PT-2023-24367 · Ibermatica · Ibermatica Rps

Name of the Vulnerable Software and Affected Versions: IBERMATICA RPS version 2019 Description: A cryptographic issue has been found, allowing an attacker to download a log file and retrieve SQL queries sent to the application in plain text. The log file contains password hashes coded with the...

Fedora 37 : firecracker / rust-aes-gcm (2023-bc40c7995e)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-bc40c7995e advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...

ABB RTU500 and AFS Series OpenSSL Bleichenbacher Style Attack (CVE-2022-4304)

A vulnerability exists in the OpenSSL that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.15 12.2.1 – 12.2.12 12.4.1 – 12.4.12 12.6.1 – 12.6.9 12.7.1 – 12.7.6 13.2.1 – 13.2.6 13.3.1 – 13.3.3 13.4.2 A timing based side chann...

ABB RTU500 Series Buffer Overflow in embedded OpenSSL (CVE-2021-3711)

A vulnerability exists in the OpenSSL Version 1.0.2 that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.14 12.2.1 – 12.2.11 12.4.1 – 12.4.11 12.6.1 – 12.6.8 12.7.1 – 12.7.5 13.2.1 – 13.2.5 13.3.1 – 13.3.3 13.4.1 In order to...

Amazon Linux 2 : ansible (ALASANSIBLE2-2023-008)

The version of ansible installed on the remote host is prior to 2.9.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-008 advisory. A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6...

SUSE CVE-2023-42811

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

Security Bulletin: IBM Event Streams is affected by multiple openssl vulnerabilities

Summary Openssl is used by IBM Event Streams as part of the Operating System CVE-2022-4304, CVE-2023-0215, CVE-2023-0286. This is a library that provides secure communication. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...

PT-2024-1598 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge...

Important: ansible

Issue Overview: A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker cou...

SUSE SLES15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-2 advisory. - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data Data Amplification vulnerability in Servers an...

Siemens LOGO! 8 BM Improper Handling of Extra Values (CVE-2019-10920)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...

Improper Input Validation

github.com/hashicorp/vault is vulnerable to Improper Input Validation. The vulnerability is due to the transit secrets engine which allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. This could allow an attacker to potentially decrypt arbitrary...

Spoofing

UNSUPPPORTED WHEN ASSIGNED Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions...

CVE-2022-47557

CVE-2022-47557 affects Ormazabal ekorCCP and ekorRCI. A vulnerability could allow an attacker with local network access to decrypt privileged-user credentials and subsequently gain access to the system to perform malicious actions. The provided sources describe the impact (credential decryption a...

PT-2023-15399 · Ekorccp +1 · Ekorccp +1

Name of the Vulnerable Software and Affected Versions: ekorCCP and ekorRCI affected versions not specified Description: The issue allows an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to...

Design/Logic Flaw

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the...

CVE-2023-4680 Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption

HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the...

CVE-2023-4680

CVE-2023-4680 affects HashiCorp Vault/Vault Enterprise transit secrets engine. The vulnerability allows an authorized user to specify arbitrary nonces, even when convergent encryption is disabled. The encrypt endpoint, with an offline attack, could decrypt arbitrary ciphertext and potentially der...

Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign

A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the...

Fedora 37 : cjose (2023-cf01e05114)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cf01e05114 advisory. Security fix for CVE-2023-37464 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...