Monthly Archive: November 2019

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. Date published : 2019-11-26 https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb_120

Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. Date published...

An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder. Date published : 2019-11-26 https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#TSB-351

Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1. Date published : 2019-11-26 https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_vp4_q2x_thb https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hadoop

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges. Date published...

BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of...

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to...

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information...

An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet. Date...

The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName. Date published : 2019-11-26 https://cybersecurityworks.com/zerodays/cve-2019-19306-zoho.html https://github.com/cybersecurityworks/Disclosed/issues/16

typed_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the...

typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the...

Dolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture. Date published : 2019-11-26 https://medium.com/@k43p/cve-2019-19206-stored-xss-due-to-javascript-execution-in-an-svg-file-ee1d038fba76 https://www.dolibarr.org/forum/dolibarr-changelogs

Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11, allows Remote Stored XSS via an attachment name. Date published : 2019-11-26 https://afterlogic.com Vulnerability closed in WebMail and Aurora: Remote Stored XSS in attachment’s name