Brecht Snijders

**Nome do Software Vulnerável e Versões Afetadas** DataDirect Connect for JDBC for Amazon Redshift versões até 6.0.0.001392 DataDirect Connect for JDBC for Apache Cassandra versões até 6.0.0.000805 DataDirect Connect for JDBC for Hive versões até 6.0.1.001499 DataDirect Connect for JDBC for Apache Impala versões até 6.0.0.001155 DataDirect Connect for JDBC for Apache SparkSQL versões até 6.0.1.001222 DataDirect Connect for JDBC Autonomous REST Connector versões até 6.0.1.006961 DataDirect Connect for JDBC for DB2 versões até 6.0.0.000717 DataDirect Connect for JDBC for Google Analytics 4 versões até 6.0.0.000454 DataDirect Connect for JDBC for Google BigQuery versões até 6.0.0.002279 DataDirect Connect for JDBC for Greenplum versões até 6.0.0.001712 DataDirect Connect for JDBC for Informix versões até 6.0.0.000690 DataDirect Connect for JDBC for Microsoft Dynamics 365 versões até 6.0.0.003161 DataDirect Connect for JDBC for Microsoft SQLServer versões até 6.0.0.001936 DataDirect Connect for JDBC for Microsoft Sharepoint versões até 6.0.0.001559 DataDirect Connect for JDBC for MongoDB versões até 6.1.0.001654 DataDirect Connect for JDBC for MySQL versões até 5.1.4.000330 DataDirect Connect for JDBC for Oracle Database versões até 6.0.0.001747 DataDirect Connect for JDBC for Oracle Eloqua versões até 6.0.0.001438 DataDirect Connect for JDBC for Oracle Sales Cloud versões até 6.0.0.001225 DataDirect Connect for JDBC for Oracle Service Cloud versões até 5.1.4.000298 DataDirect Connect for JDBC for PostgreSQL versões até 6.0.0.001843 DataDirect Connect for JDBC for Progress OpenEdge versões até 5.1.4.000187 DataDirect Connect for JDBC for Salesforce versões até 6.0.0.003020 DataDirect Connect for JDBC for SAP HANA versões até 6.0.0.000879 DataDirect Connect for JDBC for SAP S/4 HANA versões até 6.0.1.001818 DataDirect Connect for JDBC for Sybase ASE versões até 5.1.4.000161 DataDirect Connect for JDBC for Snowflake versões até 6.0.1.001821 DataDirect Hybrid Data Pipeline Server versões até 4.6.2.3309 DataDirect Hybrid Data Pipeline JDBC Driver versões até 4.6.2.0607 DataDirect Hybrid Data Pipeline On Premises Connector versões até 4.6.2.1223 DataDirect Hybrid Data Pipeline Docker versões até 4.6.2.3316 DataDirect OpenAccess JDBC Driver versões até 8.1.0.0177 DataDirect OpenAccess JDBC Driver versões até 9.0.0.0019 **Descrição** O software contém um problema de Controle Impróprio de Geração de Código, especificamente uma falha de Injeção de Código. A opção de conexão `SpyAttribute`, usada com o construto `log=(file)`, permite que um usuário especifique um arquivo arbitrário para que o driver JDBC grave informações de log. Se um aplicativo permitir que um usuário defina um valor para a opção de conexão `SpyAttributes`, um atacante poderia potencialmente gravar código JavaScript em um arquivo de log. Se este arquivo de log estiver localizado em um diretório acessível pelo servidor de aplicativos e tiver a extensão correta, o servidor pode interpretá-lo como um recurso a ser servido. Um atacante poderia então solicitar este recurso, levando à execução do código JavaScript injetado. **Recomendações** Para DataDirect Connect for JDBC for Amazon Redshift versões até 6.0.0.001392, atualize para a versão 6.0.0.001541. Para DataDirect Connect for JDBC for Apache Cassandra versões até 6.0.0.000805, atualize para a versão 6.0.0.000833. Para DataDirect Connect for JDBC for Hive versões até 6.0.1.001499, atualize para a versão 6.0.1.001628. Para DataDirect Connect for JDBC for Apache Impala versões até 6.0.0.001155, atualize para a versão 6.0.0.001279. Para DataDirect Connect for JDBC for Apache SparkSQL versões até 6.0.1.001222, atualize para a versão 6.0.1.001344. Para DataDirect Connect for JDBC Autonomous REST Connector versões até 6.0.1.006961, atualize para a versão 6.0.1.007063. Para DataDirect Connect for JDBC for DB2 versões até 6.0.0.000717, atualize para a versão 6.0.0.000964. Para DataDirect Connect for JDBC for Google Analytics 4 versões até 6.0.0.000454, atualize para a versão 6.0.0.000525. Para DataDirect Connect for JDBC for Google BigQuery versões até 6.0.0.002279, atualize para a versão 6.0.0.002410. Para DataDirect Connect for JDBC for Greenplum versões até 6.0.0.001712, atualize para a versão 6.0.0.001727. Para DataDirect Connect for JDBC for Informix versões até 6.0.0.000690, atualize para a versão 6.0.0.0851. Para DataDirect Connect for JDBC for Microsoft Dynamics 365 versões até 6.0.0.003161, atualize para a versão 6.0.0.3198. Para DataDirect Connect for JDBC for Microsoft SQLServer versões até 6.0.0.001936, atualize para a versão 6.0.0.001957. Para DataDirect Connect for JDBC for Microsoft Sharepoint versões até 6.0.0.001559, atualize para a versão 6.0.0.001587. Para DataDirect Connect for JDBC for MongoDB versões até 6.1.0.001654, atualize para a versão 6.1.0.001669. Para DataDirect Connect for JDBC for MySQL versões até 5.1.4.000330, atualize para a versão 5.1.4.000364. Para DataDirect Connect for JDBC for Oracle Database versões até 6.0.0.001747, atualize para a versão 6.0.0.001776. Para DataDirect Connect for JDBC for Oracle Eloqua versões até 6.0.0.001438, atualize para a versão 6.0.0.001458. Para DataDirect Connect for JDBC for Oracle Sales Cloud versões até 6.0.0.001225, atualize para a versão 6.0.0.001316. Para DataDirect Connect for JDBC for Oracle Service Cloud versões até 5.1.4.000298, atualize para a versão 5.1.4.000309. Para DataDirect Connect for JDBC for PostgreSQL versões até 6.0.0.001843, atualize para a versão 6.0.0.001856. Para DataDirect Connect for JDBC for Progress OpenEdge versões até 5.1.4.000187, atualize para a versão 5.1.4.000189. Para DataDirect Connect for JDBC for Salesforce versões até 6.0.0.003020, atualize para a versão 6.0.0.003125. Para DataDirect Connect for JDBC for SAP HANA versões até 6.0.0.000879, este produto foi descontinuado. Para DataDirect Connect for JDBC for SAP S/4 HANA versões até 6.0.1.001818, atualize para a versão 6.0.1.001858. Para DataDirect Connect for JDBC for Sybase ASE versões até 5.1.4.000161, atualize para a versão 5.1.4.000162. Para DataDirect Connect for JDBC for Snowflake versões até 6.0.1.001821, atualize para a versão 6.0.1.001856. Para DataDirect Hybrid Data Pipeline Server versões até 4.6.2.3309, atualize para a versão 4.6.2.3430. Para DataDirect Hybrid Data Pipeline JDBC Driver versões até 4.6.2.0607, atualize para a versão 4.6.2.1023. Para DataDirect Hybrid Data Pipeline On Premises Connector versões até 4.6.2.1223, atualize para a versão 4.6.2.1339. Para DataDirect Hybrid Data Pipeline Docker versões até 4.6.2.3316, atualize para a versão 4.6.2.3430. Para DataDirect OpenAccess JDBC Driver versões até 8.1.0.0177, atualize para a versão 8.1.0.0183. Para DataDirect OpenAccess JDBC Driver versões até 9.0.0.0019, atualize para a versão 9.0.0.0022.

**Name of the Vulnerable Software and Affected Versions** Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 Progress DataDirect Connect for JDBC for Hive versions through 6.0.1.001499 Progress DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155 Progress DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222 Progress DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961 Progress DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717 Progress DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454 Progress DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279 Progress DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712 Progress DataDirect Connect for JDBC for Informix versions through 6.0.0.000690 Progress DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161 Progress DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936 Progress DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559 Progress DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654 Progress DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330 Progress DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747 Progress DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438 Progress DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225 Progress DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298 Progress DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843 Progress DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187 Progress DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020 Progress DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879 Progress DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818 Progress DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161 Progress DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821 DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309 DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607 DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223 DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316 DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177 DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019 **Description** The software is susceptible to a code injection issue due to improper control of code generation. The `SpyAttribute` connection option allows an attacker to load and execute arbitrary classes on the class path if the application permits user-specified values for this option. This can lead to remote code inclusion. **Recommendations** Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392: Upgrade to version 6.0.0.001541 or later. Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805: Upgrade to version 6.0.0.000833 or later. Progress DataDirect Connect for JDBC for Hive versions through 6.0.1.001499: Upgrade to version 6.0.1.001628 or later. Progress DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155: Upgrade to version 6.0.0.001279 or later. Progress DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222: Upgrade to version 6.0.1.001344 or later. Progress DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961: Upgrade to version 6.0.1.007063 or later. Progress DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717: Upgrade to version 6.0.0.000964 or later. Progress DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454: Upgrade to version 6.0.0.000525 or later. Progress DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279: Upgrade to version 6.0.0.002410 or later. Progress DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712: Upgrade to version 6.0.0.001727 or later. Progress DataDirect Connect for JDBC for Informix versions through 6.0.0.000690: Upgrade to version 6.0.0.0851 or later. Progress DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161: Upgrade to version 6.0.0.3198 or later. Progress DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936: Upgrade to version 6.0.0.001957 or later. Progress DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559: Upgrade to version 6.0.0.001587 or later. Progress DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654: Upgrade to version 6.1.0.001669 or later. Progress DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330: Upgrade to version 5.1.4.000364 or later. Progress DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747: Upgrade to version 6.0.0.001776 or later. Progress DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438: Upgrade to version 6.0.0.001458 or later. Progress DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225: Upgrade to version 6.0.0.001316 or later. Progress DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298: Upgrade to version 5.1.4.000309 or later. Progress DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843: Upgrade to version 6.0.0.001856 or later. Progress DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187: Upgrade to version 5.1.4.000189 or later. Progress DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020: Upgrade to version 6.0.0.003125 or later. Progress DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879: This product is retired. Progress DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818: Upgrade to version 6.0.1.001858 or later. Progress DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161: Upgrade to version 5.1.4.000162 or later. Progress DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821: Upgrade to version 6.0.1.001856 or later. DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309: Upgrade to version 4.6.2.3430 or later. DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607: Upgrade to version 4.6.2.1023 or later. DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223: Upgrade to version 4.6.2.1339 or later. DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316: Upgrade to version 4.6.2.3430 or later. DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177: Upgrade to version 8.1.0.0183 or later. DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019: Upgrade to version 9.0.0.0022 or later.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered in RWS WorldServer where the /clientLogin endpoint deserializes Java objects without authentication, leading to command execution on the host. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the /clientLogin endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered that allows regular users to create users with the Administrator role via `UserWSUserManager`. This enables unauthorized elevation of privileges. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `UserWSUserManager` to prevent unauthorized user creation.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered that allows an authenticated, remote attacker to perform a blind SSRF attack using the `ws-legacy/load dtd?system id=` endpoint to deploy JSP code to the Apache Axis service running on the localhost interface, leading to command execution. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `ws-legacy/load dtd` endpoint until a patch is available. Avoid using the `system id` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered in RWS WorldServer where adding a token parameter with the value of `02` bypasses all authentication requirements. This allows arbitrary Java code to be uploaded and executed via a `.jar` archive to the "ws-api/v2/customizations/api" endpoint. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "ws-api/v2/customizations/api" endpoint until a patch is available. Avoid using the `token` parameter with the value of `02` in the affected API endpoint until the issue is resolved.

**Nome do software vulnerável e versões afetadas** Versões do ESET NOD32 Antivirus anteriores à 15.1.12.0 Versões do ESET Internet Security anteriores à 15.1.12.0 Versões do ESET Smart Security Premium anteriores à 15.1.12.0 Versões do ESET Endpoint Antivirus anteriores à 9.0.2046.0 Versões do ESET Endpoint Security anteriores à 9.0.2046.0 Versões do ESET Server Security para Microsoft Windows Server anteriores à 9.0.12012.0 Versão 8.0.12013.0 do ESET File Security para Microsoft Windows Server Versões do ESET Mail Security para Microsoft Exchange Server anteriores à 8.0.10020.0 ESET Mail Security para IBM Domino versões anteriores à 8.0.14011.0 ESET Security para Microsoft SharePoint Server versões anteriores à 8.0.15009.0 **Descrição** O problema está relacionado a uma vulnerabilidade de escalonamento de privilégios nos produtos ESET, que pode ser explorada devido ao tratamento incorreto de permissões ou privilégios insuficientes. Isso pode permitir que um invasor exclua arquivos arbitrários explorando os recursos “Reparar” e “Desinstalar”. **Recomendações** Para versões do ESET NOD32 Antivirus anteriores à 15.1.12.0, atualize para a versão 15.1.12.0 ou posterior. Para versões do ESET Internet Security anteriores à 15.1.12.0, atualize para a versão 15.1.12.0 ou posterior. Para versões do ESET Smart Security Premium anteriores à 15.1.12.0, atualize para a versão 15.1.12.0 ou posterior. Para versões do ESET Endpoint Antivirus anteriores à 9.0.2046.0, atualize para a versão 9.0.2046.0 ou posterior. Para versões do ESET Endpoint Security anteriores à 9.0.2046.0, atualize para a versão 9.0.2046.0 ou posterior. Para o ESET Server Secur