Skay

**Nome do software vulnerável e versões afetadas** Versões do Apache Solr de 8.10.0 a 8.11.2 Versões do Apache Solr de 9.0.0 a 9.2.x **Descrição** O problema está relacionado a uma vulnerabilidade no Apache Solr devido à atribuição incorreta de permissões para recursos críticos e ao controle inadequado de recursos de código gerenciados dinamicamente. O recurso Schema Designer foi introduzido para permitir que os usuários configurassem e testassem novos esquemas e conjuntos de configuração com mais facilidade. No entanto, quando o recurso foi criado, a “confiança” (autenticação) desses conjuntos de configuração não foi considerada, permitindo que conjuntos de configuração criados por usuários não autenticados carregassem bibliotecas externas quando usados no Schema Designer. Isso poderia potencialmente levar à execução remota de código. **Recomendações** Para as versões 8.10.0 a 8.11.2 do Apache Solr, atualize para a versão 8.11.3. Para as versões 9.0.0 a 9.2.x do Apache Solr, atualize para a versão 9.3.0.

**Name of the Vulnerable Software and Affected Versions** Zimbra ZCS version 8.8.15 **Description** The issue is a Cross Site Scripting vulnerability that allows a remote authenticated attacker to execute arbitrary code via a crafted script to the "/h/autoSaveDraft" function. This vulnerability is actively exploited by hackers. **Recommendations** For Zimbra ZCS version 8.8.15, consider disabling the `/h/autoSaveDraft` function as a temporary workaround until a patch is available. Restrict access to this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache OFBiz versions prior to 18.12.07 **Description** The issue is an arbitrary file reading vulnerability in Apache OFBiz when using the Solr plugin. This is a pre-authentication attack, meaning it can be exploited without needing to authenticate first. **Recommendations** For versions prior to 18.12.07, update to version 18.12.07 or later to resolve the issue. As a temporary workaround, consider disabling the Solr plugin until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine ADSelfService Plus versions through 6203 **Description** The issue allows for a brute-force attack, leading to a password reset on IDM applications. This is a result of a weakness in the password reset mechanism, which can be exploited by an attacker to gain unauthorized access. **Recommendations** For Zoho ManageEngine ADSelfService Plus versions through 6203, consider implementing additional security measures to prevent brute-force attacks, such as rate limiting or IP blocking, until a patch is available. As a temporary workaround, restrict access to the password reset feature to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Communications Manager versions 11.5(1) through 14 Cisco Unified Communications Manager Session Management Edition versions 11.5(1) through 14 **Description** The issue is related to errors in processing input data in the web interface of the affected systems, allowing an authenticated, remote attacker to conduct SQL injection attacks. This could enable the attacker to read or modify any data on the underlying database or elevate their privileges. The vulnerability exists because the web-based management interface inadequately validates user input. **Recommendations** For Cisco Unified Communications Manager versions 11.5(1) through 12.5(1), update to version 12.5(1)SU7. For Cisco Unified Communications Manager version 14, update to version 14SU3, which is scheduled for release in March 2023. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation.

**Nome do software vulnerável e versões afetadas** Versões do Zoho ManageEngine ADSelfService Plus anteriores à 6203 **Descrição** A vulnerabilidade permite um ataque de negação de serviço, resultando na reinicialização do aplicativo, por meio de uma carga maliciosa enviada ao endpoint “Mobile App Deployment API”. **Recomendações** Para versões anteriores à 6203, atualize para a versão 6203 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o acesso ao endpoint da API de implantação de aplicativos móveis até que a atualização seja aplicada.