Jang

**Name of the Vulnerable Software and Affected Versions** Inductive Automation Ignition (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. The specific flaw exists within the `downloadLaunchClientJar` function, which lacks validation of a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user. User interaction is required to exploit this vulnerability, as the target must connect to a malicious server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server versions prior to 16.0.10399.20005 **Description** This issue is an elevation of privilege vulnerability in Microsoft SharePoint Server that allows attackers to affect the system. The vulnerability enables remote attackers to gain administrator privileges by circumventing authentication using spoofed JWT auth tokens. This flaw is actively exploited and has been observed in attacks, with reports of successful exploitation attempts. The vulnerability has been exploited in conjunction with other flaws to enable remote code execution. Approximately 2500 internet-connected SharePoint servers globally are estimated to be vulnerable, with around 650 located in Russia. The vulnerability is tracked as CVE-2023-29357. Exploitation involves targeting the `/api/web/siteusers` endpoint. **Recommendations** Update Microsoft SharePoint Server to version 16.0.10399.20005 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server (affected versions not specified) **Description** The issue is related to a remote code execution vulnerability in Microsoft SharePoint Server. This vulnerability allows an authenticated attacker with Site Owner privileges to execute arbitrary code. The vulnerability is being actively exploited in the wild. According to some sources, over 43,658 targets related to this vulnerability were discovered using ZoomEye. The vulnerability can be exploited together with another issue to bypass authentication and use the SharePoint API with administrator privileges. A public exploit is available that uses both vulnerabilities. **Recommendations** As a temporary workaround, consider disabling the vulnerable functionality until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Apply the patch released by Microsoft in May 2023 to the latest secure version. Federal agencies must apply fixes by April 16, 2024. At the moment, there is no information about a newer version that contains a fix for this vulnerability, but it is recommended to update to the latest secure version.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to incorrect code generation management in Microsoft Exchange Server, allowing a remote attacker to execute arbitrary code by sending a specially crafted request. This can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Oracle WebLogic Server, versões 10.3.6.0.0 a 12.2.1.4.0 **Descrição** O problema está relacionado ao componente Core do Oracle WebLogic Server e é causado por um controle de acesso inadequado. Ele permite que um invasor não autenticado com acesso à rede via protocolos IIOP e T3 comprometa o servidor. Ataques bem-sucedidos podem resultar na tomada de controle do Oracle WebLogic Server. A vulnerabilidade é facilmente explorável e já foi explorada na prática. Estima-se que mais de 300 servidores vulneráveis possam ser explorados, levando a graves ameaças à segurança. **Recomendações** Para as versões 10.3.6.0.0 a 12.2.1.4.0, atualize para uma versão que inclua a correção para este problema, conforme fornecido na Atualização de Patches Críticos de abril de 2020 da Oracle. Como solução alternativa temporária, considere restringir o acesso ao protocolo T3 para minimizar o risco de exploração. Além disso, desativar a desserialização de dados não confiáveis no protocolo T3 pode ajudar a mitigar o problema até que um patch seja aplicado.

**Nome do software vulnerável e versões afetadas** Oracle WebLogic Server, versões 10.3.6.0.0 a 12.2.1.4.0 **Descrição** O problema está relacionado a um controle de acesso insuficiente no componente Core do Oracle WebLogic Server, permitindo que um invasor não autenticado com acesso à rede via protocolos IIOP e T3 comprometa o servidor. Ataques bem-sucedidos podem resultar na tomada de controle do Oracle WebLogic Server. **Recomendações** Para as versões 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 e 12.2.1.4.0, atualize para uma versão que inclua a correção para este problema. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.