Travis Emmert

**Nome do software vulnerável e versões afetadas** Versões 2.274 e anteriores do Jenkins; versões LTS 2.263.1 e anteriores **Descrição** A vulnerabilidade permite que invasores leiam arquivos arbitrários usando o navegador de arquivos para espaços de trabalho e artefatos arquivados, seguindo links simbólicos. Isso é possível porque o navegador de arquivos para áreas de trabalho, artefatos arquivados e `$JENKINS HOME/userContent/` segue links simbólicos para locais fora do diretório que está sendo navegado. Invasores com permissão de Job/Workspace e a capacidade de controlar o conteúdo da área de trabalho podem criar links simbólicos para acessar arquivos fora das áreas de trabalho usando o navegador da área de trabalho. **Recomendações** Para as versões 2.274 e anteriores do Jenkins, atualize para a versão 2.275 ou posterior para resolver o problema. Para as versões LTS 2.263.1 e anteriores, atualize para a versão 2.263.2 ou posterior para resolver o problema. Como solução alternativa temporária, considere restringir o acesso ao navegador de espaços de trabalho e aos artefatos arquivados para minimizar o risco de exploração.

**Name of the Vulnerable Software and Affected Versions** EMC ESRS Policy Manager versions prior to 6.8 **Description** The issue concerns an undocumented account, specifically the OpenDS admin, which has a default password. This allows a remote attacker who knows the default password to log in and gain administrator privileges to the local LDAP directory server. **Recommendations** For versions prior to 6.8, change the default password of the OpenDS admin account to prevent unauthorized access. As a temporary workaround, consider restricting access to the LDAP directory server until the default password is changed.

**Name of the Vulnerable Software and Affected Versions** Bro versions prior to 2.3.2 **Description** The issue arises from improper handling of zero values of a packet length in the DNP3 protocol analyzer, allowing remote attackers to cause a denial of service. This can result in a buffer overflow or buffer over-read if NDEBUG is defined; otherwise, it leads to an assertion failure. The attack is facilitated by a crafted DNP3 packet. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bro versions prior to 2.3.2 **Description** The issue allows remote attackers to cause a denial of service, potentially leading to a buffer overflow or buffer over-read, by sending a crafted DNP3 packet with certain non-zero values of a packet length. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Granite Data Services version 3.1.1-SNAPSHOT **Description** The issue allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service. This is related to an XML External Entity (XXE) issue, which occurs when an XML external entity declaration is used in conjunction with an entity reference. **Recommendations** For Granite Data Services version 3.1.1-SNAPSHOT, consider disabling XML external entity processing as a temporary workaround until a patch is available. Restrict access to sensitive files and intranet servers to minimize the risk of exploitation.