Jeremy Choi

**Name of the Vulnerable Software and Affected Versions** Red Hat Advanced Cluster Security (RHACS) (affected versions not specified) **Description** The issue is related to missing security-related HTTP headers in Red Hat Advanced Cluster Security (RHACS), which could allow an attacker to perform a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page that deceptively points to valid RHACS endpoints, potentially hijacking the user's account permissions to perform other actions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Versões do AMQ Online anteriores à 1.5.2 Versões do Enmasse de 0.31.0-rc1 a 0.32.2 **Descrição** Foi descoberta uma vulnerabilidade de falsificação de solicitação entre sites (CSRF), que pode ser explorada quando as verificações prévias não são realizadas ou são contornadas. Isso pode afetar usuários autorizados que utilizam navegadores mais antigos com o Adobe Flash quando alvo de um invasor. **Recomendações** Para versões do AMQ Online anteriores à 1.5.2, atualize para a versão 1.5.2 ou posterior para resolver o problema. Para as versões do Enmasse 0.31.0-rc1 a 0.32.2, atualize para a versão 0.32.2 ou posterior para resolver o problema. Como solução alternativa temporária, considere desativar o Adobe Flash em navegadores mais antigos para minimizar o risco de exploração.

**Name of the Vulnerable Software and Affected Versions** OpenShift Enterprise version 1.2 **Description** A CSRF issue was found in the web console, which uses 'Basic authentication', and the REST API lacks a CSRF attack protection mechanism. This allows an attacker to obtain credentials and the Authorization: header when requesting the REST API via a web browser. **Recommendations** For OpenShift Enterprise version 1.2, consider implementing a CSRF attack protection mechanism for the REST API to prevent unauthorized access. As a temporary workaround, restrict access to the REST API to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Openshift (affected versions not specified) **Description** The issue is related to shell command injection flaws in Openshift, caused by unsanitized data being passed into shell commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rubygem-openshift-origin-controller versions (affected versions not specified) **Description** The issue allows the API to be used for creating applications via cartridge cache.rb, where the `URI.prase()` function can be exploited to perform command injection. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenShift (affected versions not specified) **Description** The issue concerns a problem where the OpenShift cartridge allows remote URL retrieval. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Syndesis (affected versions not specified) **Description** The issue is related to the configuration of Syndesis, specifically with Cross-Origin Resource Sharing (CORS) set to allow all origins, which could be exploited by an attacker to conduct phishing attacks and gain unauthorized access to information. Additionally, there is a vulnerability related to insufficient input validation, which could allow an attacker to obtain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Perl Crypt::JWT versions prior to 0.023 Description: The issue allows attackers to bypass authentication by providing a crafted token using the hmac() function. This is due to incorrect access control in the JWT.pm component, specifically at line 614. The attack vector is through network connectivity. Recommendations: For versions prior to 0.023, update to a version after commit b98a59b42ded9f9e51b2560410106207c2152d6c to resolve the issue. As a temporary workaround, consider restricting network connectivity to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** JBoss BPM Suite 6 **Description** The issue allows remote attackers to perform a reflected XSS attack via dashbuilder. This can be achieved by enticing authenticated users, typically admins, to click on malicious links to the /dashbuilder/Controller endpoint, which contains malicious scripts. Successful exploitation enables the execution of script code within the context of the affected user. **Recommendations** For JBoss BPM Suite 6, consider disabling access to the /dashbuilder/Controller endpoint until a fix is available, or restrict access to dashbuilder to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** elog version 3.1.1 **Description** The issue allows remote attackers to post data as any username in the logbook. **Recommendations** For elog version 3.1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat JBoss BRMS and BPMS version 6 **Description** A cross-site request forgery issue allows remote attackers to hijack user authentication for requests that modify instances via a crafted web page. **Recommendations** For Red Hat JBoss BRMS and BPMS version 6, consider implementing proper CSRF token validation to prevent unauthorized requests. As a temporary workaround, restrict access to sensitive operations that modify instances until a proper fix is applied.

**Name of the Vulnerable Software and Affected Versions** Red Hat JBoss Operations Network (JON) versions prior to 3.3.7 **Description** The issue concerns the web console in Red Hat JBoss Operations Network (JON) that does not properly authorize requests to add users with the super user role. This allows remote authenticated users to gain admin privileges via a crafted POST request to an unspecified API endpoint. **Recommendations** For versions prior to 3.3.7, update to version 3.3.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Red Hat JBoss BPM Suite version 6.3.2 **Description** The issue concerns the dashbuilder component in Red Hat JBoss BPM Suite, which fails to properly handle CSRF tokens. This allows remote attackers to bypass CSRF protection mechanisms or conduct cross-site request forgery attacks by obtaining an old token. **Recommendations** For Red Hat JBoss BPM Suite version 6.3.2, consider disabling the dashbuilder component until a patch is available to prevent potential CSRF attacks. Restrict access to sensitive operations that rely on CSRF protection to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Red Hat JBoss BPM Suite version 6.3.2 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the admin pages of dashbuilder. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Red Hat JBoss BPM Suite version 6.3.2, update to a version that includes the fix for the XSS vulnerabilities in the admin pages of dashbuilder.

**Name of the Vulnerable Software and Affected Versions** Red Hat JBoss BPM Suite version 6.3.x **Description** The issue makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies, as the HTTPOnly flag is not included in a Set-Cookie header for session cookies. **Recommendations** For Red Hat JBoss BPM Suite version 6.3.x, consider configuring the application to include the HTTPOnly flag in Set-Cookie headers for session cookies to prevent script access.

**Name of the Vulnerable Software and Affected Versions** Foreman versions prior to 1.4.2 **Description** The issue allows remote attackers to hijack web sessions. This is achieved via the session id cookie. **Recommendations** For versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and sessions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Foreman versions 1.4.x through 1.4.1 **Description** A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name when adding a bookmark. **Recommendations** For Foreman versions 1.4.x through 1.4.1, update to version 1.4.2 to resolve the issue.