Here are the CVE updates for the week of November 11th through the 17th.
Critical Severity Vulnerabilities
Palo Alto Networks Expedition OS Command Injection Vulnerability | CVE-2024-9463: An OS Command Injection vulnerability has been discovered in Palo Alto Networks Expedition, a tool used for managing and migrating firewall configurations. This flaw enables unauthenticated attackers to execute arbitrary operating system commands as the root user on the Expedition system.
Palo Alto Networks Expedition SQL Injection Vulnerability | CVE-2024-9465: An SQL Injection vulnerability exists in Palo Alto Networks Expedition, a migration and optimization tool for network configurations. This flaw allows unauthenticated attackers to compromise the Expedition database, exposing sensitive information such as password hashes, usernames, device configurations, and API keys. Additionally, the attacker could potentially create and read arbitrary files on the system, broadening the attack surface.
High Severity Vulnerabilities
GeoJSON URL validation can expose server files and environment variables to unauthorized users | CVE-2021-41277: is a vulnerability found in Metabase, an open-source data analytics platform. This issue affects versions that support custom GeoJSON maps through the path admin -> settings -> maps -> custom maps -> add a map. The vulnerability stems from the lack of URL validation when loading custom maps, allowing potential local file inclusion (LFI), which could expose sensitive files, including environment variables.
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability | CVE-2024-49039: is an Elevation of Privilege (EoP) vulnerability in the Microsoft Windows Task Scheduler, with a CVSSv3 score of 8.8, rated as important. This vulnerability allows an attacker with local access to the system to execute a specially crafted application, which can elevate their privileges on the affected system. Successful exploitation grants the attacker access to restricted resources and enables them to execute code, including Remote Procedure Call (RPC) functions, effectively allowing control over certain aspects of the system.
Active Directory Certificate Services Elevation of Privilege Vulnerability | CVE-2024-49019: is a critical vulnerability identified in the Job Recruitment 1.0 application by Code-Projects. This vulnerability affects the file /activation.php through the manipulation of the e_hash parameter, which is vulnerable to SQL injection. Attackers can exploit this flaw remotely, potentially allowing unauthorized access to the application’s database. Given that the exploit is public, there is an elevated risk for sites using this version of Job Recruitment 1.0, making it critical to apply security patches or mitigations to prevent exploitation.
Medium Severity Vulnerabilities
Atlassian Jira Server and Data Center Path Traversal Vulnerability | CVE-2021-26086: is a critical vulnerability identified in the Job Recruitment 1.0 application by Code-Projects. This vulnerability affects the file /activation.php through the manipulation of the e_hash parameter, which is vulnerable to SQL injection. Attackers can exploit this flaw remotely, potentially allowing unauthorized access to the application’s database. Given that the exploit is public, there is an elevated risk for sites using this version of Job Recruitment 1.0, making it critical to apply security patches or mitigations to prevent exploitation.
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability | CVE-2014-2120: is a cross-site scripting (XSS) vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML into the login page via an unspecified parameter, potentially impacting the security of user sessions and exposing sensitive information. Cisco has identified this issue under Bug ID CSCun19025. Exploiting this vulnerability could allow attackers to execute malicious scripts in the context of users’ browsers, leading to unauthorized actions or data exposure.
Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability | CVE-2024-43451: is a critical vulnerability identified in the Job Recruitment 1.0 application by Code-Projects. This vulnerability affects the file /activation.php through the manipulation of the e_hash parameter, which is vulnerable to SQL injection. Attackers can exploit this flaw remotely, potentially allowing unauthorized access to the application’s database. Given that the exploit is public, there is an elevated risk for sites using this version of Job Recruitment 1.0, making it critical to apply security patches or mitigations to prevent exploitation
Code-projects Job Recruitment activation.php sql injection | CVE-2024-11076: is a critical vulnerability identified in the Job Recruitment 1.0 application by Code-Projects. This vulnerability affects the file /activation.php through the manipulation of the e_hash parameter, which is vulnerable to SQL injection. Attackers can exploit this flaw remotely, potentially allowing unauthorized access to the application’s database. Given that the exploit is public, there is an elevated risk for sites using this version of Job Recruitment 1.0, making it critical to apply security patches or mitigations to prevent exploitation.
Sanluan PublicCMS Tag Type save cross-site scripting | CVE-2024-11070: is a vulnerability rated as problematic in Sanluan PublicCMS 5.202406.d. This issue resides in the Tag Type Handler component within the /admin/cmsTagType/save endpoint, where improper handling of the name parameter can lead to a cross-site scripting (XSS) vulnerability. This flaw allows attackers to remotely inject malicious scripts, which could be executed in the context of other users, potentially compromising user sessions or leading to unauthorized actions. With the exploit publicly available, it’s recommended for administrators to implement input validation and update the software to address this vulnerability.