Paolo Caminati

**Nome do software vulnerável e versões afetadas** Versões do BeyondInsight anteriores à 23.2 **Descrição** A falha permite que sejam enviadas solicitações arbitrárias do lado do servidor por meio de conectores baseados em HTTP no BeyondInsight, resultando em uma vulnerabilidade de falsificação de solicitação do lado do servidor. Isso possibilita ações não autorizadas no servidor. **Recomendações** Para versões anteriores à 23.2, atualize para a versão 23.2 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o acesso a conectores baseados em HTTP no BeyondInsight para minimizar o risco de exploração.

**Nome do software vulnerável e versões afetadas** Versões do BeyondInsight anteriores à 23.1 **Descrição** Existe uma falha de divulgação de informações que permite que um invasor identifique nomes de usuário. **Recomendações** Para versões anteriores à 23.1, atualize para a versão 23.1 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** BeyondTrust U-Series Appliance, versões 3.4 a 4.0.2 **Descrição** O problema está relacionado a um gerenciamento inadequado de privilégios no BeyondTrust U-Series Appliance no Windows de 64 bits, afetando especificamente os módulos do sistema de arquivos. Isso permite o carregamento lateral de DLLs. **Recomendações** Para as versões 3.4 a 4.0.2, atualize para a versão 4.0.3 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o acesso aos módulos do sistema de arquivos para minimizar o risco de exploração.

**Nome do software vulnerável e versões afetadas** BeyondTrust U-Series Appliance, versões 3.4 a 4.0.2 **Descrição** O problema está relacionado a um gerenciamento inadequado de privilégios, permitindo a escalada de privilégios. Isso se deve a uma vulnerabilidade nos módulos da API do dispositivo local em sistemas Windows de 64 bits. **Recomendações** Para as versões 3.4 a 4.0.2, atualize para a versão 4.0.3 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** The issue is related to an arbitrary file upload vulnerability in the Gestione Documentale module, which allows attackers to execute arbitrary code by uploading a crafted file. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider restricting access to the Gestione Documentale module to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component allow attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload injected into the `VIEWSTATE` parameter. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider disabling the ErroreNonGestito.aspx component or restricting access to it until a patch is available. Avoid using the `VIEWSTATE` parameter in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** An improper error handling issue in the ErroreNonGestito.aspx component allows attackers to obtain sensitive technical information via a crafted SQL query. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider restricting access to the ErroreNonGestito.aspx component until a patch is available. As a temporary workaround, avoid using crafted SQL queries in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** A XML External Entity (XXE) vulnerability in the VerifichePeriodiche.aspx component allows attackers to read any file in the filesystem via supplying a crafted XML file. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider disabling the VerifichePeriodiche.aspx component until a patch is available to prevent exploitation of the XXE vulnerability.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** A SQL injection issue in the `Data Richiesta dal` parameter allows attackers to access the database and execute arbitrary commands via a crafted SQL query. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider restricting access to the `Data Richiesta dal` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GruppoSCAI RealGimm version 1.1.37p38 **Description** The issue allows attackers to execute arbitrary code via uploading a crafted HTML file, exploiting an arbitrary file upload vulnerability in the Carica immagine function. **Recommendations** For GruppoSCAI RealGimm version 1.1.37p38, consider restricting access to the Carica immagine function to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AudimexEE version 15.0 **Description** The issue is related to multiple reflected cross-site scripting (XSS) vulnerabilities. These vulnerabilities are present in the Show Kai Data component. Cross-site scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. Reflected XSS specifically refers to a scenario where the malicious script is reflected off the web server, meaning the script is included in the response from the server. **Recommendations** For AudimexEE version 15.0, as a temporary workaround, consider disabling the Show Kai Data component until a patch is available. Restrict access to this component to minimize the risk of exploitation. Avoid using any functionality that may trigger the reflected XSS vulnerabilities in the Show Kai Data component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AudimexEE version 15.0 **Description** A full path disclosure issue was discovered. This means that the software may reveal the full path of files or directories on the server, potentially allowing attackers to gather sensitive information about the system. **Recommendations** For AudimexEE version 15.0, at the moment, there is no information about a newer version that contains a fix for this issue.