Read the original article: Vulnerability Summary for the Week of December 21, 2020
Original release date: December 28, 2020
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| abb — symphony_plus_historian | The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application. | 2020-12-22 | 7.5 | CVE-2020-24683 MISC |
| abb — symphony_plus_historian | In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process. | 2020-12-22 | 7.5 | CVE-2020-24675 MISC MISC |
| abb — symphony_plus_historian | In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability. | 2020-12-22 | 7.5 | CVE-2020-24673 MISC MISC |
| abb — symphony_plus_historian | A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted. | 2020-12-22 | 10 | CVE-2020-24679 MISC MISC |
| abb — symphony_plus_historian | In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines. | 2020-12-22 | 9 | CVE-2020-24674 MISC MISC |
| alumni_management_system_project — alumni_management_system | SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the ‘id’ parameter. | 2020-12-23 | 7.5 | CVE-2020-28070 MISC |
| apache — dolphinscheduler | In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database. | 2020-12-18 | 7.5 | CVE-2020-11974 MISC |
| bilanc — bilanc | An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities. | 2020-12-21 | 7.5 | CVE-2020-11717 MISC MISC FULLDISC |
| bilanc — bilanc | An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password. | 2020-12-23 | 7.5 | CVE-2020-11720 MISC FULLDISC |
| bouncycastle — legion-of-the-bouncy-castle-java-crytography-api | An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. | 2020-12-18 | 7.5 | CVE-2020-28052 MISC MISC MISC |
| crk — business_platform | CRK Business Platform <= 2019.1 allows can inject SQL statements against the DB on any path using the ‘strSessao’ parameter. | 2020-12-23 | 7.5 | CVE-2020-13968 MISC MISC |
| d-link — dsl2888a_firmware | An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user execute Operating System commands. | 2020-12-22 | 7.7 | CVE-2020-24581 MISC CONFIRM |
| dolibarr — dolibarr | Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilename_template parameter to admin/tools/dolibarr_export.php. | 2020-12-23 | 9 | CVE-2020-35136 MISC MISC MISC MISC |
| egavilanmedia — ecm_address_book | EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user. | 2020-12-21 | 7.5 | CVE-2020-35276 MISC MISC MISC |
| gohugo — hugo | Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go’s `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%PATH%` on Windows. In Hugo before version 0.79.1, if a malicious file with the same name (`exe` or `bat`) is found in the current […] Read the original article: Vulnerability Summary for the Week of December 21, 2020
Post navigation |