ASPECT®-Enterprise Security Vulnerabilities

HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

CVE-2024-5798

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

CVE-2024-5798

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

CVE-2024-5798 Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

CVE-2024-5798 Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have...

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as a zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an...

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges....

CVE-2024-3183

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user.....

CVE-2024-2698

A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service...

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known. "The state actor behind this campaign was already....

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month....

SUSE: Security Advisory (SUSE-SU-2024:1985-1)

The remote host is missing an update for...

RHEL 8 / 9 : OpenShift Container Platform 4.12.59 (RHSA-2024:3715)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3715 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

RHEL 9 : buildah (RHSA-2024:3827)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3827 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

RHEL 9 : rpm-ostree (RHSA-2024:3823)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3823 advisory. The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be...

Oracle Linux 9 : podman (ELSA-2024-3826)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3826 advisory. [4.9.4-4.0.1] - Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655] - Add devices on container startup, not on creation.....

RHEL 8 : kernel (RHSA-2024:3810)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2024:1973-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1973-1 advisory. - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content- ...

Oracle Linux 9 : c-ares (ELSA-2024-3842)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3842 advisory. [1.19.1-2] - Resolves: RHEL-26529 - Out of bounds read in ares__read_line() [rhel-9] Tenable has extracted the preceding description block directly from the...

Microsoft Office 365 (2016 Click-to-Run) Remote Code Execution Vulnerability (June 2024)

This host is missing a critical security update according to Microsoft Office Click-to-Run update June...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1983-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

SUSE: Security Advisory (SUSE-SU-2024:1987-1)

The remote host is missing an update for...

RHEL 9 : 389-ds-base (RHSA-2024:3837)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3837 advisory. 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol...

Unbreakable Enterprise kernel security update

[5.15.0-207.156.6] - uek-container: Add advanced routing options (Boris Ostrovsky) [Orabug: 36691279] - slub: use count_partial_free_approx() in slab_out_of_memory() (Jianfeng Wang) [Orabug: 36655468] - slub: introduce count_partial_free_approx() (Jianfeng Wang) [Orabug: 36655468] - Revert...

SUSE: Security Advisory (SUSE-SU-2024:1975-1)

The remote host is missing an update for...

Oracle Linux 9 : buildah (ELSA-2024-3827)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3827 advisory. [1.33.7-2.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [2:1.33.7-2] - update to the latest content of...

RHEL 9 : libreoffice (RHSA-2024:3835)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3835 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

RHEL 9 : gdk-pixbuf2 (RHSA-2024:3834)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3834 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2024:1986-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1986-1 advisory. - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content- ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : unbound (SUSE-SU-2024:1991-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1991-1 advisory. unbound was updated to 1.20.0: * A lot of bugfixes and added features. For a complete list...

RHEL 9 : containernetworking-plugins (RHSA-2024:3831)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3831 advisory. The Container Network Interface (CNI) project consists of a specification and libraries for writing plug- ins for configuring network interfaces...

SUSE: Security Advisory (SUSE-SU-2024:1973-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:1986-1)

The remote host is missing an update for...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : skopeo (SUSE-SU-2024:1987-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1987-1 advisory. - Update to version 1.14.4: - CVE-2024-3727: Fixed a vulnerability that allows attackers to...

RHEL 9 : cockpit (RHSA-2024:3843)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3843 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports,...

Oracle Linux 9 : libreoffice (ELSA-2024-3835)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3835 advisory. - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols - Resolves: rhbz#2210193 CVE-2023-0950 Array Index...

SUSE SLES15 / openSUSE 15 Security Update : mariadb (SUSE-SU-2024:1985-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1985-1 advisory. - CVE-2024-21096: Fixed mysqldump unspecified vulnerability (bsc#1225983). - CVE-2023-22084: Fixed a vulnerability...

RHEL 9 : gvisor-tap-vsock (RHSA-2024:3830)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3830 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...

RHEL 8 : tomcat (RHSA-2024:3814)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3814 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * Apache Tomcat:...

Oracle Linux 9 : 389-ds-base (ELSA-2024-3837)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3837 advisory. [2.4.5-8] - Bump version to 2.4.5-8 - Fix License tag [2.4.5-7] - Bump version to 2.4.5-7 - Resolves: RHEL-34819 - redhat-ds:11/389-ds-base: Malformed...

RHEL 8 : fence-agents (RHSA-2024:3811)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3811 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

RHEL 9 : fence-agents (RHSA-2024:3820)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3820 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

RHEL 9 : ruby (RHSA-2024:3838)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3838 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RHEL 8 : kernel (RHSA-2024:3859)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3859 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SEV-ES / SEV-SNP...

RHEL 9 : kernel-rt (RHSA-2024:3854)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3854 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

RHEL 9 : python-idna (RHSA-2024:3846)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3846 advisory. The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture (HSA) Linux kernel driver (amdkfd). Security Fix(es): *...

Oracle Linux 9 : gdk-pixbuf2 (ELSA-2024-3834)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3834 advisory. - Backport fixes for CVE-2022-48622 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has.....

Oracle Linux 9 : fence-agents (ELSA-2024-3820)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3820 advisory. - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE: Security Advisory (SUSE-SU-2024:1978-1)

The remote host is missing an update for...