Xiaoc

**Nome do software vulnerável e versões afetadas** Radio Frequency Manager (versões afetadas não especificadas) **Descrição** Existe uma vulnerabilidade de negação de serviço (DoS) sem autenticação no serviço Radio Frequency Manager acessado via protocolo PAPI. A exploração bem-sucedida dessa vulnerabilidade permite interromper o funcionamento normal do serviço afetado. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões 8.x do ArubaOS **Descrição** O problema está relacionado à validação insuficiente de entradas no serviço Spectrum do ArubaOS, o que pode ser explorado por um invasor remoto para causar uma negação de serviço (DoS) usando o protocolo PAPI. Uma exploração bem-sucedida permite que um invasor interrompa o funcionamento normal do serviço afetado. **Recomendações** Para o ArubaOS versão 8.x, atualize para uma versão que inclua uma correção para este problema a fim de evitar a exploração. Como solução alternativa temporária, considere restringir o acesso ao serviço Spectrum via protocolo PAPI para minimizar o risco de exploração.

**Nome do software vulnerável e versões afetadas** Confluence Data Center e Server, versões 7.13.0 a 7.19.17 Confluence Data Center e Server, versões 8.5.0 a 8.5.4 Confluence Data Center e Server, versões 8.7.0 a 8.7.1 **Descrição** A vulnerabilidade está relacionada à validação insuficiente de entradas, permitindo que um invasor remoto execute código arbitrário. Esse problema tem alto impacto na confidencialidade, integridade e disponibilidade, e não requer interação do usuário. **Recomendações** Para o Confluence Data Center e Server 7.19: atualize para a versão 7.19.18 ou qualquer versão 7.19.x superior Para o Confluence Data Center e Server 8.5: atualize para a versão 8.5.5 ou qualquer versão 8.5.x superior Para o Confluence Data Center e Server 8.7: atualize para a versão 8.7.2 ou qualquer versão superior

**Name of the Vulnerable Software and Affected Versions** Aruba access point (affected versions not specified) **Description** The issue concerns arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI, which is Aruba's access point management protocol. Successful exploitation of these vulnerabilities can lead to the deletion of arbitrary files on the underlying operating system. This could potentially interrupt normal operation and impact the integrity of the access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AirWave (affected versions not specified) **Description** The issue concerns arbitrary file deletion vulnerabilities in the AirWave client service, which is accessed through PAPI, Aruba's access point management protocol. Successful exploitation of these vulnerabilities can lead to the deletion of arbitrary files on the underlying operating system. This could potentially interrupt normal operation and impact the integrity of the access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions mentioned. **Description** The issue concerns unauthenticated Denial-of-Service (DoS) vulnerabilities in the CLI service accessed via the PAPI protocol. Successful exploitation allows an attacker to interrupt the normal operation of the affected access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wi-Fi Uplink service (affected versions not specified) **Description** The issue concerns unauthenticated Denial-of-Service (DoS) vulnerabilities in the Wi-Fi Uplink service, which is accessed via the PAPI protocol. Successful exploitation of these vulnerabilities can interrupt the normal operation of the affected access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Soft AP daemon (affected versions not specified) **Description** An unauthenticated Denial-of-Service (DoS) issue exists in the soft ap daemon, which is accessed via the PAPI protocol. This allows for the interruption of normal operation of the affected access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected access point. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aruba access point versions (affected versions not specified) **Description** The issue involves buffer overflow vulnerabilities in the underlying CLI service. These vulnerabilities could lead to unauthenticated remote code execution by sending specially crafted packets to the PAPI UDP port (8211). Successful exploitation results in the ability to execute arbitrary code as a privileged user on the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AirWave (affected versions not specified) **Description** The issue is related to a buffer overflow vulnerability in the AirWave client service. This vulnerability could lead to unauthenticated remote code execution by sending specially crafted packets to the PAPI UDP port (8211). Successful exploitation results in the ability to execute arbitrary code as a privileged user on the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nautobot versions prior to 1.5.7 **Description** Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions earlier than 1.5.7 are impacted by a remote code execution vulnerability. Nautobot did not properly sandbox Jinja2 template rendering. In Nautobot 1.5.7, sandboxed environments for the Jinja2 template engine used internally for template rendering for the following objects have been enabled: `extras.ComputedField`, `extras.CustomLink`, `extras.ExportTemplate`, `extras.Secret`, `extras.Webhook`. While no active exploits of this vulnerability are known, this change has been made as a preventative measure to protect against any potential remote code execution attacks utilizing maliciously crafted template code. This change forces the Jinja2 template engine to use a `SandboxedEnvironment` on all new installations of Nautobot. This addresses any potential unsafe code execution everywhere the helper function `nautobot.utilities.utils.render jinja2` is called. Additionally, the documentation that had previously suggested the direct use of `jinja2.Template` has been revised to suggest `render jinja2`. **Recommendations** For users that are unable to upgrade to the latest release of Nautobot, you may add the following setting to your `nautobot config.py` to apply the sandbox environment enforcement: `TEMPLATES[1]["OPTIONS"]["environment"] = "jinja2.sandbox.SandboxedEnvironment"`. After applying this change, you must restart all Nautobot services, including any Celery worker processes. For users that are unable to immediately update their configuration, access to provide custom Jinja2 template values may be mitigated using permissions to restrict “change” (write) actions to the affected object types listed. Nautobot App authors or Job authors should replace any custom code using `jinja2.Template` with the `nautobot.utilities.utils.render jinja2` function to ensure the centrally-provided Jinja2 template engine with sandboxing enforced is being utilized. Users are advised to upgrade to Nautobot 1.5.7 or newer.