Jun 15, 2021

4 alerts on Pivotal Software, Vmware

References changed for 4 CVE found at Pivotal software and VMware today. All of them are released by Oracle.


 [*] Searching cve-[['2021-22112', '2020-5413', '2019-3773', '2020-5407']] vulnerability definitions within Kenna.VI+....


[ CVE Description ]
 [*] CVE_ID : CVE-2021-22112
 [_] Desc   : Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

 [_] C:2021-01-04 / P:2021-02-23 / L:2021-06-14
 [*] Vuln Risk           : 31.4038
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/0.0030% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [1]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 9.0 / 8.8 ]

 [_] Vuln Products  : [2]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2020-5413
 [_] Desc   : Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious code for execution during deserialization. In order to protect against this type of attack, Kryo can be configured to require a set of trusted classes for (de)serialization. Spring Integration should be proactive against blocking unknown "deserialization gadgets" when configuring Kryo in code.

 [_] C:2020-01-03 / P:2020-07-31 / L:2021-06-14
 [*] Vuln Risk           : 33.0384
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/0.0297% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [0]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.5 / 9.8 ]

 [_] Vuln Products  : [2]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2019-3773
 [_] Desc   : Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

 [_] C:2019-01-21 / P:2019-01-18 / L:2021-06-14
 [*] Vuln Risk           : 32.5156
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/0.0463% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [0]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 7.5 / 9.8 ]

 [_] Vuln Products  : [2]

[ CVE Malware Family Info : None ]


[ CVE Description ]
 [*] CVE_ID : CVE-2020-5407
 [_] Desc   : Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an arbitrary assertion that Spring Security will accept as valid.

 [_] C:2020-01-03 / P:2020-05-13 / L:2021-06-14
 [*] Vuln Risk           : 27.5046
 [*] Exploited [trend]   : 0 [holding]
 [_] Exploit/likehood    : False/0.0117% confidence

 [*] Malware sample : 0
 [*] Exploits/POC   : [0]
 [_] Fixes          : [0]
 [_] Threat Actors  : [0]
 [_] CVSS2 / CVSS3  : [ 6.5 / 8.8 ]

 [_] Vuln Products  : [1]

[ CVE Malware Family Info : None ]

[ High_Profile_Vulnerability ]
 [!!!]   CVE-2021-22112 (31.4038) : []
 [!!!]    CVE-2020-5413 (33.0384) : []
 [!!!]    CVE-2019-3773 (32.5156) : []
 [!!!]    CVE-2020-5407 (27.5046) : []


 ** [5] threads completed [8 tasks] / [8.59 KB] within [10.65 sec].