DT224071](<https://www.ibm.com/mysupport/aCI3p000000XmBvGAK> \"DT224071\" ) \nIBM Business Automation Workflow traditional | V21.0.3.1 | Apply [DT224071](<https://www.ibm.com/mysupport/aCI3p000000XmBvGAK> \"DT224071\" ) \nIBM Business Automation Workflow traditional | V22.0.2 \nV22.0.1 \nV21.0.2 \nV21.0.1 \nV20.0.0.2 \nV20.0.0.1 \nV19.0.0.3 | Upgrade to a long term support release or the latest SSCD version. See [IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum](<https://www.ibm.com/support/pages/ibm-business-automation-workflow-and-ibm-integration-designer-software-support-lifecycle-addendum> \"IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-01T19:58:38", "type": "ibm", "title": "Security Bulletin: Multiple denial of Service vulnerabilities in snappy-java may affect IBM Business Automation Workflow (CVE-2023-34453, CVE-2023-34454, CVE-2023-34455)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-09-01T19:58:38", "id": "4501BE88AFC4704F050A929A4C62F41052B90E877F82DAAB169427507253D6F6", "href": "https://www.ibm.com/support/pages/node/7030360", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:46:26", "description": "## Summary\n\nThere is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Maximo Application Suite - Manage Component| \n\nMAS 8.10.0 - Manage 8.6.0 \n \n## Remediation/Fixes\n\n**For IBM Maximo Manage application in IBM Maximo Application Suite:**\n\n**MAS**| **Manage Patch Fix or Release** \n---|--- \n[Upgrade to MAS 8.10.4](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>)| \n\nUpgrade to Manage 8.6.4 or latest (available from the Catalog under Update Available) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-10-27T14:32:24", "type": "ibm", "title": "Security Bulletin: There is a vulnerability in snappy-java used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34455, CVE-2023-34454, CVE-2023-34453)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-10-27T14:32:24", "id": "E7E04B70726DC92117EFD1600854DA68BEC091FCE0F6B926CC5950ECF1629C1B", "href": "https://www.ibm.com/support/pages/node/7051260", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:50:22", "description": "## Summary\n\nIBM Maximo Application Suite - Monitor Component uses snappy-java which is vulnerable to security CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Maximo Application Suite - Monitor Component| 8.9 \nIBM Maximo Application Suite - Monitor Component| 8.10 \n \n## Remediation/Fixes\n\nAffected Product(s)| Fixpack Version(s) \n---|--- \nIBM Maximo Application Suite - Monitor Component| 8.9.6 or [latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \nIBM Maximo Application Suite - Monitor Component| 8.10.4 or [latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-07-24T21:00:23", "type": "ibm", "title": "Security Bulletin: Snappy-java is vulnerable to security CVEs used in IBM Maximo Application Suite - Monitor Component", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-07-24T21:00:23", "id": "18DDA265CB7B4E214C6EFCB156D33E6D34EBCFD2E6011EAE63D45B5143814F6B", "href": "https://www.ibm.com/support/pages/node/7014375", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-11T21:48:52", "description": "## Summary\n\nIBM Spectrum Copy Data Management can be affected by vulnerabilities in snappy-java. Vulnerabilities including a remote attacker could exploit these vulnerabilities to cause a denial of service condition, as described by the CVEs in the \"Vulnerability Details\" section.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Spectrum Copy Data Management| 2.2.0.0 - 2.2.20.1 \n \n## Remediation/Fixes\n\n**Affected Versions**| **Fixing \n****Level**| **Platform**| **Link to Fix and Instructions \n** \n---|---|---|--- \n2.2.0.0 - 2.2.20.1| 2.2.21.0| Linux| ** **<https://www.ibm.com/support/pages/node/7015817> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-15T13:28:04", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in snappy-java might affect IBM Spectrum Copy Data Management", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-09-15T13:28:04", "id": "BC8C71EB9C8A2815359425C885010973357943CA7BEDA11D7B4BF9826BCB3CBC", "href": "https://www.ibm.com/support/pages/node/7029381", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T18:11:41", "description": "## Summary\n\nThere are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM MobileFirst Foundation| 8.0.0.0 \n \n\n\n## Remediation/Fixes\n\n**Product(s)**| **Version Number(s) and/or range**| **Remediation/Fix/Instructions** \n---|---|--- \nIBM MobileFirst Platform Foundation| 8.0.0.0| iFix build 8.0.0.0-MFPF-IF202304111626 build includes fixes to resolve vulnerable third party libraries(PH53904). \n\nPlease download from [Fix Central](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%2FOther%20software&product=ibm/Other+software/IBM+MobileFirst+Platform+Foundation&release=All&platform=All&function=fixId&fixids=8.0.0.0-MFPF-IF202304111626&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=dbluesearch&mhsrc=ibmsearch_a&mhq=IF202304111626&login=true>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-04-19T17:26:48", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities found in third party libraries used by IBM\u00ae MobileFirst Platform", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-04-19T17:26:48", "id": "C247CDADCEBD86F6926A5A03AD862F20EC878D5E1054BCF2C6B70778E3741BB7", "href": "https://www.ibm.com/support/pages/node/6984763", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:29:18", "description": "## Summary\n\nMultiple vulnerabilities (CVE-2015-9251; CVE-2019-11358; CVE-2020-11022; CVE-2020-11023) found in jQuery that is present in IBM Tivoli Network Manager (ITNM) IP Edition. jQuery versions before 3.0.0 are vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. The fix contains the remediation of this component in ITNM.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nITNM| 4.2 GA through to 4.2.0.15 \n \n\n\n## Remediation/Fixes\n\nThe issue has been Fixed in ITNM 4.2 Fix Pack 16 (i.e. 4.2.0.16). Upgrade ITNM 4.2 to Fix Pack 16 from Fix Central. \n\n[4.2.0-TIV-ITNMIP-Linux-FP0016](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-Linux-FP0016&source=SAR&function=fixId&parent=ibm/Tivoli> \"4.2.0-TIV-ITNMIP-Linux-FP0016\" )\n\n[4.2.0-TIV-ITNMIP-zLinux-FP0016](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-zLinux-FP0016&source=SAR&function=fixId&parent=ibm/Tivoli> \"4.2.0-TIV-ITNMIP-Linux-FP0016\" )\n\n[4.2.0-TIV-ITNMIP-AIX-FP0016](<https://www.ibm.com/support/fixcentral/swg/selectFix?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-AIX-FP0016&source=SAR&function=fixId&parent=ibm/Tivoli> \"4.2.0-TIV-ITNMIP-Linux-FP0016\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-01-05T15:14:50", "type": "ibm", "title": "Security Bulletin: jQuery included in ITNM is vulnerable to Cross-site Scripting (XSS) attacks (multiple vulnerabilities)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-01-05T15:14:50", "id": "DAFB6976639A3A0CD92E6E7C328A7D79DE7ABB5427325AE9867BF17CA6FD2D68", "href": "https://www.ibm.com/support/pages/node/6852773", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-11T21:50:09", "description": "## Summary\n\nIBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of gRPC.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-32732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) \n** DESCRIPTION: **gRPC is vulnerable to a denial of service, caused by a base64 encoding error for \"-bin\" suffixed headers. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a termination of connection between a HTTP2 proxy and a gRPC server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n** DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2023-1428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) \n** DESCRIPTION: **gRPC is vulnerable to a denial of service. By sending a specially crafted header, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Discovery| 4.0.0-4.7.0 \n \n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 4.7.1\n\n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-07-27T22:11:35", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in gRPC", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-1428", "CVE-2023-32731", "CVE-2023-32732"], "modified": "2023-07-27T22:11:35", "id": "8273F0B6AE1E66EB147DE5F94E39AFAA7F1C554FFD3854272CF9EE32A631FAE8", "href": "https://www.ibm.com/support/pages/node/7012007", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T18:25:03", "description": "## Summary\n\nThere are multiple vulnerabilities in JQuery that could allow an attacker to launch cross-site scripting. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Products/Versions guidance:**\n\n**Affected Product(s)**| **Version(s) \n** \n---|--- \nIBM Process Mining| 1.12.0.3 \n| \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| 1.12.0.3| \n\n**Upgrade to version 1.12.0.4** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"PassPortAdvantage\" ) \n \n2\\. Search for \n**M05JKML** Process Mining 1.12.0.4 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M05JJML** Process Mining 1.12.0.4 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\n**Workarounds/Mitigation guidance**:\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-01T21:57:35", "type": "ibm", "title": "Security Bulletin: Vulnerability in jQuery affects IBM Process Mining (Multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-02-01T21:57:35", "id": "6BC9040B51F3B0282E132873A0D807E58D8450D20237A38329B62B37AB7F1BD6", "href": "https://www.ibm.com/support/pages/node/6574037", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-07T22:07:05", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8908](<https://vulners.com/cve/CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11987](<https://vulners.com/cve/CVE-2020-11987>) \n** DESCRIPTION: **Apache XML Graphics Batik is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to conduct SSRF attack to cause the underlying server to make arbitrary GET requests. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197372](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197372>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-13954](<https://vulners.com/cve/CVE-2020-13954>) \n** DESCRIPTION: **Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using the styleSheetPath in a specially-crafted URL to execute script in a victim&#39;s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim&#39;s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim&#39;s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim&#39;s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim&#39;s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-28657](<https://vulners.com/cve/CVE-2021-28657>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an infinite loop flaw in the MP3 parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199112](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199112>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8\n\nIBM QRadar SIEM 7.4.0 to 7.4.3 GA\n\n \n\n\n \n\n\n## Remediation/Fixes\n\n[QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 9](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20210716155826&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp&source=SAR> \"QRadar / QRM / QVM / QRIF / QNI 7.3.3 Patch 9\" )\n\n[QRadar / QRM / QVM / QRIF / QNI 7.4.3 Patch 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.4.0&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20210708143944&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp> \"QRadar / QRM / QVM / QRIF / QNI 7.4.3 Patch 1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2021-07-23T13:09:43", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11987", "CVE-2020-13954", "CVE-2020-13956", "CVE-2020-8908", "CVE-2021-28657"], "modified": "2021-07-23T13:09:43", "id": "7673ECA7C26C82F326589C66582D68F7F87357B4FB250AD73DE7E7F5EC924344", "href": "https://www.ibm.com/support/pages/node/6474843", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:35:30", "description": "## Summary\n\nA vulnerable version of JQuery was used by API Connect. The fix includes updated JQuery which addresses CVE-2012-6708, CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, and CVE-2020-11023.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nAPI Connect| V10.0.0.0 - V10.0.5.0 \nAPI Connect| V10.0.1.0 - V10.0.1.7 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading.**\n\n**Affected Product**| **Addressed in VRMF**| **Remediation / Fix** \n---|---|--- \nIBM API Connect V10.0.0.0 - V10.0.5.0| V10.0.5.1| \n\nAddressed in IBM API Connect V10.0.5.1\n\nThe UI component is impacted.\n\nFollow this link and find the appropriate package.\n\n<https://www.ibm.com/support/pages/node/6607906> \n \nIBM API Connect V10.0.1.0 - V10.0.1.7 \n| V10.0.1.8| \n\nAddressed in IBM API Connect V10.0.1.8\n\nThe UI component is impacted.\n\nFollow this link and find the appropriate package.\n\n<https://www.ibm.com/support/pages/node/6607673> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-21T22:10:10", "type": "ibm", "title": "Security Bulletin: API Connect is vulnerable to JQuery Cross-Site Scripting (XSS) and other vulnerabilities (CVE-2012-6708, CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-10-21T22:10:10", "id": "FD89F92B8829CE7392B47C0ED84C6AFC3595DB7DDA24639A8AB325F2C83DE0D3", "href": "https://www.ibm.com/support/pages/node/6831351", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:46:17", "description": "## Summary\n\nVulnerablities in jquery affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data. These are addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-11358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2012-6708](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.3.7, 2.3.8, 2.3.9 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.4.0 \nWatson Machine Learning Accelerator on Cloud Pak for Data| 2.5.0 \n \n## Remediation/Fixes\n\nTo address the vulnerability:\n\nUpgrade Watson Machine Learning Accelerator on Cloud Pak for Data to the version 2.6.0 by following the end user document <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=u-upgrading-from-version-40-4>\n\nIt is strongly suggested to upgrade to the latest version of Watson Machine Learning Accelerator on Cloud Pak for Data for more security fixes.\n\nUpgrade Watson Machine Learning Accelerator on Cloud Pak for Data to the latest version by following the end user document <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=upgrading>. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-12-06T16:31:43", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in JQuery Java Script Library Affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-12-06T16:31:43", "id": "573A263702E2421AD12EE5454F7BA3408D7BF4D97944BB1DE6425810F67730C5", "href": "https://www.ibm.com/support/pages/node/7091272", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:49:03", "description": "## Summary\n\nMultiple cross-site scripting vulnerabilities in JQuery used by IBM InfoSphere Information Server were addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n## Remediation/Fixes\n\n## \n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud| 11.7| [DT134319](<https://www.ibm.com/mysupport/aCI3p000000PW4K> \"DT134319\" )| \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply IBM InfoSphere Information Server version [11.7.1.3](<https://www.ibm.com/support/pages/node/6498109> \"11.7.1.3\" ) \n\\--Apply Information Server [11.7.1.3 Service pack 4](<https://www.ibm.com/support/pages/node/6568469> \"11.7.1.3 Service pack 4\" ) \n\\--Apply DataStage Flow Design [Security patch](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FIBM+InfoSphere+Information+Server&fixids=is11713_Security_JR64903_DFD> \"Security patch\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-07-19T03:29:58", "type": "ibm", "title": "Security Bulletin: Multiple cross-site scripting vulnerabilities in JQuery affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-07-19T03:29:58", "id": "B609D685D630C87BB458CB89A66B87A64831A7617912F7856869B7F1B264C40C", "href": "https://www.ibm.com/support/pages/node/6603057", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:54:01", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) \n** DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) \n** DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM QRadar Pulse App| 1.0.0 - 2.2.10 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly.\n\n[Update to 2.2.11](<https://exchange.xforce.ibmcloud.com/hub/extension/f4a537a424977e155105d8aa9f5283c3>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-14T17:01:51", "type": "ibm", "title": "Security Bulletin: QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-25883", "CVE-2023-26115"], "modified": "2023-09-14T17:01:51", "id": "9761259BA69756C38441FA26E76B73F6B5EB43301C8C58943F0B0ABB8BAFB613", "href": "https://www.ibm.com/support/pages/node/7032220", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T18:44:34", "description": "## Summary\n\nIBM TRIRIGA Application Platform discloses CVE-2020-13956\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM TRIRIGA| All \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| \n\n**Remediation/First Fix** \n \n---|---|--- \nIBM TRIRIGA Application Platform| 3.6.1.3| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.6.1.3&language=en_US> \"FixCentral\" ). \nIBM TRIRIGA Application Platform| 3.7.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.7.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 3.8.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.8.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.0.2| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.0.2&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.1.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.1.1&language=en_US> \"FixCental\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-30T16:54:09", "type": "ibm", "title": "Security Bulletin: IBM TRIRIGA Application Platform discloses CVE-2020-13956", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2020-13956"], "modified": "2022-08-30T16:54:09", "id": "AAFF9E87667B35D62A52D77B8E5C3A000AE2419974F7C14545C23704BDDC171B", "href": "https://www.ibm.com/support/pages/node/6616303", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:44:26", "description": "## Summary\n\nIBM TRIRIGA Application Platform discloses CVE-2020-13956\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM TRIRIGA| All \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| \n\n**Remediation/First Fix** \n \n---|---|--- \nIBM TRIRIGA Application Platform| 3.6.1.3| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.6.1.3&language=en_US> \"FixCentral\" ). \nIBM TRIRIGA Application Platform| 3.7.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.7.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 3.8.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.8.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.0.2| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.0.2&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.1.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.1.1&language=en_US> \"FixCental\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-30T16:54:42", "type": "ibm", "title": "Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-13956", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2020-13956"], "modified": "2022-08-30T16:54:42", "id": "A380C4CD3FFEF0D1AD28C9019320AF0085267A1FC55FD33D40E61A6A71DFDFF1", "href": "https://www.ibm.com/support/pages/node/6616305", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:18:28", "description": "## Summary\n\nMultiple vulnerabilities in Dojo toolkit and jQuery version shipped with IBM WebSphere eXtreme Scale Liberty Deployment \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-7656](<https://vulners.com/cve/CVE-2020-7656>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182264](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182264>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-15494](<https://vulners.com/cve/CVE-2018-15494>) \n** DESCRIPTION: **Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DataGrid component. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWebSphere Extreme Scale| 8.6.1.0 - 8.6.1.5 \n \n\n\n## Remediation/Fixes\n\nProduct| Version(s)| \n\nAPAR\n\n| \n\nRemediation/First Fix \n \n---|---|---|--- \nIBM WebSphere eXtreme Scale Liberty Deployment| 8.6.1.0 - 8.6.1.5| PH53340| \n\nFor older versions, upgrade to latest fixpack 8.6.1.5 and then apply the PH53340 iFix. If you are using 8.6.1.5 directly apply the PH53340 iFix.\n\n[Recommended Fixes page for WebSphere eXtreme Scale](<http://www.ibm.com/support/docview.wss?uid=swg27018991>) \n \n## Workarounds and Mitigations\n\nNone, iFix PH53340 must be applied to correct the problem. \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-21T18:07:40", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2018-15494", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7656"], "modified": "2023-03-21T18:07:40", "id": "1409CD05A45669BF88F7CEAB610D65B1F84FD0522659550C3AD802B5214CCF7A", "href": "https://www.ibm.com/support/pages/node/6964844", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:11:27", "description": "## Summary\n\nThere are vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203 which affects IBM Engineering Workflow Management (EWM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nEWM| 7.0.2 \nEWM| 7.0.1 \n \n\n\n## Remediation/Fixes\n\n**Upgrade to version 7.0.2 iFix021 or later**\n\n[IBM Engineering Lifecycle Management 7.0.2 iFix021](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.2 iFix021](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n**Upgrade to version 7.0.1 iFix021 or later**\n\n[IBM Engineering Lifecycle Management 7.0.1 iFix021](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.1 iFix021](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-04-24T15:03:41", "type": "ibm", "title": "Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-28500", "CVE-2020-8203", "CVE-2021-23337"], "modified": "2023-04-24T15:03:41", "id": "EDBB640D9C964C319A40ED15C23232FA8D49C6B495D6EF19F248B4A314B7651D", "href": "https://www.ibm.com/support/pages/node/6985613", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:52:11", "description": "## Summary\n\nJQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 2\n\n## Remediation/Fixes\n\n[IBM QRadar Network Packet Capture 7.4.1 GA](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+QRadar+Network+Packet+Capture+Appliance&release=All&platform=Linux&function=fixId&fixids=7.4.1-QRadar-NETPCAP-Upgrade-1107&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar Network Packet Capture \u00a07.4.1 GA\" )\n\n[IBM QRadar Network Packet Capture 7.3.3 Patch 3](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+QRadar+Network+Packet+Capture+Appliance&release=All&platform=Linux&function=fixId&fixids=7.3.3-QRadar-NETPCAP-Upgrade-10&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM QRadar Network Packet Capture \u00a07.3.3 Patch 3\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-08-10T20:34:42", "type": "ibm", "title": "Security Bulletin: JQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-08-10T20:34:42", "id": "9A20509E1E544EB20A59DA9FC7AF82F400FE5F811F4BF6223A61E0E7FD269C22", "href": "https://www.ibm.com/support/pages/node/6257859", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-01T01:58:58", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Sourcing.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Sourcing| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n** Product Name**| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Sourcing| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Sourcing| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Sourcing| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Sourcing&fixids=EMP_Sourcing_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYR8W\",\"label\":\"Emptoris Sourcing\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:54:47", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Sourcing (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:54:47", "id": "2A203D8BF52DCAFF8B5E95996A1B55C43D9BF20BC5F58B0B4D388698819D6CF7", "href": "https://www.ibm.com/support/pages/node/6377838", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:52:08", "description": "## Summary\n\nThere are multiple vulnerabilities in jQuery that affect IBM WIoTP MessageGateway.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM WIoTP MessageGateway| 5.0.0.1 \nIBM IoT MessageSight| 5.0.0.0 \nIBM IoT MessageSight| 2.0 \n \n \n\n\n## Remediation/Fixes\n\n_Product_ | _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM WIoTP MessageGateway_| \n\n_5.0.0.2_\n\n| \n\n_IT33689_\n\n| [_5.0.0.2-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255218>) \n_IBM MessageSight_| \n\n_5.0.0.0_\n\n| \n\n_IT33689_\n\n| [_5.0.0.0-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255216>) \n_IBM MessageSight_| \n\n_2.0.0.2_\n\n| \n\n_IT33689_\n\n| [_2.0.0.2-IBM-IMA-IFIT33689_](<https://www.ibm.com/support/pages/node/6255214>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-08-11T19:22:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in jQuery affect IBM WIoTP MessageGateway (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-08-11T19:22:50", "id": "4C098F2F4DD25A03B6FD67587B106604BA4957943FBB7B66868AD8F6F9AEAA0C", "href": "https://www.ibm.com/support/pages/node/6258085", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:54:25", "description": "## Summary\n\nIBM Tivoli Netcool Impact has addressed the following jQuery vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool Impact 7.1.0| 7.1.0.0~7.1.0.18 \n \n## Remediation/Fixes\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Tivoli Netcool Impact 7.1.0| _7.1.0.19_| _IJ24826 _| [IBM Tivoli Netcool Impact 7.1.0 FP19](<https://www.ibm.com/support/pages/node/6210359> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-29T15:31:22", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Netcool Impact is affected by jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-29T15:31:22", "id": "D16BB3B63F820806338161CA1080F3C27550FA2CD017A11E0C7250AB6C05CD77", "href": "https://www.ibm.com/support/pages/node/6241532", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:50:10", "description": "## Summary\n\nQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the HTML() function. A remote attacker could exploit this vulnerability to execute script in a victim&#39;s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim&#39;s cookie-based authentication credentials.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nDataQuant for z/OS| 2.1 \nDataQuant for Multiplatforms| 2.1 \n \n\n\n## Remediation/Fixes\n\nPlease see \"Workarounds.\"\n\n## Workarounds and Mitigations\n\n**Steps for DataQuant Workstation:**\n\n 1. Close DataQuant.\n 2. Navigate to the plugins directory present within DataQuant install directory.\n\nExample: <DATAQUANT_HOME>/DataQuant For Workstation/plugins\n\n 3. Locate the folder - [com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.7.20170216 in the above Directory. Take a backup & remove the directory along with contents from this location.\n 4. Download the attached zip file & extract it to a temporary location.\n 5. Place the extracted folder in the directory <DATAQUANT_HOME>/DataQuant For Workstation/plugins.\n 6. Once replaced, launch DataQuant.\n\n** **\n\n**Steps for DataQuant WebSphere:**\n\n 1. On a deployed product instance, stop the DataQuant WebSphere application.\n 2. Locate the plugin folder - [com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.7.20170216. Take a backup and remove it from the plugins directory.\n\nStandard location \u2192 <IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\ams-vm-qmf11Node01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\\n\n 3. Download the attached zip file & extract it to a temporary location.\n 4. Place the extracted folder in the directory \u2192 <IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\MyMachineNode01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\\n 5. Optionally, to copy files for WebSphere application server on windows using XCOPY command run step 6\n 6. Open command prompt with 'Run As Administrator' option and use the XCOPY command\n\nFor Example \u2192 Xcopy /E /I \"<UserLocationForDownloadedZip>\\[com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.8.20200927\" \"<IBM_WebSphere>\\AppServer\\profiles\\AppSrv01\\installedApps\\MyMachineNode01Cell\\DataQuant for WebSphere 2.1.ear\\DataQuantWebSphere21.war\\WEB-INF\\eclipse\\plugins\\[com.ibm.bi](<https://urldefense.proofpoint.com/v2/url?u=http-3A__com.ibm.bi_&d=DwMGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=Muu9r-tqkBOHdLkP3t8VJ-mWzmQeZ7YtWxSOE6dZ05c&m=Fhc7JD4lLfloLFDfeht-yJmNLoS7JmUlfEEYVy_kel4&s=4RphKqDYs3Zjp_lq33M---09mN4fYmDqlh67UhY7GbE&e=>).reporter_2.1.8.20200927\"\n\n 7. Start the DataQuant application within WebSphere.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-07T21:15:08", "type": "ibm", "title": "Security Bulletin: Steps to update DataQuant Wrokstation ans DataQuant WebSphere plugins.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-07T21:15:08", "id": "CCFBBF17D9A696428033DD621D20DBA44A61CCB92DE126AC9B8A8CA1DDE1D0EB", "href": "https://www.ibm.com/support/pages/node/6344085", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-06T14:11:06", "description": "## Summary\n\nIBM Aspera Webapps are vulnerable to cross-site scripting. See vulnerability details for more information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Aspera Console| 3.4.0 and earlier \nIBM Aspera Shares| 1.9.14 and earlier \n \n\n\n## Remediation/Fixes\n\nFixed in| Version(s) \n---|--- \nIBM Aspera Console| 3.4.2 \nIBM Aspera Shares| 1.9.15 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-17T18:19:25", "type": "ibm", "title": "Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-09-17T18:19:25", "id": "38673841651CC84F9C5F463EBAA4FCB1CD8DB260C4DB4DE5C5EB13515B8DE043", "href": "https://www.ibm.com/support/pages/node/6490381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:54:28", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nAPI Connect | IBM API Connect V5.0.0.0-5.0.8.8 \nAPI Connect | V2018.4.1.0-2018.4.1.11 \n \n## Remediation/Fixes\n\n## \n\n**Affected Product**\n\n| \n\n**Addressed in VRMF**\n\n| \n\n**APAR**\n\n| \n\n**Remediation / First Fix** \n \n---|---|---|--- \n \nIBM API Connect\n\nV5.0.0.0-5.0.8.8 \n\n\n| 5.0.8.8 iFix2 | LI81522 | Addressed in IBM API Connect V5.0.8.8 iFix released on or after June 8, 2020. \n \nDeveloper Portal is impacted. \n \nFollow this link and find the \"Portal\" package: \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.8&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \nIBM API Connect \n\nV2018.4.1.0-2018.4.1.11\n\n| 2018.4.1.12 | \n\nLI81522\n\n| \n\nAddressed in IBM API Connect V2018.4.1.12.\n\nDeveloper Portal is impacted.\n\nFollow this link and find the \"Portal\" package.\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.11&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-26T19:44:32", "type": "ibm", "title": "Security Bulletin: IBM API Connect is impacted by vulnerabilities in Drupal (CVE-2020-11022 CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-26T19:44:32", "id": "6D4BC30FC7D54719CC8531DD40CAEF904411E8A769D791119C3658B78C353F56", "href": "https://www.ibm.com/support/pages/node/6217392", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:53:09", "description": "## Summary\n\nThere is a vulnerability in the jQuery OpenSource library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM OpenPages for IBM Cloud Pak for Data| All \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading.**\n\nIf you are using IBM OpenPages for IBM Cloud Pak for Data 8.203.x, 8.204.x , 8.300.x , 8.301.x and 8.302.x you will need to upgrade to\n\n1\\. IBM Cloud Pak for Data **Version 4.7 **or later** \n**\n\n2\\. IBM OpenPages for IBM Cloud Pak for Data **9.000.0 **or later** \n**\n\nUpgrade installation instructions are provided at the URL listed below:\n\n<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=openpages-upgrading>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-09-28T13:16:50", "type": "ibm", "title": "Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to jQuery cross-site scripting (CVE-2020-11022, CVE-2020-11023)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-09-28T13:16:50", "id": "855B4BA1D8689E5499796780BB5F84A821CB5A58C4CA127B1C70F27CEB7E6AFF", "href": "https://www.ibm.com/support/pages/node/7041701", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:49:45", "description": "## Summary\n\nIBM Security Guardium has addressed these vulnerabilities in an update.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-46363](<https://exchange.xforce.ibmcloud.com/vulnerabilities/242009>) \n** DESCRIPTION: **Apache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform directory listing or code exfiltration, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/242009](<https://exchange.xforce.ibmcloud.com/vulnerabilities/242009>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2023-24329](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247730>) \n** DESCRIPTION: **Python could allow a remote attacker to bypass security restrictions, caused by a flaw in the urllib.parse component. By sending a specially-crafted request using URL starts with blank characters, an attacker could exploit this vulnerability to bypass blocklisting methods. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247730](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247730>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-33201](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258653>) \n** DESCRIPTION: **The Bouncy Castle Crypto Package For Java (bc-java) could allow a remote attacker to obtain sensitive information, caused by not validating the X.500 name of any certificate in the implementation of the X509LDAPCertStoreSpi.java class. By using blind LDAP injection attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258653](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258653>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \nIBM Security Guardium| 11.5 \n \n## Remediation/Fixes\n\n**IBM encourages customers to update their systems promptly.**\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 11.3| [https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p392_Bundle_Nov-01-2023&includeSupersedes=0&source=fc](<https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p392_Bundle_Nov-01-2023&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p485_Bundle_Nov-03-2023&includeSupersedes=0&source=fc](<https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p485_Bundle_Nov-03-2023&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.5| [https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p6501_October-Security-Patch_V11.5&includeSupersedes=0&source=fc](<https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p6501_October-Security-Patch_V11.5&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-11-14T19:45:13", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-46363", "CVE-2023-24329", "CVE-2023-33201", "CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-11-14T19:45:13", "id": "DE46BF6F090121E98D358952D04EFBEF93EFD7E32E719B8173227C3E5CB26E90", "href": "https://www.ibm.com/support/pages/node/7068195", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-01T01:58:58", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Contract Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Contract Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Contract Management| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Contract Management| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Contract Management| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Contract+Management&fixids=EMP_CM_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ89\",\"label\":\"Emptoris Contract Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:52:58", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Contract Management (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:52:58", "id": "941A5FB04B6C4DF5F07E2FBC7A84EADD1A839385EC770AAC6BDFEF5BC82847D9", "href": "https://www.ibm.com/support/pages/node/6377836", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:46:48", "description": "## Summary\n\nThe web server in IBM Security Verify Information Queue (ISIQ) uses an older version of the jQuery package that has two cross-site scripting vulnerabilities. As of v10.0.0, ISIQ has upgraded to a newer, secure version of jQuery. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Verify Information Queue| 1.0.6, 1.0.7 \n \n\n\n## Remediation/Fixes\n\nDownload and install the latest IBM Security Verify Information Queue images (tagged at 10.0.0 or greater) from the Docker Hub repository. The instructions for accessing and deploying the images can be found on the ISIQ starter kit page: <https://www.ibm.com/support/pages/ibm-security-information-queue-starter-kit>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-02-10T17:05:43", "type": "ibm", "title": "Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with known vulnerabilities (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-02-10T17:05:43", "id": "EBD6110D65EB41702B40A5795DBF9BE4F150B84442976771BAD2D5EE26847349", "href": "https://www.ibm.com/support/pages/node/6414351", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-01T01:58:58", "description": "## Summary\n\njQuery publicly disclosed vulnerability affects IBM Emptoris Strategic Supply Management Platform.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Strategic Supply Management Platform| 10.1.0.x,10.1.1.x,10.1.3.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| **Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Strategic Supply Management Platform| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Strategic Supply Management Platform| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Strategic Supply Management Platform| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Strategic+Supply+Management&fixids=EMP_SSMP_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQ72\",\"label\":\"Emptoris Strategic Supply Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:51:39", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:51:39", "id": "73C56B324A2080FA9C0CB45D26C0A4523AA2C160E0E404D5B47EF65512D83AFF", "href": "https://www.ibm.com/support/pages/node/6377832", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:51:02", "description": "## Summary\n\nWe have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been addressed in LCMS Premier 14.0 version.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Kenexa LCMS Premier on premise| 14.0 and below \n \n\n\n## Remediation/Fixes\n\nIBM recommends updating to the latest release for customers who are using an affected version. The new version is available at IBM Passport Advantage web site. \n\nOnce on version 14.0, please proceed to download and apply the provided fix via Fix Central.\n\n**Steps to Download from Fix Central**\n\n * Log in to Fix Central (<https://www-945.ibm.com/support/fixcentral/>)\n * Select \"IBM Kenexa LCMS Premier\u201d from the Product Selector dropdown\n * Select \"14.0\" from the Installed version dropdown\n * Select \"Windows\" from the Platform dropdown\n * Click \"Continue\"\n * Select \"Browse for Fixes\u201d and click \"Continue\"\n\n**Download the following 2 files:**\n\n * Download the 14.0.0 patch - p_14.0.0058_2020-08-28_06-52.zip or above\n\n**Steps to Follow in Version 14.0 ONLY:**\n\n 1. Remove all plugins: \n 1. From ConfigWiz.exe, check \"Advanced\" checkbox, then click \"Stop Services\".\n 2. Move all jar and all zip files from plugin folder to somewhere else.\n 3. From ConfigWiz.exe, click \"Add/Remove Plugins\".\n 2. Install the plugin or patch: \n 1. Move or copy the new plugin file or patch into the plugin folder.\n 2. From ConfigWiz.exe, click \"Advanced\" checkbox, then click \"Add/Remove Plugins\".\n 3. Re-Start Services\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-09-11T06:37:01", "type": "ibm", "title": "Security Bulletin: IBM Kenexa LCMS Premier On Premise - [All] jQuery (Publicly disclosed vulnerability) CVE-2020-11023, CVE-2020-11022", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-09-11T06:37:01", "id": "333C119D3A0437BF92826DA551039CEEC4C96ACBE2B033BC949AB1809D25154B", "href": "https://www.ibm.com/support/pages/node/6332181", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:51:09", "description": "## Summary\n\nThere are multiple vulnerabilities in jQuery used by IBM Maximo Asset Management (CVE-2020-11022, CVE-2020-7656, CVE-2020-11023, CVE-2015-9251, CVE-2012-6708)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-7656](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182264>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182264](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182264>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2012-6708](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions of the IBM Maximo Asset Management core product. The recommended action is to update to the latest version.\n\n**Product versions affected:**\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Maximo Asset Management| 7.6.1.2 \n \n* To determine the core product version, log in and view System Information. The core product version is the \"Tivoli's process automation engine\" version. Please consult the [Platform Matrix](<https://www.ibm.com/support/pages/node/1288432> \"Platform Matrix\" ) for a list of supported product combinations.\n\n## Remediation/Fixes\n\nThe recommended solution is to download the appropriate Interim Fix or Fix Pack from Fix Central and apply for each affected product as soon as possible. Please see below for information on the fixes available for each product, version, and release. Follow the installation instructions in the \u2018readme\u2019 documentation provided with each fix pack or interim fix.\n\n**For Maximo Asset Management 7.6:**\n\nVRM| Fix Pack, Feature Pack, or Interim Fix| Download \n---|---|--- \n7.6.1.2| Maximo Asset Management 7.6.1.2 iFix: \n[7.6.1.2-TIV-MBS-IFI037](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.2&platform=All&function=fixId&fixids=7.6.1.2-TIV-MBS-IF037&includeSupersedes=0&source=fc> \"7.6.1.2-TIV-MBS-IFI037\" ) or latest Interim Fix available| [FixCentral](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.2&platform=All&function=all> \"FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-10-26T17:42:04", "type": "ibm", "title": "Security Bulletin: There are multiple vulnerabilities in jQuery used by IBM Maximo Asset Management (CVE-2020-11022, CVE-2020-7656, CVE-2020-11023, CVE-2015-9251, CVE-2012-6708)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7656"], "modified": "2023-10-26T17:42:04", "id": "FE92891352F62141E1660E1A95087A794A20D312AEFF1AED380D11E9110B3439", "href": "https://www.ibm.com/support/pages/node/7060517", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:50:12", "description": "## Summary\n\nIBM MobileFirst Platform Foundation has addressed the following vulnerability: Multiple Vulnerabilities in jQuery\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM MobileFirst Foundation| 8.x.x \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| **Remediation/First Fix** \n---|---|--- \nIBM MobileFirst Platform Foundation| 8.0.0.0| Download the iFix from [IBM MobileFirst Platform Foundation on FixCentral](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+MobileFirst+Platform+Foundation&fixids=8.0.0.0-MFPF-IF202001211306&source=SAR> \"IBM MobileFirst Platform Foundation on FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-07T10:53:47", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in jQuery fixed in Mobile Foundation ( CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-07T10:53:47", "id": "97DBA1E30952A387E9FFBBCBC4073EB22E406C0722006EEFFCFE53B1712D7E07", "href": "https://www.ibm.com/support/pages/node/6343835", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:54:23", "description": "## Summary\n\nVulnerabilities discovered in jQuery component affect IBM License Metric Tool v9.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM License Metric Tool| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to version 9.2.20 or later using the following procedure: \n\nIn BigFix console, expand IBM License Reporting (ILMT) node under Sites node in the tree panel. \nClick Fixlets and Tasks node. Fixlets and Tasks panel will be displayed on the right. \nIn the Fixlets and Tasks panel locate Upgrade to the latest version of IBM License Metric Tool 9.x fixlet and run it against the computer that hosts your server.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-06-30T08:53:44", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in jQuery affect IBM License Metric Tool v9.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-06-30T08:53:44", "id": "F1A3DFA7EB79FE51E9EE40DE7EE818B3181F7D6FFEBD16C7E5DC5676556369E6", "href": "https://www.ibm.com/support/pages/node/6242104", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:44:59", "description": "## Summary\n\nWe have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been addressed in LMS 6.1.0 version.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Kenexa LMS on premise| LMS 6.1 and Below \n \n \n\n\n## Remediation/Fixes\n\nIBM recommends updating to the latest release for customers who are using an affected version. The new version is available at IBM Passport Advantage web site.\n\nOnce on version 6.1, please proceed to download and apply the provided fix via Fix Central.\n\n**Steps to Download from Fix Central**\n\n * Log in to Fix Central (<https://www-945.ibm.com/support/fixcentral/>)\n * Select \" IBM Kenexa LMS\u201d from the Product Selector dropdown\n * Select \"6.1\" from the Installed version dropdown\n * Select \"Windows\" from the Platform dropdown\n * Click \"Continue\"\n * Select \"Browse for Fixes\u201d and click \"Continue\"\n\n**Download the following 3 files:**\n\n * Download the LMS 15.1.0 patch - p_15.1.0000_2021-01-08_07-43.zip or above \n * Download the PE 10.1.0 patch - IBM_Participate_10.1.0_2021.0216-cumulative.zip or above \n * Download the JQueryUpgrade_Instructions.zip\n\n**Steps to Follow in Version 6.1 ONLY:**\n\n1\\. Stop LMS 15.1.0 and Participate 10.1.0 Services\n\n2\\. Extract the JQueryUpgrade_Instructions.zip \n\nFYI\u2026Below files will display in extracted folder will find below files \n\nJQueryUpgrade.zip, \n\nJQueryUpgrade-PE-Instructions.txt\n\nJQueryUpgrade-LMSInstructions.txt\n\nJQueryUpgrade-PE-REVERT-Instructions.txt \n\nJQueryUpgrade-LMS-REVERT-Instructions.txt\n\n3\\. Open the \u201cJQueryUpgrade-PE-Instructions.txt\u201d file & follow each step in PE application folders to upgrade J-query\n\n4\\. Open the \u201cJQueryUpgrade-LMSInstructions.txt\u201d file & follow each step in LMS application folders to upgrade J-query\n\n5\\. Start the LMS 15.1.0 & PE10.1.0 services\n\n\\-----------------------------------------------------------------------------------------------------------------------------\n\n**Note:** *** Please download \"JQueryUpgrade_Instructions\" while applying the latest patch for LMS build version 15.1.0 and Participate 10.1.0. This is a one time requirement and in instance where you have already applied \"JQueryUpgrade_Instructions\", then re-applying the same in future cumulative fixes is not required and you may proceed with regular patching process***\n\n\\------------------------------------------------------------------------------------------------------------------------------------\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-03-23T06:32:08", "type": "ibm", "title": "Security Bulletin: IBM Kenexa LMS On Premise -[All] jQuery (Publicly disclosed vulnerability) - CVE-2020-11023, CVE-2020-11022", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2021-03-23T06:32:08", "id": "D737A8C94C930B47803CAEB6FC01A6B08302D409FE64A0E40960433AFCACF7A4", "href": "https://www.ibm.com/support/pages/node/6435075", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-01T01:58:58", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Spend Analysis.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Spend Analysis| 10.1.3.x,10.1.1.x,10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| ** Versions affected **| ** Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Spend Analysis| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_analysis_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Spend Analysis| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_Manager_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Spend Analysis| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Spend+Analysis&fixids=EMP_Spend_Manager_10.1.3.30&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQAR\",\"label\":\"Emptoris Spend Analysis\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:54:58", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Spend Analysis (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:54:58", "id": "5CFA2CCBFE05295C7186239383AF12E6EC68C33A3ED0A1976150849CCB589A37", "href": "https://www.ibm.com/support/pages/node/6377840", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-10-01T01:59:00", "description": "## Summary\n\njQuery security vulnerabilities affect IBM Emptoris Program Management.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Emptoris Program Management| 10.1.3.x,10.1.1.x, 10.1.0.x \n \n\n\n## Remediation/Fixes\n\n**Product Name **| **Versions affected** | **Remediation iFix or fix pack** \n---|---|--- \nIBM Emptoris Program Management| 10.1.0.x| [10.1.0.37](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.0.37&source=SAR> \"10.1.0.37\" ) \nIBM Emptoris Program Management| 10.1.1.x| [10.1.1.34](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=EMP_PGM_10.1.1.34&source=SAR> \"10.1.1.34\" ) \nIBM Emptoris Program Management| 10.1.3.x| [10.1.3.30](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FEmptoris+Program+Management&fixids=pgm_license-10.1.3.30.0&source=SAR> \"10.1.3.30\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Dec 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYRER\",\"label\":\"Emptoris Program Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"10.1.0.x,10.1.1.x,10.1.3.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-03T09:49:41", "type": "ibm", "title": "Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Program Management (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-12-03T09:49:41", "id": "ED796DA12F35B849EC739966324C81FE11BDCC6E2DCB25F912D4D4A08B754359", "href": "https://www.ibm.com/support/pages/node/6377828", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:58:01", "description": "## Summary\n\nA copy of the open source library jQuery is shipped as part of the swagger-ui in IBM Business Process Manager and IBM Business Automation Workflow. Cross-Site scripting vulnerabilities have been reported for this library.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s)| Status \n---|---|--- \nIBM Business Automation Workflow traditional| V21.0.3| not affected \nIBM Business Automation Workflow containers| V21.0.3| not affected \nIBM Business Automation Workflow traditional| V21.0.1 - V21.0.2 \nV20.0.0.1 - V20.0.0.2 \nV19.0.0.1 - V19.0.0.3 \nV18.0.0.0 - V18.0.0.1| affected \nIBM Business Automation Workflow containers| V21.0.1 - V21.0.2 \nV20.0.0.1 - V20.0.0.2| affected \nIBM Business Process Manager| V8.6.0.0 - V8.6.0.201803 \nV8.5.0.0 - V8.5.0.201706| affected \n \n \n\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [JR64339](<https://www.ibm.com/support/docview.wss?uid=swg1JR64339> \"JR64339\" ) as soon as practical. \n\nAffected Product(s)| Version(s)| Remediation / Fix \n---|---|--- \nIBM Business Automation Workflow traditional| V21.0.2| Apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=21.0.2&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow Containers| V21.0.2| Apply [21.0.2-IF010](<https://www.ibm.com/support/pages/node/6574031> \"21.0.2-IF010\" ) or upgrade to [IBM Business Automation Workflow containers 21.0.3](<https://www.ibm.com/support/pages/node/6574109>) \nIBM Business Automation Workflow traditional| V20.0.0.2| Apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=20.0.0.2&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V20.0.0.1| Upgrade to [IBM Business Automation Workflow v20.0.0.2](<https://www.ibm.com/support/pages/node/713319#fp20002>) and apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=20.0.0.2&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V19.0.0.3| Apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=19.0.0.3&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V19.0.0.2 \nV19.0.0.1 \nV18.0.0.2 \nV18.0.0.1| Upgrade to [IBM Business Automation Workflow 19.0.0.3](<http://www.ibm.com/support/pages/node/1107021>) and apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=19.0.0.3&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V18.0.0.0| Apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=18.0.0.0&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Process Manager| V8.6.0.0 - V8.6.0.201803| Upgrade to [IBM Business Process Manager Version 8.6 Cumulative Fix 2018.03](<https://www.ibm.com/support/pages/node/316403>) and apply [JR64339](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=18.0.0.0&platform=All&function=aparId&apars=JR64339> \"JR64339\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Process Manager| V8.5.0.0 - V8.5.7.201706| Upgrade to [IBM Business Process Manager Version 8.5.7 Cumulative Fix 2017.06](<https://www.ibm.com/support/pages/downloading-ibm-business-process-manager-version-857-cumulative-fix-201706>) and apply JR64322 for the edition of your product \n\n * [IBM Business Process Manager Advanced](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=aparId&apars=JR64322>)\n * [IBM Business Process Manager Standard](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=aparId&apars=JR64322>)\n * [IBM Business Process Manager Express](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=aparId&apars=JR64322>)\nor upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-05-04T21:38:55", "type": "ibm", "title": "Security Bulletin: Cross-site scripting vulnerabilities in jQuery may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-11022, CVE-2020-11023", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-05-04T21:38:55", "id": "44AFDEAFD41860F69D32A81AF82FFCC07CB70BCD09283311989298641C60901F", "href": "https://www.ibm.com/support/pages/node/6579971", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:49:21", "description": "## Summary\n\nJQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting (XSS) \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Security QRadar Packet Capture 7.3.0 to 7.3.3 Patch 2\n\nIBM Security QRadar Packet Capture 7.4.0 to 7.4.1 GA\n\n \n\n\n## Remediation/Fixes\n\n[IBM Security QRadar Packet Capture 7.3.3 Patch 3](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=All&platform=Linux&function=fixId&fixids=7.3.3-QRadar-PCAP-build-373&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM Security QRadar Packet Capture 7.3.3 Patch 3\" )\n\n[IBM Security QRadar Packet Capture 7.4.1 Patch 1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Packet+Capture&release=All&platform=Linux&function=fixId&fixids=7.4.1-QRadar-PCAP-build-442&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"IBM Security QRadar Packet Capture 7.4.1 Patch 1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-30T14:54:33", "type": "ibm", "title": "Security Bulletin: JQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-30T14:54:33", "id": "46408A14D896F2590474D3B129B44EA3EC035B71D283468445233579BDC6BEE8", "href": "https://www.ibm.com/support/pages/node/6357529", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:07:43", "description": "## Summary\n\nMultiple Security Vulnerabilities have been fixed in IBM Security Directory Server, IBM Security Directory Suite and IBM Security Verify Directory.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2016-3012](<https://vulners.com/cve/CVE-2016-3012>) \n** DESCRIPTION: **IBM API Connect server credentials used for a specific restricted scenario may have been exposed in the toolkit. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114275](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114275>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-1838](<https://vulners.com/cve/CVE-2018-1838>) \n** DESCRIPTION: **IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow a remote attacker to obtain sensitive information caused by improper handling of passwords. IBM X-Force ID: 150811. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150811](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150811>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2015-5041](<https://vulners.com/cve/CVE-2015-5041>) \n** DESCRIPTION: **A flaw in the IBM J9 JVM allows code to invoke non-public interface methods under these circumstances. Untrusted code could potentially exploit this. This could lead to sensitive data being exposed to an attacker, or the attacker being able to inject bad data. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/106719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/106719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Directory Server| 6.4.0 \nIBM Security Directory Suite VA| 8.0.1 \nIBM Security Verify Directory| 10.0.0 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends that customers update their products at the earliest convenience.**\n\nIBM Security Verify Directory Container:\n\ndocker pull icr.io/isvd/verify-directory-server:10.0.0.0 latest\n\ndocker pull icr.io/isvd/verify-directory-proxy:10.0.0.0 latest\n\ndocker pull icr.io/isvd/verify-directory-seed:10.0.0.0 latest\n\nAffected Products and Versions| Fix Availability \n---|--- \nIBM Security Directory Server 6.4.0| [interim fix: 6.4.0.27-ISS-ISDS-IF0027](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.4.0.27&platform=All&function=fixId&fixids=6.4.0.27-ISS-ISDS-WinX64-IF0027&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true>) \nIBM Security Directory Suite VA 8.0.1| [8.0.1.19-ISS-ISDS_20230118-0304](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Directory+Suite&release=8.0.1.18&platform=All&function=fixId&fixids=8.0.1.19-ISS-ISDS_20230118-0304.pkg&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-05-23T15:08:47", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Directory Server, IBM Security Directory Suite and IBM Security Verify Directory.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-5041", "CVE-2015-9251", "CVE-2016-3012", "CVE-2018-1838", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-05-23T15:08:47", "id": "93FB43619692E9A4D81819FDEE2EC14BE9B5E62B4E287FD49E3F7D0FE31D653A", "href": "https://www.ibm.com/support/pages/node/6997593", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T17:51:36", "description": "## Summary\n\njQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy (CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064). Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator (CVE-2020-8552). Go (Go-Yaml, goproxy) is used by IBM Robotic Process Automation for Cloud Pak as part of the operator (CVE-2022-28948, CVE-2023-37788). Microsft .NET Core is used by IBM Robotic Process Automation as part of the runtime environment (CVE-2023-36799).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-8552](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178254>) \n** DESCRIPTION: **Kubernetes kube-apiserver is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted resource request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-23064](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259074>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the element. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259074](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259074>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-28948](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226978>) \n** DESCRIPTION: **Go-Yaml is vulnerable to a denial of service, caused by a flaw in the Unmarshal function. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the program to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226978](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226978>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-36799](<https://exchange.xforce.ibmcloud.com/vulnerabilities/265556>) \n** DESCRIPTION: **Microsoft .NET Core and Visual Studio is vulnerable to a denial of service. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/265556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/265556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-37788](<https://exchange.xforce.ibmcloud.com/vulnerabilities/261155>) \n** DESCRIPTION: **goproxy is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted HTTP request to HTTPS page replaced path the \"/\" with asterix \"*\", a remote attacker could exploit this vulnerability to cause goproxy server to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/261155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/261155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAll CVE's except CVE-2023-37788:\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.9, 23.0.0 - 23.0.9 \n \nCVE-2023-37788:\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.9, 23.0.0 - 23.0.10 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\nAll CVE's except CVE-2023-37788:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.9| Update to 21.0.7.10 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \nIBM Robotic Process Automation for Cloud Pak\n\n| 23.0.0 - 23.0.9| Update to 23.0.10 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/23.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \nCVE-2023-37788:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.9| Update to 21.0.7.10 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \nIBM Robotic Process Automation for Cloud Pak\n\n| 23.0.0 - 23.0.10| Update to 23.0.11 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/23.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-10-17T19:19:27", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-23064", "CVE-2020-8552", "CVE-2022-28948", "CVE-2023-36799", "CVE-2023-37788"], "modified": "2023-10-17T19:19:27", "id": "F1E13830189EF724267AE210258121182D99740D98A2D34B36F92619C8D706D7", "href": "https://www.ibm.com/support/pages/node/7047016", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-27T21:46:49", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-26870](<https://vulners.com/cve/CVE-2020-26870>) \n** DESCRIPTION: **DOMPurify is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Nesting FORM element. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189516](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189516>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security QRadar Analyst Workflow| 1.0.0 - 1.4.0 \n \n\n\n## Remediation/Fixes\n\n[Update to 1.4.1](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=All&function=fixId&fixids=IBM-Security-QRadar-Analyst-Workflow-v1.4.1&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=dbluesearch&mhsrc=ibmsearch_s&mhq=IBM-Security-QRadar-Analyst-Workflow> \"Update to 1.4.1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-02-09T19:25:36", "type": "ibm", "title": "Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2020-11022", "CVE-2020-26870"], "modified": "2021-02-09T19:25:36", "id": "B0FB4CCA6C2AAF4AE7DFA7516AE94640B71BE0BE346F669F7A4393C673251F3D", "href": "https://www.ibm.com/support/pages/node/6413705", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:22:55", "description": "## Summary\n\nIBM CICS TX Advanced is vulnerable to multiple vulnerabilities in jQuery. The fix removes these vulnerabilities from IBM CICS TX Advanced.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM CICS TX Advanced| 11.1 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing these vulnerabilities by downloading and applying the interim fix from the table below. \n\nProduct \n\n| \n\nVersion \n\n| \n\nDefect \n\n| \n\nRemediation / First Fix \n \n---|---|---|--- \n \nIBM CICS TX Advanced \n\n| \n\n11.1\n\n| \n\n127799\n\n| \n\n[Download the fix from here](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FCICS+TX+on+Cloud&fixids=ibm-cics-tx-advanced-image-11.1.0.0-ifix5&source=SAR&function=fixId&parent=ibm/Other%20software> \"Download the fix from here\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-14T21:04:36", "type": "ibm", "title": "Security Bulletin: IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in jQuery.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2020-11022"], "modified": "2023-02-14T21:04:36", "id": "12EFB707E056F27AA11980D2F9CC90B6739FAC22EC63709581DBBBA13033E1C9", "href": "https://www.ibm.com/support/pages/node/6833296", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-07T14:01:40", "description": "## Summary\n\nThis fix upgrades to grpc 1.55.1, jersey 2.39.1, jackson 2.15.2, and socket.io 4.6.2.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-31125](<https://exchange.xforce.ibmcloud.com/vulnerabilities/254734>) \n** DESCRIPTION: **Engine.IO is vulnerable to a denial of service, caused by an uncaught exception. By sending a specially crafted HTTP request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/254734](<https://exchange.xforce.ibmcloud.com/vulnerabilities/254734>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-32732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) \n** DESCRIPTION: **gRPC is vulnerable to a denial of service, caused by a base64 encoding error for \"-bin\" suffixed headers. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a termination of connection between a HTTP2 proxy and a gRPC server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n** DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2023-35116](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258157>) \n** DESCRIPTION: **Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to open a specially crafted content, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258157](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258157>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** IBM X-Force ID: **256137 \n** DESCRIPTION: **FasterXML Jackson Core is vulnerable to a denial of service, caused by improper input validation by the StreamReadConstraints value field. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/256137 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - IBM Answer Retrieval for Watson Discovery| All \n \n## Remediation/Fixes\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Answer Retrieval for Watson Discovery| < 2.12.0| Download and install [v2.12.0](<https://download4.boulder.ibm.com/sar/CMA/OSA/0bh6p/0/Answer_Retrieval_WD_2.12.0_EN.gz> \"v2.12.0\" ) \nFollow instructions in the downloaded package. \n \n## Workarounds and Mitigations\n\nN/A\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-06-20T15:24:05", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.11 and earlier", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-31125", "CVE-2023-32731", "CVE-2023-32732", "CVE-2023-35116"], "modified": "2023-06-20T15:24:05", "id": "B14EB1551FB935CBDB90A852C1C192530C38DAACEDB3B6EA8584BF37FEA14B81", "href": "https://www.ibm.com/support/pages/node/7005559", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T18:22:20", "description": "## Summary\n\nIBM CICS TX Standard is vulnerable to multiple vulnerabilities in jQuery. The fix removes these vulnerabilities from IBM CICS TX Standard.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery(strInput) function. A remote attacker could exploit this vulnerability using the to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM CICS TX Standard| 11.1 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing these vulnerabilities by downloading and applying the interim fix from the table below. \n\nProduct \n\n| \n\nVersion \n\n| \n\nDefect \n\n| \n\nRemediation / First Fix \n \n---|---|---|--- \n \nIBM CICS TX Standard \n\n| \n\n11.1\n\n| \n\n127799\n\n| \n\n[Download the fix from here](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FCICS+TX+Standard&fixids=ibm-cics-tx-standard-image-11.1.0.0-ifix5&source=SAR> \"Download the fix from here\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-14T21:14:53", "type": "ibm", "title": "Security Bulletin: IBM CICS TX Standard is vulnerable to multiple vulnerabilities in jQuery.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2020-11022"], "modified": "2023-02-14T21:14:53", "id": "E4F82B1EF36905183E848EAEFF844914F58061E9D484E205B7784B8B5BE99E13", "href": "https://www.ibm.com/support/pages/node/6833292", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:58:13", "description": "## Summary\n\nCross Site Scripting vulnerabilities in jQuery might affect Process Portal in IBM Business Automation Workflow and IBM Business Process Manager (BPM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-7656](<https://vulners.com/cve/CVE-2020-7656>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the load method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182264](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182264>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** Third Party Entry: **180875 \n** DESCRIPTION: **jQuery cross-site scripting \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Business Automation Workflow| V20.0 \nV19.0 \nV18.0 \nIBM Business Process Manager| V8.6 \nV8.5 \nV8.0 \n \nFor earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [JR62354](<https://www.ibm.com/support/docview.wss?uid=swg1JR62354> \"JR62354\" ) as soon as practical:\n\n * [IBM Business Automation Workflow](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=aparId&apars=JR62354>) (including fix for IBM Business Process Manager V8.6.0.0 2018.03)\n * [IBM Business Process Manager Advanced](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=aparId&apars=JR62354>)\n * [IBM Business Process Manager Standard](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=aparId&apars=JR62354>)\n * [IBM Business Process Manager Express](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=aparId&apars=JR62354>)\n\nFor IBM Business Automation Workflow V18.0, V19.0, and V20.0 \n\u00b7 Upgrade to minimal cumulative fix levels as required by iFix and then apply iFix [JR62354](<https://www.ibm.com/support/docview.wss?uid=swg1JR62354> \"JR62354\" ) \n\\--OR-- \n\u00b7 Apply cumulative fix Business Automation Workflow V20.0.0.2 or later\n\nFor IBM Business Automation Workflow on Containers, see [Readme for IBM Business Automation Workflow on Containers 20.0.0.1 IF001](<https://www.ibm.com/support/pages/node/6339527> \"Readme for IBM Business Automation Workflow on Containers 20.0.0.1 IF001\" )\n\n \nFor IBM Business Process Manager V8.6 \n\u00b7 Upgrade to minimal cumulative fix levels as required by iFix and then apply iFix [JR62354](<https://www.ibm.com/support/docview.wss?uid=swg1JR62354> \"JR62354\" ) \n\\--OR-- \n\u00b7 Upgrade to Business Automation Workflow V20.0.0.2 or later \n \nFor IBM BPM V8.5 \n\u00b7 Upgrade to IBM BPM V8.5.7, apply [Cumulative Fix 2017.06](<http://www.ibm.com/support/docview.wss?uid=swg24043591>) and then apply iFix [JR62354](<https://www.ibm.com/support/docview.wss?uid=swg1JR62354> \"JR62354\" ) \n\\--OR-- \n\u00b7 Upgrade to Business Automation Workflow V20.0.0.2 or later\n\nFor IBM BPM V8.0 \n\u00b7 Upgrade to IBM BPM V8.0.1, apply [Fix Pack 3](<https://www.ibm.com/support/pages/download-version-801-fix-pack-3-ibm-business-process-manager-products> \"Fix Pack 3\" ) and then apply iFix [JR62354](<https://www.ibm.com/support/docview.wss?uid=swg1JR62354> \"JR62354\" ) \n\\--OR-- \n\u00b7 Upgrade to Business Automation Workflow V20.0.0.2 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-05-04T11:20:04", "type": "ibm", "title": "Security Bulletin: Cross Site Scripting vulnerabilities in jQuery might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-7656, CVE-2020-11022, CVE-2020-11023", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7656"], "modified": "2022-05-04T11:20:04", "id": "89780D4585A20488FEED7686A5CA76A1831A95DB741EA06511648ED27850EC1B", "href": "https://www.ibm.com/support/pages/node/6326835", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:42:19", "description": "## Summary\n\nIBM Business Process Manager and IBM Business Automation Workflow are affected by multiple security vulnerabilities found in Swagger UI.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-6708](<https://vulners.com/cve/CVE-2012-6708>) \n** DESCRIPTION: **jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138055](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138055>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Business Automation Workflow| V19.0 \nV18.0 \nIBM Business Process Manager| V8.6 \nV8.5 \n \n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [JR61747](<https://www.ibm.com/support/docview.wss?uid=swg1JR61747> \"JR61747\" ) as soon as practical:\n\n * [IBM Business Automation Workflow](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=aparId&apars=JR61747,JR62222>) (including fix for IBM Business Process Manager V8.6.0.0 2018.03)\n * [IBM Business Process Manager Advanced](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=aparId&apars=JR61747,JR62222>)\n * [IBM Business Process Manager Standard](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=aparId&apars=JR61747,JR62222>)\n * [IBM Business Process Manager Express](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=aparId&apars=JR61747,JR62222>)\n\nNote that [JR61747](<https://www.ibm.com/support/docview.wss?uid=swg1JR61747> \"JR61747\" ) is superseded by [JR62222](<https://www.ibm.com/support/docview.wss?uid=swg1JR62222> \"JR62222\" ) addressing an issue with profile upgrade in case the ifix has been applied and is reapplied during upgrade to a newer version, which does not yet have the fix.\n\nFor IBM Business Automation Workflow V18.0 and V19.0 \n\u00b7 Upgrade to minimal cumulative fix levels as required by iFix and then apply iFix [JR61747](<https://www.ibm.com/support/docview.wss?uid=swg1JR61747> \"JR61747\" ) \n\\--OR-- \n\u00b7 Apply cumulative fix Business Automation Workflow V20.0.0.1 \n \nFor IBM Business Process Manager V8.6 \n\u00b7 Upgrade to minimal cumulative fix levels as required by iFix and then apply iFix [JR61747](<https://www.ibm.com/support/docview.wss?uid=swg1JR61747> \"JR61747\" ) \n\\--OR-- \n\u00b7 Upgrade to Business Automation Workflow V20.0.0.1 \n \nFor IBM BPM V8.5 \n\u00b7 Upgrade to IBM BPM V8.5.7, apply [Cumulative Fix 2017.06](<http://www.ibm.com/support/docview.wss?uid=swg24043591>) and then apply iFix [JR61747](<https://www.ibm.com/support/docview.wss?uid=swg1JR61747> \"JR61747\" ) \n\\--OR-- \n\u00b7 Upgrade to Business Automation Workflow V20.0.0.1\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-09-14T15:28:14", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities in Swagger UI affect IBM Business Automation Workflow and IBM Business Process Manager (BPM)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6708", "CVE-2015-9251", "CVE-2019-11358"], "modified": "2022-09-14T15:28:14", "id": "6227E56DAD73769F0362D834B90EB9B1D9A60C3227B1A4516F314052662E33C8", "href": "https://www.ibm.com/support/pages/node/6113428", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:54:57", "description": "## Summary\n\nIBM Cloud Pak for Network Automation 2.6.1 fixes multiple security vulnerabilities, listed in the CVEs below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-32681](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256114>) \n** DESCRIPTION: **python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. By persuading a victim to click on a specially crafted URL, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256114](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256114>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2023-36053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259604>) \n** DESCRIPTION: **Django is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the EmailValidator and URLValidator. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259604](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259604>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) \n** DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Network Automation| 2.x \n \n## Remediation/Fixes\n\nAs per CVEs listed above\n\nIBM strongly suggests the following remediation / fixes:\n\nIBM Cloud Pak for Network Automation v2.6.1 can be deployed on-premises.\n\nPlease go to [https://www.ibm.com/docs/en/cloud-paks/cp-network-auto/2.6.1](<https://www.ibm.com/docs/en/cloud-paks/cp-network-auto/2.6.x>) to follow the installation instructions relevant to your chosen architecture.\n\n## Workarounds and Mitigations\n\nNone. Upgrade to the latest version.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-04T11:32:12", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Network Automation 2.6.1 fixes multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-25883", "CVE-2023-32681", "CVE-2023-34455", "CVE-2023-36053"], "modified": "2023-09-04T11:32:12", "id": "FC7F68E0222DFE0CD0F9243D471FABAED6E98B8EFE68407B48452DA1CB1F95FB", "href": "https://www.ibm.com/support/pages/node/7030470", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-30T17:58:09", "description": "## Summary\n\nMultiple security vulnerabilities impacting Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-21930](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253115>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/253115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253115>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2023-21967](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253156>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/253156](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253156>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2023-21937](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253167>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/253167](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253167>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2023-21938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253155>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/253155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/253155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2023-34104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257474>) \n** DESCRIPTION: **Natural Intelligence fast-xml-parser is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the Doctype Entities. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257474>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Knowledge Catalog on-prem| 4.x \n \n## Remediation/Fixes\n\nUpgrade to Watson Knowledge Catalog for IBM Cloud Pak for Data 4.7.1 or higher: <https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=overview-whats-new#whats-new__refresh-1__title__1>\n\n## Workarounds and Mitigations\n\nNone. Watson Knowledge Catalog for IBM Cloud Pak for Data must be upgraded\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-08-04T14:38:25", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-21930", "CVE-2023-21937", "CVE-2023-21938", "CVE-2023-21967", "CVE-2023-34104", "CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455"], "modified": "2023-08-04T14:38:25", "id": "7E198CE5A0ADEBB8D8E13DB5406E27B8CAE2B095A5AF6A169BEA982CC9A5A270", "href": "https://www.ibm.com/support/pages/node/7020316", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:46:20", "description": "## Summary\n\nThis interim fix provides instructions on upgrading third parity libraries in IBM Spectrum Conductor 2.5.0 in order to address security vulnerabilities CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2019-17359, CVE-2019-8331, CVE-2018-1000632, CVE-2018-10237, CVE-2020-13956, CVE-2020-9488, CVE-2017-18214, CVE-2020-11979, CVE-2020-7760, CVE-2017-16042, CVE-2016-10540, CVE-2016-1000027, CVE-2012-0881, CVE-2013-4002, CVE-2020-26939, and CVE-2020-7598.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-17359](<https://vulners.com/cve/CVE-2019-17359>) \n** DESCRIPTION: **Bouncy Castle Crypto is vulnerable to a denial of service, caused by OutOfMemoryError error in ASN.1 parser. By sending specially crafted ASN.1 data, a local attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168581](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168581>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-8331](<https://vulners.com/cve/CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-1000632](<https://vulners.com/cve/CVE-2018-1000632>) \n** DESCRIPTION: **dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods. By sending a specially-crafted XML content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148750](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148750>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-10237](<https://vulners.com/cve/CVE-2018-10237>) \n** DESCRIPTION: **Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-18214](<https://vulners.com/cve/CVE-2017-18214>) \n** DESCRIPTION: **Node.js moment module is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause a low severity regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135364](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135364>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-11979](<https://vulners.com/cve/CVE-2020-11979>) \n** DESCRIPTION: **Apache Ant could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure temporary file flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to inject modified source files into the build process. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189164](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189164>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-7760](<https://vulners.com/cve/CVE-2020-7760>) \n** DESCRIPTION: **Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-16042](<https://vulners.com/cve/CVE-2017-16042>) \n** DESCRIPTION: **Node.js growl module could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145541>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2016-10540](<https://vulners.com/cve/CVE-2016-10540>) \n** DESCRIPTION: **Node.js minimatch module is vulnerable to a denial of service, caused by a flaw in the minimatch function. By using a specially-crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149140](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149140>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-1000027](<https://vulners.com/cve/CVE-2016-1000027>) \n** DESCRIPTION: **Pivota Spring Framework could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a code injection vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2012-0881](<https://vulners.com/cve/CVE-2012-0881>) \n** DESCRIPTION: **Apache Xerces2 Java is vulnerable to a denial of service, caused by a flaw in the XML service. By sending a specially crafted message to an XML service, a remote attacker could exploit this vulnerability to consume available CPU resources from the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/134404](<https://exchange.xforce.ibmcloud.com/vulnerabilities/134404>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2013-4002](<https://vulners.com/cve/CVE-2013-4002>) \n** DESCRIPTION: **A denial of service vulnerability in the Apache Xerces-J parser used by IBM Java could result in a complete availability impact on the affected system. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/85260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/85260>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n** CVEID: **[CVE-2020-26939](<https://vulners.com/cve/CVE-2020-26939>) \n** DESCRIPTION: **Legion of the Bouncy Castle BC and Legion of the Bouncy Castle BC-FJA could allow a remote attacker to obtain sensitive information, caused by observable differences in behavior to rrror inputs in org.bouncycastle.crypto.encodings.OAEPEncoding. By using the OAEP Decoder to send invalid ciphertext that decrypts to a short payload, a remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-7598](<https://vulners.com/cve/CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Conductor| 2.5.0 \n \n\n\n## Remediation/Fixes\n\n**Products**| **VRMF**| **Remediation/First Fix** \n---|---|--- \nIBM Spectrum Conductor \n| 2.5.0| [sc-2.5-build600141](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/IBM+Spectrum+Conductor+with+Spark&release=All&platform=All&function=fixId&fixids=sc-2.5-build600141&includeSupersedes=0> \"sc-2.5-build600141\" ) \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-20T06:41:42", "type": "ibm", "title": "Security Bulletin: Multiple vulnerability issues affect IBM Spectrum Conductor 2.5.0", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0881", "CVE-2013-4002", "CVE-2015-9251", "CVE-2016-1000027", "CVE-2016-10540", "CVE-2017-16042", "CVE-2017-18214", "CVE-2018-1000632", "CVE-2018-10237", "CVE-2019-11358", "CVE-2019-17359", "CVE-2019-8331", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11979", "CVE-2020-13956", "CVE-2020-26939", "CVE-2020-7598", "CVE-2020-7760", "CVE-2020-9488"], "modified": "2021-02-20T06:41:42", "id": "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "href": "https://www.ibm.com/support/pages/node/6416393", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-09-01T22:26:37", "description": "## Summary\n\nIBM Business Automation Workflow is vulnerable to a cross-site scripting attack.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2023-33858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) \n**DESCRIPTION: **IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) | Status \n---|---|--- \nIBM Business Automation Workflow containers | \n\nV23.0.1 - V23.0.1-IF001 \nV22.0.2 all fixes \nV22.0.1 all fixes \nV21.0.3 - V21.0.3-IF023 \nV21.0.2 all fixes \nV20.0.0.2 all fixes \nV20.0.0.1 all fixes\n\n| affected \nIBM Business Automation Workflow traditional | V23.0.1 \nV22.0.1 - V22.0.2 \nV21.0.1 - V21.0.3.1 \nV20.0.0.1 - V20.0.0.2 \nV19.0.0.1 - V19.0.0.3 | affected \nIBM Business Automation Workflow Enterprise Service Bus | V23.0.1 \nV22.0.2 | affected \n \nFor earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [DT215116](<https://www.ibm.com/mysupport/aCI3p0000000FJuGAM> \"DT215116\" ) as soon as practical.\n\nAffected Product(s) | Version(s) | Remediation / Fix \n---|---|--- \nIBM Business Automation Workflow containers | V23.0.1 - V23.0.1-IF001 | Apply [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) \nIBM Business Automation Workflow containers | V22.0.1 - V22.0.2 all fixes | Upgrade to Business Automation Workflow on Containers 23.0.1 and apply [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) \nIBM Business Automation Workflow containers | V21.0.3 | Apply [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow containers | V21.0.2 \nV20.0.0.1 - V20.0.0.2 | Upgrade to Apply [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7009721> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus | V23.0.1 | Apply [DT215116](<https://www.ibm.com/mysupport/aCI3p0000000FJuGAM> \"DT215116\" ) \nIBM Business Automation Workflow traditional | V21.0.3.1 | Apply [DT215116](<https://www.ibm.com/mysupport/aCI3p0000000FJuGAM> \"DT215116\" ) \nIBM Business Automation Workflow traditional | V22.0.2 \nV22.0.1 \nV21.0.2 \nV21.0.1 \nV20.0.0.2 \nV20.0.0.1 \nV19.0.0.3 | Upgrade to a long term support release or the latest SSCD version. See [IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum](<https://www.ibm.com/support/pages/ibm-business-automation-workflow-and-ibm-integration-designer-software-support-lifecycle-addendum> \"IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-09-01T19:51:53", "type": "ibm", "title": "Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow - CVE-2023-33858", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-33858"], "modified": "2023-09-01T19:51:53", "id": "CB8D3B0114576C613A2239EFF04E3E68A8776A9C679BC09DCEBCCB03B8CE58D2", "href": "https://www.ibm.com/support/pages/node/7030362", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T18:19:00", "description": "## Summary\n\nIBM Sterling B2B Integrator has addressed the security vulnerabilities in jQuery.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-31160](<https://vulners.com/cve/CVE-2022-31160>) \n** DESCRIPTION: **jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/231462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/231462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.7 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.2.1 \n \n\n\n## Remediation/Fixes\n\n**Product \n** | **Version**| **APAR**| **Remediation & Fix** \n---|---|---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.7| IT42890| Apply 6.0.3.8 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.2.1| IT42890| Apply 6.1.2.2 \n \nThe IIM versions of 6.0.3.8 and 6.1.2.2 are available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>). \n\nThe container version of 6.1.2.2 is available in IBM Entitled Registry with following tags. \n\n * cp.icr.io/cp/ibm-b2bi/b2bi:6.1.2.2 for IBM Sterling B2B Integrator\n * cp.icr.io/cp/ibm-sfg/sfg:6.1.2.2 for IBM Sterling File Gateway\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-03-13T16:37:51", "type": "ibm", "title": "Security Bulletin: EBICS Client of IBM Sterling B2B Interator vulnerable to multiple issues due to jQuery", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2022-31160"], "modified": "2023-03-13T16:37:51", "id": "B673694C2888EE95A6BAB04A5C155DEAA18A41E4DF0C4AE45D1C5C2E3FD7151D", "href": "https://www.ibm.com/support/pages/node/6963091", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-11-08T21:54:24", "description": "## Summary\n\nIBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n** DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Maximo Application Suite| 8.9 \nIBM Maximo Application Suite| 8.10 \n \n## Remediation/Fixes\n\nAffected Product(s)| Fixpack Version(s) \n---|--- \nIBM Maximo Application Suite| 8.9.9 or [the latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \nIBM Maximo Application Suite| 8.10.4 or [the latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-08-29T21:17:39", "type": "ibm", "title": "Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-32731"], "modified": "2023-08-29T21:17:39", "id": "AFEA4FE7785D0CF94A68BF920671D47C694E431E7FB3944A2D25FA8728D0725B", "href": "https://www.ibm.com/support/pages/node/7029772", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-30T17:56:47", "description": "## Summary\n\nNode.js word-wrap is used internally by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Node.js word-wrap. [CVE-2023-26115]\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) \n** DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \nApp Connect Enterprise Certified Container| 5.0-lts \nApp Connect Enterprise Certified Container| 5.1 \nApp Connect Enterprise Certified Container| 5.2 \nApp Connect Enterprise Certified Container| 6.0 \nApp Connect Enterprise Certified Container| 6.1 \nApp Connect Enterprise Certified Container| 6.2 \nApp Connect Enterprise Certified Container| 7.0 \nApp Connect Enterprise Certified Container| 7.1 \nApp Connect Enterprise Certified Container| 7.2 \nApp Connect Enterprise Certified Container| 8.0 \nApp Connect Enterprise Certified Container| 8.1 \nApp Connect Enterprise Certified Container| 8.2 \nApp Connect Enterprise Certified Container| 9.0 \n \n## Remediation/Fixes\n\nIBM strongly suggests the following: \n**App Connect Enterprise Certified Container 4.1.x to 9.0.x (Continuous Delivery)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 9.1.0 or higher, and ensure that all Dashboard, DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.9.0-r1 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n \n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.10 or higher, and ensure that all Dashboard, DesignerAuthoring and IntegrationServer components are at 12.0.9.0-r2-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect-contlts?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2023-08-25T10:19:01", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service due to [CVE-2023-26115]", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-26115"], "modified": "2023-08-25T10:19:01", "id": "285F4595F3EA893F5D6623AF8FF9969259FB35597456697B71E9AB5BD317ED72", "href": "https://www.ibm.com/support/pages/node/7028936", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-08T21:47:26", "description": "## Summary\n\nThere is a vulnerability in snappy-java that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n** DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Process Mining| \n\n1.14.1,1.14.0, 1.13.2, 1.13.1, 1.13.0 \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| \n\n1.14.1,\n\n1.14.0, 1.13.2, 1.13.1, 1.13.0\n\n \n \n\n\n| \n\n**Upgrade to version 1.14.2** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"PassPortAdvantage\" ) \n \n2\\. Search for \n**M0FHQML** \nProcess Mining 1.14.2 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M0FHRML** Process Mining 1.14.2 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\n**Workarounds/Mitigation guidance**:\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-10-09T10:38:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in snappy-java affects IBM Process Mining . CVE-2023-34453", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-34453"], "modified": "2023-10-09T10:38:01", "id": "0033C585CDAF2B08BC84588E41908BB6DE4940B360CC4DAFD5083973876D7586", "href": "https://www.ibm.com/support/pages/node/7048699", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-08T21:50:54", "description": "## Summary\n\nThere is a vulnerability in gRPC used by IBM Robotic Process Automation as part of the Natural Language Processing, which may result in an attacker obtaining sensitive information (CVE-2023-32731). This bulletin identifies the security fixes to apply to address this vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n** DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Robotic Process Automation| 21.0.0 - 21.0.7.8, 23.0.0 - 23.0.9 \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.8, 23.0.0 - 23.0.9 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation| 21.0.0 - 21.0.7.8| Download [21.0.7.9](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Robotic+Process+Automation&release=21.0.7>) or higher and follow these [instructions.](<https://www.ibm.com/docs/en/rpa/21.0?topic=upgrading-rpa-premises>) \nIBM Robotic Process Automation for Cloud Pak| 21.0.0 - 21.0.7.8| Update to 21.0.7.9 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \nIBM Robotic Process Automation| 23.0.0 - 23.0.9| Download [23.0.10](<https://www.ibm.com/support/pages/node/7028022>) or higher and follow these [instructions](<https://www.ibm.com/docs/en/rpa/23.0?topic=upgrading-rpa-premises>). \n \nIBM Robotic Process Automation for Cloud Pak\n\n| 23.0.0 - 23.0.9| Update to 23.0.10 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/23.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-20T14:08:37", "type": "ibm", "title": "Security Bulletin: A vulnerability in gRPC may affect IBM Robotic Process Automation and result in an attacker obtaining sensitive information. (CVE-2023-32731)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-32731"], "modified": "2023-09-20T14:08:37", "id": "A9887BC773EA30E99327B19185BAE49ADF6DFB03C06E2572F64DF123E8602ACE", "href": "https://www.ibm.com/support/pages/node/7034007", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T17:55:13", "description": "## Summary\n\nIBM Edge Application Manager 4.5.2 addresses the security vulnerabilities listed in the CVEs below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) \n** DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-28155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/250386>) \n** DESCRIPTION: **Node.js Request module is vulnerable to server-side request forgery, caused by a cross-protocol redirect bypass flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/250386](<https://exchange.xforce.ibmcloud.com/vulnerabilities/250386>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) \n** DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2023-29827](<https://exchange.xforce.ibmcloud.com/vulnerabilities/254586>) \n** DESCRIPTION: **Node.js ejs module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a server-side template injection flaw. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/254586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/254586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2023-26136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259555>) \n** DESCRIPTION: **Salesforce tough-cookie could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259555](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259555>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** IBM X-Force ID: **258323 \n** DESCRIPTION: **Apollo GraphQL Apollo Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Content Security Policies (CSP). A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/258323 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258323>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \nIBM Edge Application Manager| 4.5 \nIBM Edge Application Manager| 4.4 \nIBM Edge Application Manager| 4.3 \n \n## Remediation/Fixes\n\nThe fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2023-08-31T16:08:09", "type": "ibm", "title": "Security Bulletin: IBM Edge Application Manager 4.5.2 addresses the security vulnerabilities listed in the CVEs below.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-25883", "CVE-2023-26115", "CVE-2023-26136", "CVE-2023-28155", "CVE-2023-29827"], "modified": "2023-08-31T16:08:09", "id": "731BBFECC40F2EF7784FEBE5505A0DC4D4C5517BF2BAA0989024E9CC37129731", "href": "https://www.ibm.com/support/pages/node/7030159", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-08T21:52:34", "description": "## Summary\n\nIBM Maximo Application Suite uses Eclipse Vert.x-Web package which is vulnerable to CVE-2023-24815.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-24815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) \n** DESCRIPTION: **Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. By sending a specially-crafted request, an attacker could exploit this vulnerability to exfiltrate any class path resource, and use this information to launch further attacks against the affected system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Maximo Application Suite - IBM Asset Data Dictionary Component| 8.9 \nIBM Maximo Application Suite - IBM Asset Data Dictionary Component| 8.10 \n \n## Remediation/Fixes\n\nAffected Product(s)| Fixpack Version(s) \n---|--- \nIBM Maximo Application Suite - IBM Asset Data Dictionary Component| 8.9.9 or [the latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \nIBM Maximo Application Suite -IBM Asset Data Dictionary Component| 8.10.4 or [the latest (available from the Catalog under Update Available)](<https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-09-06T17:51:39", "type": "ibm", "title": "Security Bulletin: Eclipse Vert.x-Web component is vulnerable to CVE-2023-24815 is used by IBM Maximo Application Suite", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2023-24815"], "modified": "2023-09-06T17:51:39", "id": "B895392A74ED197662991415267981B8C80385CF8D50D839B21162A7435541BC", "href": "https://www.ibm.com/support/pages/node/7030783", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T18:26:12", "description": "## Summary\n\nSecurity Vulnerablities have been addressed in IBM Common Licensing. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request . A fix is available to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-33813](<https://vulners.com/cve/CVE-2021-33813>) \n** DESCRIPTION: **JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Common Licensing| ART 9.0 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading and applying the suggested fix that uses upgraded version of FasterXML. \n\nApply [IBM_LKS_Administration_And_Reporting_Tool_And_Agent_90_iFix6 ](<https://www.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=IBM_LKS_Administration_And_Reporting_Tool_And_Agent_90_iFix6&continue=1>) from Fix Central.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-30T09:38:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in jdom affects IBM Common Licensing's Administration And Reporting Tool (ART) (CVE-2021-33813)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33813"], "modified": "2023-01-30T09:38:02", "id": "956A624E237CD5950CF708D6365F746A4303B7B9542EA80B8178F887BF9CB81B", "href": "https://www.ibm.com/support/pages/node/6890617", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-06T17:55:07", "description": "## Summary\n\nIBM Business Automation Workflow packages jdom. An XML External Entity (XXE) injection vulnerability was reported for jdom: Due to insecure default settings in jdom, a careless client application may fail to disable XML External Entity expansion features in the XML parser used by the library. While this is not the case in product code, the library is updated to protect custom code that might have accidentally referred to this copy of the library.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2021-33813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) \n**DESCRIPTION: **JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nStatus\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Business Automation Workflow containers | \n\nV23.0.1 - V23.0.1-IF001 \nV22.0.2 - V22.0.2 all fixes \nV22.0.1 all fixes \nV21.0.3 - V21.0.3-IF023 \nV21.0.2 all fixes \nV20.0.0.2 all fixes \nV20.0.0.1 all fixes\n\n| affected \nIBM Business Automation Workflow traditional | V23.0.1 \nV22.0.1 - V22.0.2 \nV21.0.1 - V21.0.3.1 \nV20.0.0.1 - V20.0.0.2 \nV19.0.0.1 - V19.0.0.3 | affected \nIBM Business Automation Workflow Enterprise Service Bus | V22.0.2, V23.0.1 | affected \n \nFor earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product.\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [DT225151](<https://www.ibm.com/mysupport/aCI3p000000XmVMGA0> \"DT225151\" ) as soon as practical.\n\nAffected Product(s) | Version(s) | Remediation / Fix \n---|---|--- \nIBM Business Automation Workflow containers | V22.0.2 | Apply [23.0.1-IF002](<https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-2202-interim-fixes> \"23.0.1-IF002\" ) \nIBM Business Automation Workflow containers | V22.0.1 | Upgrade to Business Automation Workflow on Containers 22.0.2 and apply [23.0.1-IF002](<https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-2202-interim-fixes> \"23.0.1-IF002\" ) \nIBM Business Automation Workflow containers | V21.0.3 | Apply [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-2202-interim-fixes> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow containers | V21.0.2 \nV20.0.0.1 - V20.0.0.2 | Upgrade to [21.0.3-IF024](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF024\" ) \nor upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/readme-ibm-business-automation-workflow-containers-2202-interim-fixes> \"23.0.1-IF002\" ) or later \nIBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus | V23.0.1 | Apply [DT225151](<https://www.ibm.com/mysupport/aCI3p000000XmVMGA0> \"DT225151\" ) \nIBM Business Automation Workflow traditional | V21.0.3.1 | Upgrade to [IBM Business Automation Workflow traditional V22.0.2](<https://www.ibm.com/support/pages/node/6830489> \"IBM Business Automation Workflow traditional V22.0.2\" ) and apply [DT225151](<https://www.ibm.com/mysupport/aCI3p000000XmVMGA0> \"DT225151\" ) \nIBM Business Automation Workflow traditional | V22.0.2 \nV22.0.1 \nV21.0.2 \nV20.0.0.2 \nV20.0.0.1 \nV19.0.0.3 | Upgrade to a long term support release or the latest SSCD version. See [IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum](<https://www.ibm.com/support/pages/ibm-business-automation-workflow-and-ibm-integration-designer-software-support-lifecycle-addendum> \"IBM Business Automation Workflow and IBM Integration Designer Software Support Lifecycle Addendum\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-09-01T19:47:47", "type": "ibm", "title": "Security Bulletin: XML External Entity injection vulnerability in jdom may affect custom apps in IBM Business Automation Workflow - CVE-2021-33813", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33813"], "modified": "2023-09-01T19:47:47", "id": "E81A7993ACBB1516F7D6F53AF0BD65493FE3E87E11CC696DB43234F62A8E5303", "href": "https://www.ibm.com/support/pages/node/7030363", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:46:17", "description": "## Summary\n\nIBM Integration Bus ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-7760](<https://vulners.com/cve/CVE-2020-7760>) \n** DESCRIPTION: **Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0 - V10.0.0.23 (Linux x86-64 and Windows x86-64 only)\n\n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM Integration Bus| V10.0.0.0 - V10.0.0.23| IT35098| \n\nInterim fix for APAR IT35098 is available on [IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=10.0.0.23&platform=All&function=all> \"IBM Fix Central\" )\n\n \n \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-23T10:20:58", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Node.js affect IBM Integration Bus (CVE-2020-7760)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7760"], "modified": "2021-02-23T10:20:58", "id": "99084FFA789D95BADF692928B0618A889A000D098F055B05388851B9A57D3682", "href": "https://www.ibm.com/support/pages/node/6416609", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "atlassian": [{"lastseen": "2023-12-06T18:59:28", "description": "Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023, CVE-2020-11022, and CVE-2015-9251.\r\n\r\nAffected Version/s: 4.0.3, 4.1.1\r\n\r\nFixed Version/s: 4.1.2, 4.0.4, 4.2.0", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-02-16T18:28:38", "type": "atlassian", "title": "Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-01-10T22:04:49", "id": "CWD-5683", "href": "https://jira.atlassian.com/browse/CWD-5683", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-11T13:20:19", "description": "h3. Issue Summary\r\njQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. Jira uses jQuery 2.2.4 (as of Jira 8.8.0) \r\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-9251\r\n\r\nh3. Steps to Reproduce\r\n-\r\nh3. Expected Results\r\nJira uses jQuery v3.0.0 or newer.\r\n\r\nh3. Actual Results\r\nJira uses jQuery 2.2.4\r\n\r\nh3. Workaround\r\n Currently there is no known workaround for this behavior. A workaround will be added here when available", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2020-04-20T13:29:57", "type": "atlassian", "title": "Jira uses vulnerable jQuery version CVE-2015-9251", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2019-11358"], "modified": "2020-05-11T09:26:15", "id": "ATLASSIAN:JRASERVER-70929", "href": "https://jira.atlassian.com/browse/JRASERVER-70929", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-20T06:47:07", "description": "Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to\u00a0CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.\r\n\r\n\u00a0\r\n\r\nThe affected versions are before version 8.15.0.\r\n\r\n\u00a0\r\n\r\n*Affected versions:*\r\n * version < 8.15.0\r\n\r\n*Fixed versions:*\r\n * 8.15.0 \u00a0", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-02-02T09:59:24", "type": "atlassian", "title": "Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2021-10-20T05:00:11", "id": "ATLASSIAN:JRASERVER-72052", "href": "https://jira.atlassian.com/browse/JRASERVER-72052", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:33:42", "description": "Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to\u00a0CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.\r\n\r\n\u00a0\r\n\r\nThe affected versions are before version 8.15.0.\r\n\r\n\u00a0\r\n\r\n*Affected versions:*\r\n * version < 8.15.0\r\n\r\n*Fixed versions:*\r\n * 8.15.0 \u00a0", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-02-02T09:59:24", "type": "atlassian", "title": "Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-08-11T05:53:32", "id": "JRASERVER-72052", "href": "https://jira.atlassian.com/browse/JRASERVER-72052", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T19:29:54", "description": "Affected versions of Bitbucket Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.\r\n\r\nA jquery patch has been applied for Bitbucket versions >= *7.10.0*.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-08-24T14:53:45", "type": "atlassian", "title": "jquery 2.2.4 XSS vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-09-12T00:28:27", "id": "BSERV-13449", "href": "https://jira.atlassian.com/browse/BSERV-13449", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-12-12T20:44:25", "description": "Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023 & CVE-2020-11022.\r\n\r\nAffected Version/s: 4.0.3, 4.1.1\r\n\r\nFixed Version/s: 4.1.2, 4.0.4, 4.2.0", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2021-02-16T18:28:38", "type": "atlassian", "title": "Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2021-12-12T20:28:37", "id": "ATLASSIAN:CWD-5683", "href": "https://jira.atlassian.com/browse/CWD-5683", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "altlinux": [{"lastseen": "2023-05-07T11:56:13", "description": "1.42.027-alt1 built Oct. 21, 2020 Alexey Shabalin in task #260176\n\nOct. 19, 2020 Alexey Shabalin\n \n \n - snapshot of 1.4 branch 0c66d2335a9dd13006c83ed64ae565a4a3cb7f0c\n - Update jQuery to address three CVE Vulnerabilities\n - Fixes:\n + CVE-2020-11022\n + CVE-2020-11023\n + CVE-2019-11358\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-10-21T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023"], "modified": "2020-10-21T00:00:00", "id": "19D9D4CF9E621238B64E7009C574A2B2", "href": "https://packages.altlinux.org/en/p9/srpms/phpipam/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-10-30T14:47:48", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x prior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-04-22T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier (Apr 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-17521"], "modified": "2023-10-24T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/148918", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148918);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/24\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13956\",\n \"CVE-2020-17521\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"IAVA\", value:\"2023-A-0559\");\n\n script_name(english:\"Oracle Primavera Unifier (Apr 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is\n16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x\nprior to 20.12.4. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core UI\n (jQuery)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks require human interaction from a person other than the attacker\n and while the vulnerability is in Primavera Unifier, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some\n of Primavera Unifier accessible data as well as unauthorized read access to a subset of Primavera Unifier\n accessible data. (CVE-2020-11022)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Core (HTTP\n Client)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Primavera Unifier. Successful attacks of this vulnerability can result in unauthorized update, insert or\n delete access to some of Primavera Unifier accessible data. (CVE-2020-13956)\n\n - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Platform\n (Apache Groovy)). Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8, 19.12 and 20.12.\n Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where\n Primavera Unifier executes to compromise Primavera Unifier. Successful attacks of this vulnerability can\n result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data.\n (CVE-2020-17521)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuapr2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13956\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nget_install_count(app_name:'Oracle Primavera Unifier', exit_if_zero:TRUE);\n\nvar port = get_http_port(default:8002);\nget_kb_item_or_exit('www/weblogic/' + port + '/installed');\n\nvar app_info = vcf::get_app_info(app:'Oracle Primavera Unifier', port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [\n { 'min_version' : '16.1', 'fixed_version' : '16.2.16.5' },\n { 'min_version' : '17.7', 'fixed_version' : '17.12.11.7' },\n { 'min_version' : '18.8', 'fixed_version' : '18.8.18.4' },\n { 'min_version' : '19.12', 'fixed_version' : '19.12.14' },\n { 'min_version' : '20.12', 'fixed_version' : '20.12.4' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:09", "description": "The Apache Maven project reports :\n\nWe received a report from Jonathan Leitschuh about a vulnerability of custom repositories in dependency POMs. We've split this up into three separate issues :\n\n- Possible Man-In-The-Middle-Attack due to custom repositories using HTTP.\n\nMore and more repositories use HTTPS nowadays, but this hasn't always been the case. This means that Maven Central contains POMs with custom repositories that refer to a URL over HTTP. This makes downloads via such repository a target for a MITM attack. At the same time, developers are probably not aware that for some downloads an insecure URL is being used. Because uploaded POMs to Maven Central are immutable, a change for Maven was required. To solve this, we extended the mirror configuration with blocked parameter, and we added a new external:http:* mirror selector (like existing external:*), meaning 'any external URL using HTTP'.\n\nThe decision was made to block such external HTTP repositories by default : this is done by providing a mirror in the conf/settings.xml blocking insecure HTTP external URLs.\n\n- Possible Domain Hijacking due to custom repositories using abandoned domains\n\nSonatype has analyzed which domains were abandoned and has claimed these domains.\n\n- Possible hijacking of downloads by redirecting to custom repositories\n\nThis one was the hardest to analyze and explain. The short story is :\nyou're safe, dependencies are only downloaded from repositories within their context. So there are two main questions: what is the context and what is the order? The order is described on the Repository Order page. The first group of repositories are defined in the settings.xml (both user and global). The second group of repositories are based on inheritence, with ultimately the super POM containing the URL to Maven Central. The third group is the most complex one but is important to understand the term context: repositories from the effective POMs from the dependency path to the artifact. So if a dependency was defined by another dependency or by a Maven project, it will also include their repositories. In the end this is not a bug, but a design feature.", "cvss3": {}, "published": "2021-04-19T00:00:00", "type": "nessus", "title": "FreeBSD : Apache Maven -- multiple vulnerabilities (20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13956", "CVE-2021-26291"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:maven", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_20006B5FA0BC11EB8AE6FC4DD43E2B6A.NASL", "href": "https://www.tenable.com/plugins/nessus/148748", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148748);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-13956\", \"CVE-2021-26291\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"FreeBSD : Apache Maven -- multiple vulnerabilities (20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Apache Maven project reports :\n\nWe received a report from Jonathan Leitschuh about a vulnerability of\ncustom repositories in dependency POMs. We've split this up into three\nseparate issues :\n\n- Possible Man-In-The-Middle-Attack due to custom repositories using\nHTTP.\n\nMore and more repositories use HTTPS nowadays, but this hasn't always\nbeen the case. This means that Maven Central contains POMs with custom\nrepositories that refer to a URL over HTTP. This makes downloads via\nsuch repository a target for a MITM attack. At the same time,\ndevelopers are probably not aware that for some downloads an insecure\nURL is being used. Because uploaded POMs to Maven Central are\nimmutable, a change for Maven was required. To solve this, we extended\nthe mirror configuration with blocked parameter, and we added a new\nexternal:http:* mirror selector (like existing external:*), meaning\n'any external URL using HTTP'.\n\nThe decision was made to block such external HTTP repositories by\ndefault : this is done by providing a mirror in the conf/settings.xml\nblocking insecure HTTP external URLs.\n\n- Possible Domain Hijacking due to custom repositories using abandoned\ndomains\n\nSonatype has analyzed which domains were abandoned and has claimed\nthese domains.\n\n- Possible hijacking of downloads by redirecting to custom\nrepositories\n\nThis one was the hardest to analyze and explain. The short story is :\nyou're safe, dependencies are only downloaded from repositories within\ntheir context. So there are two main questions: what is the context\nand what is the order? The order is described on the Repository Order\npage. The first group of repositories are defined in the settings.xml\n(both user and global). The second group of repositories are based on\ninheritence, with ultimately the super POM containing the URL to Maven\nCentral. The third group is the most complex one but is important to\nunderstand the term context: repositories from the effective POMs from\nthe dependency path to the artifact. So if a dependency was defined by\nanother dependency or by a Maven project, it will also include their\nrepositories. In the end this is not a bug, but a design feature.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291\");\n # https://vuxml.freebsd.org/freebsd/20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?db7a98a5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-26291\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:maven\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"maven<3.8.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:06:28", "description": "Two vulnerabilities have been discovered in jquery's handling of untrusted HTML which may result in execution of untrusted code.\n\nFor Debian 9 stretch, these problems have been fixed in version 3.1.1-2+deb9u2.\n\nWe recommend that you upgrade your jquery packages.\n\nFor the detailed security status of jquery please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/jquery\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-2608-1 : jquery security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjs-jquery", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2608.NASL", "href": "https://www.tenable.com/plugins/nessus/148146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2608-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148146);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Debian DLA-2608-1 : jquery security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two vulnerabilities have been discovered in jquery's handling of\nuntrusted HTML which may result in execution of untrusted code.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.1.1-2+deb9u2.\n\nWe recommend that you upgrade your jquery packages.\n\nFor the detailed security status of jquery please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/jquery\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jquery\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/jquery\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected libjs-jquery package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjs-jquery\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjs-jquery\", reference:\"3.1.1-2+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-15T15:03:55", "description": "The version of AOS installed on the remote host is prior to 5.19. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-01T00:00:00", "type": "nessus", "title": "Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-10-13T00:00:00", "cpe": ["cpe:/o:nutanix:aos"], "id": "NUTANIX_NXSA-AOS-5_19.NASL", "href": "https://www.tenable.com/plugins/nessus/164574", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164574);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/13\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Nutanix AOS host is affected by multiple vulnerabilities .\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of AOS installed on the remote host is prior to 5.19. It is, therefore, affected by multiple vulnerabilities\nas referenced in the NXSA-AOS-5.19 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources -\n even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option>\n elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods\n (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://portal.nutanix.com/page/documents/security-advisories/release-advisories/details?id=NXSA-AOS-5.19\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?464d146f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the Nutanix AOS software to recommended version.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:nutanix:aos\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nutanix_collect.nasl\");\n script_require_keys(\"Host/Nutanix/Data/lts\", \"Host/Nutanix/Data/Service\", \"Host/Nutanix/Data/Version\", \"Host/Nutanix/Data/arch\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_info = vcf::nutanix::get_app_info();\n\nvar constraints = [\n { 'fixed_version' : '5.19', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 5.19 or higher.', 'lts' : FALSE },\n { 'fixed_version' : '5.19', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 5.19 or higher.', 'lts' : FALSE }\n];\n\nvcf::nutanix::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-18T14:51:06", "description": "According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios required for successful exploitation do not exist on devices running a PAN-OS release.", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "nessus", "title": "JQuery 1.2 < 3.5.0 Multiple XSS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-10-13T00:00:00", "cpe": ["cpe:/a:jquery:jquery"], "id": "JQUERY_CVE-2020-11022.NASL", "href": "https://www.tenable.com/plugins/nessus/136929", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136929);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/13\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"JQuery 1.2 < 3.5.0 Multiple XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple cross site scripting\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater\nthan or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios \nrequired for successful exploitation do not exist on devices running a PAN-OS release.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.paloaltonetworks.com/PAN-SA-2020-0007\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JQuery version 3.5.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:jquery:jquery\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jquery_detect.nasl\", \"palo_alto_version.nbin\", \"cisco_wlc_version.nasl\", \"cisco_apic_version.nbin\");\n script_require_keys(\"installed_sw/jquery\");\n script_exclude_keys(\"Host/Palo_Alto/Firewall/Version\", \"Host/Cisco/WLC/Version\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (get_kb_item('Host/Palo_Alto/Firewall/Version'))\n exit(0, 'The remote host is PAN-OS, and therefore not affected.');\n\nif (get_kb_item('Host/Cisco/WLC/Version'))\n exit(0, 'The remote host is a Cisco WLC, and therefore not affected.');\n\nvar appname = 'jquery';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\nvar jport = get_http_port(default:8081);\n\nif (get_install_count(app_name:'Cisco APIC Software') > 0)\n{\n var installs = get_installs(app_name:'Cisco APIC Software', port:jport);\n var length = 0;\n if (!isnull(installs)) length = length(installs[1]);\n\n if (length > 0)\n {\n exit(0, 'The remote host is a Cisco APIC, and therefore not affected.');\n }\n}\n\nvar app_info = vcf::get_app_info(app:appname, port:jport, webapp:TRUE);\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nvar constraints = [{'min_version':'1.2','fixed_version':'3.5.0'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING,flags:{xss:TRUE});\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-01T17:20:12", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-282 advisory.\n\n - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame.\n This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 (CVE-2023-32731)\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-08-14T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : grpc, grpc-cpp, grpc-data (ALAS2023-2023-282)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-32731", "CVE-2023-32732", "CVE-2023-4785"], "modified": "2023-10-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:grpc", "p-cpe:/a:amazon:linux:grpc-cpp", "p-cpe:/a:amazon:linux:grpc-cpp-debuginfo", "p-cpe:/a:amazon:linux:grpc-data", "p-cpe:/a:amazon:linux:grpc-debuginfo", "p-cpe:/a:amazon:linux:grpc-debugsource", "p-cpe:/a:amazon:linux:grpc-devel", "p-cpe:/a:amazon:linux:grpc-doc", "p-cpe:/a:amazon:linux:grpc-plugins", "p-cpe:/a:amazon:linux:grpc-plugins-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-282.NASL", "href": "https://www.tenable.com/plugins/nessus/179767", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-282.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(179767);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/17\");\n\n script_cve_id(\"CVE-2023-32731\", \"CVE-2023-32732\", \"CVE-2023-4785\");\n\n script_name(english:\"Amazon Linux 2023 : grpc, grpc-cpp, grpc-data (ALAS2023-2023-282)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-282 advisory.\n\n - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame.\n This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables\n between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests\n from the proxy being interpreted as containing headers from different proxy clients - leading to an\n information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading\n beyond the commit contained in https://github.com/grpc/grpc/pull/33005\n https://github.com/grpc/grpc/pull/33005 (CVE-2023-32731)\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy\n and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by\n the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in\n https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-282.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32731.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32732.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-4785.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update grpc --releasever 2023.1.20230809' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-32731\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-cpp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-cpp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:grpc-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'grpc-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-cpp-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-cpp-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-cpp-debuginfo-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-cpp-debuginfo-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-data-1.56.2-10.amzn2023', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-debuginfo-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-debuginfo-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-debugsource-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-debugsource-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-devel-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-devel-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-doc-1.56.2-10.amzn2023', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-plugins-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-plugins-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-plugins-debuginfo-1.56.2-10.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'grpc-plugins-debuginfo-1.56.2-10.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grpc / grpc-cpp / grpc-cpp-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:18", "description": "This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library - jquery OTRS uses jquery version 3.4.1, which is vulnerable to cross-site scripting (XSS).", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : otrs (openSUSE-2020-1888)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:otrs", "p-cpe:/a:novell:opensuse:otrs-itsm", "cpe:/o:novell:opensuse:15.1", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1888.NASL", "href": "https://www.tenable.com/plugins/nessus/142840", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1888.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142840);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"openSUSE Security Update : otrs (openSUSE-2020-1888)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in\n third-party library - jquery OTRS uses jquery version\n 3.4.1, which is vulnerable to cross-site scripting\n (XSS).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178434\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected otrs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs-itsm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-itsm-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-6.0.30-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-itsm-6.0.30-lp152.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"otrs / otrs-itsm\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T14:59:11", "description": "Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version", "cvss3": {}, "published": "2021-01-21T00:00:00", "type": "nessus", "title": "Oracle WebCenter Sites (Jan 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:webcenter_sites"], "id": "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/145244", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145244);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Oracle WebCenter Sites (Jan 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported \nversion\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2021.html#AppendixFMW\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujan2021cvrf.xml\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:webcenter_sites\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_webcenter_sites_installed.nbin\", \"oracle_enum_products_win.nbin\");\n script_require_keys(\"SMB/WebCenter_Sites/Installed\");\n\n exit(0);\n}\ninclude('vcf_extras_oracle_webcenter_sites.inc');\n\nvar app_info = vcf::oracle_webcenter_sites::get_app_info();\n\nvar constraints = [\n {'min_version' : '12.2.1.3', 'fixed_version' : '12.2.1.3.210119', 'fixed_revision' : '186084'},\n {'min_version' : '12.2.1.4', 'fixed_version' : '12.2.1.4.210119', 'fixed_revision' : '186094'}\n];\n\nvcf::oracle_webcenter_sites::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:37:42", "description": "- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n - [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0 02) / [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20 20-11022) / [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "Fedora 32 : drupal8 (2020-36d2db5f51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal8", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-36D2DB5F51.NASL", "href": "https://www.tenable.com/plugins/nessus/137423", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-36d2db5f51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137423);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"FEDORA\", value:\"2020-36d2db5f51\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Fedora 32 : drupal8 (2020-36d2db5f51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n -\n [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0\n 02) /\n [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11022) /\n [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-36d2db5f51\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/project/drupal/releases/8.8.5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"drupal8-8.9.0-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T16:07:06", "description": "The version of Atlassian Jira installed on the remote host is prior to 8.0.x < 8.15.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72052 advisory.\n\n - Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023 (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-06T00:00:00", "type": "nessus", "title": "Atlassian Jira 8.0.x < 8.15.0 (JRASERVER-72052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-10-19T00:00:00", "cpe": ["cpe:/a:atlassian:jira"], "id": "JIRA_8_15_0_JRASERVER-72052.NASL", "href": "https://www.tenable.com/plugins/nessus/162747", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162747);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/19\");\n\n script_cve_id(\"CVE-2020-11022\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Atlassian Jira 8.0.x < 8.15.0 (JRASERVER-72052)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Atlassian Jira host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Atlassian Jira installed on the remote host is prior to 8.0.x < 8.15.0. It is, therefore, affected by a\nvulnerability as referenced in the JRASERVER-72052 advisory.\n\n - Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023 (CVE-2020-11022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.atlassian.com/browse/JRASERVER-72052\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Atlassian Jira version 8.15.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:atlassian:jira\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jira_detect.nasl\", \"atlassian_jira_win_installed.nbin\", \"atlassian_jira_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Atlassian JIRA\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nvar app_info = vcf::combined_get_app_info(app:'Atlassian JIRA');\n\nvar constraints = [\n { 'min_version' : '8.0.0', 'fixed_version' : '8.15.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-08T16:22:49", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9177 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : jquery-ui (ELSA-2022-9177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2023-11-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:jquery-ui"], "id": "ORACLELINUX_ELSA-2022-9177.NASL", "href": "https://www.tenable.com/plugins/nessus/158471", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9177.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158471);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVA\", value:\"2021-A-0032\");\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0196\");\n script_xref(name:\"IAVA\", value:\"2021-A-0480\");\n script_xref(name:\"IAVA\", value:\"2020-A-0481\");\n script_xref(name:\"IAVA\", value:\"2022-A-0029\");\n script_xref(name:\"IAVA\", value:\"2021-A-0194-S\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Oracle Linux 7 : jquery-ui (ELSA-2022-9177)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2022-9177 advisory.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources -\n even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option>\n elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods\n (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9177.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected jquery-ui package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jquery-ui\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'jquery-ui-1.10.4.custom-4.0.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jquery-ui');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:36:15", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple vulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-05-21T00:00:00", "type": "nessus", "title": "Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_8_8_6.NASL", "href": "https://www.tenable.com/plugins/nessus/136745", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136745);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70,\n7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple\nvulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and\n before 3.5.0, passing HTML from untrusted sources - even\n after sanitizing it - to one of jQuery's DOM\n manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is\n patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and\n before 3.5.0, passing HTML containing elements\n from untrusted sources - even after sanitizing it - to\n one of jQuery's DOM manipulation methods (i.e. .html(),\n .append(), and others) may execute untrusted code. This\n problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.70\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-002\");\n # https://blog.jquery.com/2020/05/04/jquery-3-5-1-released-fixing-a-regression/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f249edf4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://en.wikipedia.org/wiki/Software_regression\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?07eeffa7\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc025732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://html.spec.whatwg.org/multipage/custom-elements.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jquery.com/upgrade-guide/3.5/#description-of-the-change\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.7.14\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.8.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/issues/drupal\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/jquery_update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/security-team/report-issue\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.70 / 7.70 / 8.7.14 / 8.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:'Drupal', port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '7.0', 'fixed_version' : '7.70' },\n { 'min_version' : '8.7', 'fixed_version' : '8.7.14' },\n { 'min_version' : '8.8', 'fixed_version' : '8.8.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:01", "description": "The version of Nessus Network Monitor (NNM) installed on the remote host is prior to 5.13.0. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {}, "published": "2021-03-12T00:00:00", "type": "nessus", "title": "Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:tenable:nnm"], "id": "NNM_5_13_0.NASL", "href": "https://www.tenable.com/plugins/nessus/147729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147729);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A vulnerability scanner installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Nessus Network Monitor (NNM) installed\non the remote host is prior to 5.13.0. It is, therefore, affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-02\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/products/nessus/nessus-network-monitor\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Nessus Network Monitor version 5.13.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nnm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nnm_installed_win.nbin\", \"nnm_installed_nix.nbin\");\n script_require_keys(\"installed_sw/Tenable NNM\", \"Host/nnm_installed\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_name = 'Tenable NNM';\n\napp_info = vcf::get_app_info(app:app_name);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'fixed_version' : '5.13.0' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:37:07", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 8.7.x < 8.7.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112437", "href": "https://www.tenable.com/plugins/was/112437", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:37:07", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 8.8.x < 8.8.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112430", "href": "https://www.tenable.com/plugins/was/112430", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:37:11", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70, 8.7.x prior to 8.7.14 or 8.8.x prior to 8.8.6. It is, therefore, affected by multilple vulnerabilities :\n\n - Two Cross-Site Scripting (XSS) vulnerabilities in jQuery (CVE-2020-11022 / CVE-2020-11023).\n\n - An open redirect due to insufficient validation of the destination query parameter in the drupal_goto() function in Drupal 7 only (CVE-2020-13662).\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-06-09T00:00:00", "type": "nessus", "title": "Drupal 7.x < 7.70 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112438", "href": "https://www.tenable.com/plugins/was/112438", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T19:37:36", "description": "The All Supported Versions versions of GoldenGate installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory.\n\n - Vulnerability in Oracle GoldenGate (component: Install (Dell BSAFE Crypto-J)). The supported version that is affected is Prior to 19.1.0.0.0.210420. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle GoldenGate. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data. (CVE-2019-3740)\n\n - Security-in-Depth issue in Oracle GoldenGate (component: Install (jQuery)). This vulnerability cannot be exploited in the context of this product. (CVE-2020-11023) \n - Security-in-Depth issue in Oracle GoldenGate (component: General (Apache Batik)). This vulnerability cannot be exploited in the context of this product. (CVE-2020-11987)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-22T00:00:00", "type": "nessus", "title": "Oracle GoldenGate (Oct 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4969", "CVE-2012-6708", "CVE-2015-9251", "CVE-2018-10237", "CVE-2019-11358", "CVE-2019-17566", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11987", "CVE-2020-8908"], "modified": "2023-11-28T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:goldengate"], "id": "ORACLE_GOLDENGATE_CPU_OCT_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/154342", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154342);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/28\");\n\n script_cve_id(\n \"CVE-2011-4969\",\n \"CVE-2012-6708\",\n \"CVE-2015-9251\",\n \"CVE-2018-10237\",\n \"CVE-2019-3738\",\n \"CVE-2019-3739\",\n \"CVE-2019-3740\",\n \"CVE-2019-11358\",\n \"CVE-2019-17566\",\n \"CVE-2020-8908\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-11987\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Oracle GoldenGate (Oct 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The All Supported Versions versions of GoldenGate installed on the remote host are affected by multiple vulnerabilities\nas referenced in the October 2021 CPU advisory.\n\n - Vulnerability in Oracle GoldenGate (component: Install (Dell BSAFE Crypto-J)). The supported version that is\n affected is Prior to 19.1.0.0.0.210420. Easily exploitable vulnerability allows unauthenticated attacker with\n network access via Oracle Net to compromise Oracle GoldenGate. Successful attacks require human interaction\n from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized\n access to critical data or complete access to all Oracle GoldenGate accessible data. (CVE-2019-3740)\n\n - Security-in-Depth issue in Oracle GoldenGate (component: Install (jQuery)). This vulnerability cannot be\n exploited in the context of this product. (CVE-2020-11023)\n \n - Security-in-Depth issue in Oracle GoldenGate (component: General (Apache Batik)). This vulnerability cannot \n be exploited in the context of this product. (CVE-2020-11987)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuoct2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2021 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11987\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:goldengate\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_goldengate_installed.nbin\");\n script_require_keys(\"Oracle/GoldenGate/Installed\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_goldengate::get_app_info();\n\nvar constraints = [\n {\n 'min_version' : '19.1' ,\n 'fixed_version' : '19.1.0.0.211019',\n 'fixed_display' : '19.1.0.0.211019 (33376981 / 33376978 / 33376975 / 33376964)'\n }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-28T13:42:20", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7343 advisory.\n\n - jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n - rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-03T00:00:00", "type": "nessus", "title": "RHEL 7 : pcs (RHSA-2022:7343)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2020-11023", "CVE-2022-30123"], "modified": "2023-10-05T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:pcs", "p-cpe:/a:redhat:enterprise_linux:pcs-snmp"], "id": "REDHAT-RHSA-2022-7343.NASL", "href": "https://www.tenable.com/plugins/nessus/166903", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7343. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166903);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/05\");\n\n script_cve_id(\"CVE-2019-11358\", \"CVE-2022-30123\");\n script_xref(name:\"RHSA\", value:\"2022:7343\");\n script_xref(name:\"IAVA\", value:\"2020-A-0495\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 7 : pcs (RHSA-2022:7343)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:7343 advisory.\n\n - jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or\n property injection (CVE-2019-11358)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods\n (CVE-2020-11023)\n\n - rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-30123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1701972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2099524\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pcs and / or pcs-snmp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11358\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-30123\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 179);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcs-snmp\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pcs-0.9.169-3.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-0.9.169-3.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-0.9.169-3.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.9.169-3.el7_9.3', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.9.169-3.el7_9.3', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.9.169-3.el7_9.3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs / pcs-snmp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-30T15:36:51", "description": "Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.", "cvss3": {}, "published": "2020-05-28T00:00:00", "type": "nessus", "title": "Debian DSA-4693-1 : drupal7 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4693.NASL", "href": "https://www.tenable.com/plugins/nessus/136932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4693. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136932);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\");\n script_xref(name:\"DSA\", value:\"4693\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Debian DSA-4693-1 : drupal7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect\nor cross-site scripting.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4693\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the drupal7 packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 7.52-2+deb9u10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13662\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"drupal7\", reference:\"7.52-2+deb9u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:31:19", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4142 advisory.\n\n - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable\n __proto__ property, it could extend the native Object.prototype. (CVE-2019-11358)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\n - jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove <script> HTML tags that contain a whitespace character, i.e: </script >, which results in the enclosed script logic to be executed. (CVE-2020-7656)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : pcs (RLSA-2021:4142)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2020-11023", "CVE-2020-7656"], "modified": "2023-11-07T00:00:00", "cpe": ["cpe:/o:rocky:linux:8", "p-cpe:/a:rocky:linux:pcs", "p-cpe:/a:rocky:linux:pcs-snmp"], "id": "ROCKY_LINUX_RLSA-2021-4142.NASL", "href": "https://www.tenable.com/plugins/nessus/184665", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:4142.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184665);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\"CVE-2019-11358\", \"CVE-2020-7656\", \"CVE-2020-11023\");\n script_xref(name:\"IAVA\", value:\"2020-A-0495\");\n script_xref(name:\"RLSA\", value:\"2021:4142\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Rocky Linux 8 : pcs (RLSA-2021:4142)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:4142 advisory.\n\n - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true,\n {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable\n __proto__ property, it could extend the native Object.prototype. (CVE-2019-11358)\n\n - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option>\n elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods\n (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.\n (CVE-2020-11023)\n\n - jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to\n recognize and remove <script> HTML tags that contain a whitespace character, i.e: </script >, which\n results in the enclosed script logic to be executed. (CVE-2020-7656)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:4142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1290830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1432097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1678273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1690419\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1720221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1759995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1841019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1850119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1854238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1872378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1885293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1885302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1896458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1909901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1922996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1927384\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1927394\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1930886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1935594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1984901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1991654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1992668\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1998454\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pcs and / or pcs-snmp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'pcs-0.10.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-0.10.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs / pcs-snmp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-27T15:24:56", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4142 advisory.\n\n - jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n - jquery: Cross-site scripting (XSS) via <script> HTML tags containing whitespaces (CVE-2020-7656)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : pcs (RHSA-2021:4142)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2020-11023", "CVE-2020-7656"], "modified": "2023-11-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:pcs", "p-cpe:/a:redhat:enterprise_linux:pcs-snmp"], "id": "REDHAT-RHSA-2021-4142.NASL", "href": "https://www.tenable.com/plugins/nessus/155058", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4142. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155058);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/24\");\n\n script_cve_id(\"CVE-2019-11358\", \"CVE-2020-7656\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"RHSA\", value:\"2021:4142\");\n script_xref(name:\"IAVA\", value:\"2021-A-0194-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"RHEL 8 : pcs (RHSA-2021:4142)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4142 advisory.\n\n - jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or\n property injection (CVE-2019-11358)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods\n (CVE-2020-11023)\n\n - jquery: Cross-site scripting (XSS) via <script> HTML tags containing whitespaces (CVE-2020-7656)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-7656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1701972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850119\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected pcs and / or pcs-snmp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcs-snmp\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pcs-0.10.10-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.10-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'pcs-0.10.10-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.10-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs / pcs-snmp');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-10T15:29:53", "description": "The remote host is affected by the vulnerability described in GLSA-202007-03 (Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-03 : Cacti: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-14295"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:cacti", "p-cpe:/a:gentoo:linux:cacti-spine", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202007-03.NASL", "href": "https://www.tenable.com/plugins/nessus/138926", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-03.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138926);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-14295\");\n script_xref(name:\"GLSA\", value:\"202007-03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"GLSA-202007-03 : Cacti: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-03\n(Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Cacti users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-1.2.13'\n All Cacti Spine users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-spine-1.2.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/cacti\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\nif (qpkg_check(package:\"net-analyzer/cacti-spine\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cacti\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-23T05:30:36", "description": "The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6cad6e5003 advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-07-23T00:00:00", "type": "nessus", "title": "Fedora 37 : grpc (2023-6cad6e5003)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-32732"], "modified": "2023-07-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:37", "p-cpe:/a:fedoraproject:fedora:grpc"], "id": "FEDORA_2023-6CAD6E5003.NASL", "href": "https://www.tenable.com/plugins/nessus/178737", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2023-6cad6e5003\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(178737);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/23\");\n\n script_cve_id(\"CVE-2023-32732\");\n script_xref(name:\"FEDORA\", value:\"2023-6cad6e5003\");\n\n script_name(english:\"Fedora 37 : grpc (2023-6cad6e5003)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2023-6cad6e5003 advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy\n and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by\n the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in\n https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2023-6cad6e5003\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grpc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-32732\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/07/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:grpc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^37([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 37', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'grpc-1.48.4-8.fc37', 'release':'FC37', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grpc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-23T05:27:14", "description": "The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-15b3e80753 advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-07-23T00:00:00", "type": "nessus", "title": "Fedora 38 : grpc (2023-15b3e80753)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-32732"], "modified": "2023-07-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:38", "p-cpe:/a:fedoraproject:fedora:grpc"], "id": "FEDORA_2023-15B3E80753.NASL", "href": "https://www.tenable.com/plugins/nessus/178739", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2023-15b3e80753\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(178739);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/23\");\n\n script_cve_id(\"CVE-2023-32732\");\n script_xref(name:\"FEDORA\", value:\"2023-15b3e80753\");\n\n script_name(english:\"Fedora 38 : grpc (2023-15b3e80753)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2023-15b3e80753 advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy\n and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by\n the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in\n https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2023-15b3e80753\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grpc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-32732\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/07/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:38\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:grpc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^38([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 38', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'grpc-1.48.4-8.fc38', 'release':'FC38', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grpc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-10T15:31:15", "description": "Cacti developers reports :\n\nMultiple fixes for bundled jQuery to prevent code exec (CVE-2020-11022, CVE-2020-11023).\n\nPHPMail contains a escaping bug (CVE-2020-13625).\n\nSQL Injection via color.php in Cacti (CVE-2020-14295).", "cvss3": {}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:cacti", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_CD2DC126CFE411EA91724C72B94353B5.NASL", "href": "https://www.tenable.com/plugins/nessus/139112", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139112);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13625\",\n \"CVE-2020-14295\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Cacti developers reports :\n\nMultiple fixes for bundled jQuery to prevent code exec\n(CVE-2020-11022, CVE-2020-11023).\n\nPHPMail contains a escaping bug (CVE-2020-13625).\n\nSQL Injection via color.php in Cacti (CVE-2020-14295).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.cacti.net/release_notes.php?version=1.2.13\");\n # https://vuxml.freebsd.org/freebsd/cd2dc126-cfe4-11ea-9172-4c72b94353b5.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?785abf15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14295\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13625\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"cacti<1.2.13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:08:22", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-09-23T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-14333", "CVE-2020-8203"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm"], "id": "REDHAT-RHSA-2020-3807.NASL", "href": "https://www.tenable.com/plugins/nessus/140750", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3807. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140750);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2020-8203\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-14333\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3807\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n script_xref(name:\"IAVA\", value:\"2020-A-0324\");\n script_xref(name:\"IAVA\", value:\"2021-A-0032\");\n script_xref(name:\"IAVA\", value:\"2021-A-0196\");\n script_xref(name:\"IAVA\", value:\"2021-A-0035-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0347\");\n script_xref(name:\"IAVA\", value:\"2021-A-0194-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods\n (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1858184\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8203\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-ui-extensions-1.2.3-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.6.4-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-10T15:31:27", "description": "This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation failure when editing colors (CVE-2020-14295, boo#1173090)\n\n - Lack of escaping on template import can lead to XSS exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with fs.protected_hardlinks=0 (boo#1154087): handle directory permissions in file section instead of using chown during post installation\n\n - rewrote apache configuration to get rid of .htaccess files and explicitely disable directory permissions per default (only allow a limited, well-known set of directories)", "cvss3": {}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cacti", "p-cpe:/a:novell:opensuse:cacti-spine", "p-cpe:/a:novell:opensuse:cacti-spine-debuginfo", "p-cpe:/a:novell:opensuse:cacti-spine-debugsource", "cpe:/o:novell:opensuse:15.1", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1060.NASL", "href": "https://www.tenable.com/plugins/nessus/138985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1060.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138985);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-13625\",\n \"CVE-2020-14295\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation\n failure when editing colors (CVE-2020-14295,\n boo#1173090)\n\n - Lack of escaping on template import can lead to XSS\n exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with\n fs.protected_hardlinks=0 (boo#1154087): handle directory\n permissions in file section instead of using chown\n during post installation\n\n - rewrote apache configuration to get rid of .htaccess\n files and explicitely disable directory permissions per\n default (only allow a limited, well-known set of\n directories)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115436\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154087\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173090\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cacti / cacti-spine packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14295\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Cacti color filter authenticated SQLi to RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debuginfo-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debugsource-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debuginfo-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debugsource-1.2.13-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cacti-spine / cacti-spine-debuginfo / cacti-spine-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:08:56", "description": "- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-14T00:00:00", "type": "nessus", "title": "Fedora 32 : drupal7 (2020-0b32a59b54)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662", "CVE-2020-13663"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-0B32A59B54.NASL", "href": "https://www.tenable.com/plugins/nessus/140545", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-0b32a59b54.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140545);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\", \"CVE-2020-13663\");\n script_xref(name:\"FEDORA\", value:\"2020-0b32a59b54\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Fedora 32 : drupal7 (2020-0b32a59b54)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery -\n SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00\n 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site\n Scripting -\n SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00\n 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect -\n SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00\n 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-0b32a59b54\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13663\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"drupal7-7.72-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:13", "description": "The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2712 advisory.\n\n - An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. (CVE-2021-33813)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-07-20T00:00:00", "type": "nessus", "title": "Debian DLA-2712-1 : libjdom1-java - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33813"], "modified": "2022-04-22T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjdom1-java", "p-cpe:/a:debian:debian_linux:libjdom1-java-doc", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2712.NASL", "href": "https://www.tenable.com/plugins/nessus/151829", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2712. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151829);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/22\");\n\n script_cve_id(\"CVE-2021-33813\");\n script_xref(name:\"IAVA\", value:\"2022-A-0176\");\n\n script_name(english:\"Debian DLA-2712-1 : libjdom1-java - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2712\nadvisory.\n\n - An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a\n crafted HTTP request. (CVE-2021-33813)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-33813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/libjdom1-java\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the libjdom1-java packages.\n\nFor Debian 9 Stretch, these problems have been fixed in version 1.1.3-1+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-33813\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjdom1-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjdom1-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nrelease = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nrelease = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\npkgs = [\n {'release': '9.0', 'prefix': 'libjdom1-java', 'reference': '1.1.3-1+deb9u1'},\n {'release': '9.0', 'prefix': 'libjdom1-java-doc', 'reference': '1.1.3-1+deb9u1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n release = NULL;\n prefix = NULL;\n reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjdom1-java / libjdom1-java-doc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:31:23", "description": "The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8570e0055b advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Fedora 39 : grpc (2023-8570e0055b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-32732"], "modified": "2023-11-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:39", "p-cpe:/a:fedoraproject:fedora:grpc"], "id": "FEDORA_2023-8570E0055B.NASL", "href": "https://www.tenable.com/plugins/nessus/185231", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2023-8570e0055b\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(185231);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\"CVE-2023-32732\");\n script_xref(name:\"FEDORA\", value:\"2023-8570e0055b\");\n\n script_name(english:\"Fedora 39 : grpc (2023-8570e0055b)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the\nFEDORA-2023-8570e0055b advisory.\n\n - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy\n and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by\n the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in\n https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2023-8570e0055b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grpc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-32732\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:39\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:grpc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^39([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 39', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'grpc-1.48.4-20.fc39', 'release':'FC39', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grpc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2023-12-06T15:47:18", "description": "\n\nThe Apache Maven project reports:\n\nWe received a report from Jonathan Leitschuh about a vulnerability\n\t of custom repositories in dependency POMs. We've split this up\n\t into three separate issues:\n\nPossible Man-In-The-Middle-Attack due to custom repositories\n\t using HTTP.\n\n\t More and more repositories use HTTPS nowadays, but this\n\t hasn't always been the case. This means that Maven Central contains\n\t POMs with custom repositories that refer to a URL over HTTP. This\n\t makes downloads via such repository a target for a MITM attack. At\n\t the same time, developers are probably not aware that for some\n\t downloads an insecure URL is being used. Because uploaded POMs to\n\t Maven Central are immutable, a change for Maven was required. To\n\t solve this, we extended the mirror configuration with blocked\n\t parameter, and we added a new external:http:* mirror selector (like\n\t existing external:*), meaning \"any external URL using HTTP\".\n\n\t The decision was made to block such external HTTP repositories by default:\n\t this is done by providing a mirror in the conf/settings.xml blocking\n\t insecure HTTP external URLs.\nPossible Domain Hijacking due to custom repositories using abandoned\n\t domains\n\n\t Sonatype has analyzed which domains were abandoned and has claimed these\n\t domains.\nPossible hijacking of downloads by redirecting to custom repositories\n\n\t This one was the hardest to analyze and explain. The short story is:\n\t you're safe, dependencies are only downloaded from repositories within\n\t their context. So there are two main questions: what is the context and\n\t what is the order? The order is described on the Repository Order page.\n\t The first group of repositories are defined in the settings.xml (both user\n\t and global). The second group of repositories are based on inheritence,\n\t with ultimately the super POM containing the URL to Maven Central. The\n\t third group is the most complex one but is important to understand the\n\t term context: repositories from the effective POMs from the dependency\n\t path to the artifact. So if a dependency was defined by another dependency\n\t or by a Maven project, it will also include their repositories. In the end\n\t this is not a bug, but a design feature.\n\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-04-04T00:00:00", "type": "freebsd", "title": "Apache Maven -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13956", "CVE-2021-26291"], "modified": "2021-04-04T00:00:00", "id": "20006B5F-A0BC-11EB-8AE6-FC4DD43E2B6A", "href": "https://vuxml.freebsd.org/freebsd/20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "joomla": [{"lastseen": "2021-12-21T10:45:17", "description": "The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are \"[...] security issues in jQuery\u2019s DOM manipulation methods, as in .html(), .append(), and the others.\"\n", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-04-10T00:00:00", "type": "joomla", "title": "[20200604] - Core - XSS in jQuery.htmlPrefilter", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-06-02T00:00:00", "id": "JOOMLA-816", "href": "https://developer.joomla.org/security-centre/816-20200604-core-xss-in-jquery-htmlprefilter.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "hp": [{"lastseen": "2020-12-24T13:21:55", "description": "## Potential Security Impact\nCross-site Scripting (XSS)\n\n**Source:** HP, HP Product Security Response Team (PSRT) \n\n**Reported by:** The jQuery Foundation \n\n## VULNERABILITY SUMMARY\nA potential security vulnerability has been identified for certain HP printers and MFPs. In jQuery versions before 3.5.0, passing HTML from untrusted sources may execute untrusted code.\n\njQuery is a JavaScript library used to simplify website creation and execution. It is open source software used in many available websites.\n\n## RESOLUTION\nHP has provided firmware updates for potentially impacted printers for the products listed in the table below.\n\nTo obtain the updated firmware, go to the [HP Software site](<https://support.hp.com/drivers/>) and search for your printer model. \n\n> note:\n> \n> For firmware marked with *, please contact HP support to obtain the firmware update.\n\nProduct name\n\n| \n\nModel Numbers\n\n| \n\nFirmware Version \n \n---|---|--- \n \nHP Color LaserJet Enterprise Flow MFP M880z\n\nHP Color LaserJet Managed Flow MFP M880zm\n\n| \n\nD7P70A, A2W75A, A2W76A, D7P70A, D7P71A, L3U51A, L3U52A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M552\n\n| \n\nB5L23A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M553\n\nHP Color LaserJet Managed M553\n\n| \n\nB5L24A, B5L25A, B5L26A, BL27A, B5L38A, B5L39A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M651\n\nHP Color LaserJet Managed M651\n\n| \n\nCZ255A, CZ256A, CZ257A, H0DC9A, L8Z07A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M652\n\n| \n\nJ7Z98A, J7Z99A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M653\n\n| \n\nJ8A04A, J8A05A, J8A06A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M751\n\nHP Color LaserJet Managed E75245\n\n| \n\nT3U43A, T3U44A, T3U64A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M855\n\n| \n\nA2W77A, A2W78A, A2W79A, D7P72A, D7P73A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M856\n\nHP Color LaserJet Managed E85055\n\n| \n\nT3U51A, T3U52A, T3U66A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M577\n\nHP Color LaserJet Enterprise Flow MFP M577\n\n| \n\nB5L46A, B5L47A, B5L48A, B5L54A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M680\n\nHP Color LaserJet Enterprise Flow MFP M680\n\n| \n\nCZ248A, CZ249A, CZ250A, CA251A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M681\n\nHP Color LaserJet Enterprise Flow MFP M681\n\n| \n\nJ8A10A, J8A11A J8A12A, J8A13A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M682\n\nHP Color LaserJet Enterprise flow MFP M682\n\n| \n\nJ8A16A, J8A17A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M776\n\nHP Color LaserJet Enterprise Flow MFP M776\n\n| \n\nT3U55A, T3U56A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed E55040dw\n\n| \n\n3GX98A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed E65050/60\n\n| \n\nL3U55A, L3U56A, L3U57A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed Flow MFP E77822/25/30\n\n| \n\nX3A77A, X3A80A, X3A83A, Z8Z01A, Z8Z0A, Z8Z05A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E57540\n\nHP Color LaserJet Managed Flow MFP E57540\n\n| \n\n3GY25A, 3GY26A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E67550/60\n\nHP Color LaserJet Managed Flow MFP E67550/60\n\n| \n\nL3U66A, L3U67A, L3U69A, L3U70A,\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E67650/60\n\n| \n\n3GY31A, 3GY32A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E77422/28\n\n| \n\n5CM75A, 5CM76A, 5CM77A, 5CM78A, 5CM79A, 5RC91A, 5RC92A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E77822/25/30\n\n| \n\nX3A78A, X3A81A, X3A84A, Z8Z00A, Z8Z02A, Z8Z04A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E78223/28\n\n| \n\n8GS12A, 8GS13A, 8GS14A, 8GS15A, 8GS36A, 8GS37A, 8GS43A, 8GS44A, 8GS50A, 17F27AW, 19GSAW,\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E87640/50/60\n\nHP Color LaserJet Managed Flow MFP E87640/50/60\n\n| \n\nX3A86A, X3A87A, X3A89A, X3A90A, X3A92A, X3A93A, Z8Z12A, Z8Z13A, Z8Z14A, Z8Z15A, Z8Z16A, Z8Z17A, 5CM63A, 5CM64A, 5CM65A, 5CM66A, 5RC87A, 5FM80A, 5FM81A, 5FM82A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP M577\n\nHP Color LaserJet Managed Flow MFP M577\n\n| \n\nB5L49A, B5L50A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP M680\n\nHP Color LaserJet Managed Flow MFP M680\n\n| \n\nL3U47A, L3U48A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Digital Sender flow 8500 fn2 Document Capture Workstation\n\n| \n\nL2762A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 500 Color MFP M575\n\nHP LaserJet Enterprise Color Flow MFP M575\n\n| \n\nCD644A, CD645A, CD646A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 500 MFP M525f\n\nHP LaserJet Enterprise Flow MFP M525\n\n| \n\nCF116A, CF117A, CF118A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 700 Color MFP M775\n\nHP Color LaserJet Managed MFP M775\n\n| \n\nCF304A, CC522A, CC523A, CC524A, L3U49A, L3U50A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise Flow MFP M630\n\nHP LaserJet Managed Flow MFP M630\n\n| \n\nB3G86A, P7Z47A, L3U62A, P7Z48A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise Flow MFP M830\n\nHP LaserJet Managed Flow MFP M830\n\n| \n\nCF367A, L3U65A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M506\n\nHP LaserJet Managed M506\n\n| \n\nF2A68A, F2A69A, F2A70A, F2A71A, F2A66A, F2A67A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M507\n\nHP LaserJet Managed E50145\n\n| \n\n1PV86A, 1PV87A, 1PV88A, 1PV89A, 1PU51A, 1PU52A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M604\n\n| \n\nE6B67A, E6B68A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M605\n\nHP LaserJet Managed M605\n\n| \n\nE6B69A, E6B70A. E6B71A, L3U53A, L3U54A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M606\n\n| \n\nE6B72A, E6B73A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M607\n\n| \n\nK0Q14A, K0Q15A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M608\n\n| \n\nK0Q17A, K0Q18A, K0Q19A, M0P32A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M609\n\n| \n\nK0Q20A, K0Q21A, K0Q22A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M610\n\n| \n\n7PS81A, 7PS82A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M611\n\n| \n\n7PS83A, 7PS84A, 7PS85A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M612\n\n| \n\n7PS86A, 7PS87A, 7PS88A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M806\n\n| \n\nCZ244A, CZ245A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M527\n\nHP LaserJet Enterprise Flow MFP M527z\n\n| \n\nF2A76A, F2A77A, F2A78A, F2A81A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M528\n\nHP LaserJet Managed MFP E52645\n\n| \n\n1PV49A, 1PS54A, 1PS55A, 1PV64A, 1PV65A, 1PV66A, 1PV67A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M630\n\nHP LaserJet Managed MFP M630\n\n| \n\nB3G84A, B3G85A, J7X28A, L3U61A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M631\n\nHP LaserJet Enterprise Flow MFP M631\n\n| \n\nJ8J63A, J8J64A, J8J65A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M632\n\nHP LaserJet Enterprise Flow MFP M632\n\n| \n\nJ8J70A, J8J71A, J8J72A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M633\n\nHP LaserJet Enterprise Flow MFP M633\n\n| \n\nJ8J76A, J8J78A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M634\n\nHP LaserJet Enterprise Flow MFP M634\n\n| \n\n7PS94A, 7PS95A, 7PS96A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M635\n\nHP LaserJet Enterprise Flow MFP M635\n\n| \n\n7PS97A, 7PS98A, 7PS99A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M636\n\nHP LaserJet Enterprise Flow MFP M636\n\n| \n\n7PT00A, 7PT01A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M725\n\nHP LaserJet Managed MFP M725\n\n| \n\nCF066A, CF067A, CF068A, CF069A, L3U63A, L3U64A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed 500 Color MFP M575\n\nHP LaserJet Managed Color Flow MFP M575\n\n| \n\nL3U45a, L3U46A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed 500 MFP M525\n\nHP LaserJet Managed Flow MFP M525\n\n| \n\nL3U59A, L3U60A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed E50045\n\n| \n\n3GN19A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed E60055/65/75\n\n| \n\nM0P33A, M0P35A, M0P36A, M0P39A, M0P40A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E52545\n\nHP LaserJet Managed flow MFP E52545c\n\n| \n\n3GY19A, 3GY20A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E62555/65\n\nHP LaserJet Managed flow MFP E62555/65/75\n\n| \n\nJ8J66A, J8J67A, J8J73A, J8J74A, J8J79A, J8J80A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E62655/65\n\nHP LaserJet Managed Flow MFP E62675\n\n| \n\n3GY14A, 3GY15A, 3GY16A, 3GY17A, 3GY18A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E72425/30\n\n| \n\n5CM68A, 5CM69A, 5CM70A, 5CM71A, 5CM72A, 5RC89A, 5RC90A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E72525/30/35\n\nHP LaserJet Managed Flow MFP E72525/30/35\n\n| \n\nX3A59A, X3A60A, X3A62A, X3A63A, X3A65A, X3A66A, Z8Z06A, Z8Z07A, Z8Z08A, Z8Z09A, Z8Z010A, Z8Z011A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E82540/50/60\n\nHP LaserJet Managed Flow MFP E82540/50/60\n\n| \n\nX3A68A, X3A69A, X3A71A, X3A72A, X3A74A, X3A75A, X3A79A, X3A82A, Z8Z18A, Z8Z19, AZ8Z20A, Z8Z22A, Z8Z23A, 5CM59A, 5RC83A, 5CM58A, 5CM60A, 5RC84A, 5CM61A, 5RC85A, 5FM77A, 5FM78A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP M527\n\nHP LaserJet Managed Flow MFP M527z\n\n| \n\nF2A79A, F2A80A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP OfficeJet Enterprise Color MFP X585\n\nHP OfficeJet Managed Color MFP X585\n\n| \n\nB5L04A, B5L05A, L3U40A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP OfficeJet Enterprise Color X555\n\n| \n\nC2S11A, C2S12A, L1H45A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color 755\n\n| \n\n4PZ47A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color MFP 774\n\n| \n\n4PZ43A, 4PA44A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color MFP 779\n\n| \n\n4PZ45A, 4PZ46A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color 556\n\n| \n\nG1W46A, G1W46V, G1W47A, G1W47V\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color 765\n\n| \n\nJ7Z04A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color MFP 586\n\nHP PageWide Enterprise Color Flow MFP 586z\n\n| \n\nG1W39A, G1W40A, G1W41A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color E55650\n\n| \n\nL3U44A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color E75160\n\n| \n\nJ7Z06A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color Flow MFP E77660z\n\n| \n\nZ5G77A, J7Z03A, J7Z07A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP E58650dn\n\nHP PageWide Managed Color Flow MFP E58650z\n\n| \n\nL3U42A, L3U43A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP E77650\n\nHP PageWide Managed Color Flow MFP E77650/60z\n\n| \n\nJ7Z13A, Z5G79A, J7Z08A, J7Z14A, J7Z05A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP P77940/50/60\n\n| \n\nY3Z61A, Y3Z62A, Y3Z63A, Y3Z64A, Y3Z65A, Y3Z66A, Y3Z68A, 2GP22A, 2GP23A, 2GP25A, 2GP26A, 5ZN98A, 5ZN99A, 5ZP00A, 5ZP01A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color P75250\n\n| \n\nY3Z49A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP ScanJet Enterprise flow N9120 fn2 Document Scanner\n\n| \n\nL2763A\n\n| \n\nFS4: 4.11.01 (or higher)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-09-17T00:00: