Message Boards Message Boards


Security Vulnerabilities Notification

Security Vulnerabilities Notification
30 August 2021 1:11
Dear CREODIAS User, 
In the Security section customers will find information about latest and most critical security vulnerabilities, published in the last month by the SANS Institute ( Security vulnerabilities in software and hardware are very often used by cyber criminals to attack IT infrastructure and steal or destroy company's data, that is why companies are advice to fix those vulnerabilities as soon as possible.  

ID: CVE-2021-27198  
Title: Remote Code Execution Vulnerability in VisualWare
Vendor: Visualware Description: An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system.  

ID: CVE-2021-21344 
Title: Arbitrary Code Execution in XStream Library 
Vendor: XStream_project  
Description: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.  

ID: CVE-2021-35211 
Title: Remote Code Execution Vulnerability in SolarWind’s Serv-U 
Vendor: Solarwinds  
Description: Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.   

TitleImproper Access Control Vulnerability in Rancher 
Vendor: Rancher 
Description: An Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16.  

TitleRemote Desktop Client Remote Code Execution Vulnerability 
Vendor: Microsoft 
Description: This vulnerability occurs in the client, not in the server. For exploitation to occur, victims would need to be lured to a server controlled by an attacker or be exposed to a malicious program in a guest virtual machine. On Hyper-V servers, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer.  

TitleRemote Code Execution Vulnerability in Lucee Server  
Vendor: Lucee 
Description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development. In Lucee Admin before versions, or there is an unauthenticated remote code exploit. This is fixed in versions, or As a workaround, one can block access to the Lucee Administrator.  

TitleDeserialization Vulnerability in Apache OFBiz Vendor: Apache  
Description: Apache OFBiz has unsafe deserialization prior to 17.12.07 version. An unauthenticated user can perform an RCE attack   

Best regards, 
0 (0 Votes)