Alex Hernandez

Name of the Vulnerable Software and Affected Versions: Micro Focus Fortify Software Security Center (SSC) versions 17.10 through 18.10 Description: A potential issue in Micro Focus Fortify Software Security Center (SSC) could allow remote unauthorized access. Recommendations: For versions 17.10 through 18.10, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Micro Focus Fortify Software Security Center (SSC) versions 17.10 through 18.10 **Description** A potential issue in Micro Focus Fortify Software Security Center (SSC) could allow remote unauthorized access. **Recommendations** For versions 17.10 through 18.10, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Episerver Ektron CMS versions prior to 9.0 SP3 Site CU 31 Episerver Ektron CMS versions 9.1 prior to SP3 Site CU 45 Episerver Ektron CMS versions 9.2 prior to SP2 Site CU 22 **Description** The issue allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is normally available exclusively for local admins. **Recommendations** For Episerver Ektron CMS versions prior to 9.0 SP3 Site CU 31, update to version 9.0 SP3 Site CU 31 or later. For Episerver Ektron CMS versions 9.1 prior to SP3 Site CU 45, update to version 9.1 SP3 Site CU 45 or later. For Episerver Ektron CMS versions 9.2 prior to SP2 Site CU 22, update to version 9.2 SP2 Site CU 22 or later.

**Name of the Vulnerable Software and Affected Versions** Fortify Software Security Center (SSC) versions 17.1 through 18.1 **Description** The issue allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks. This is achieved via a crafted DTD in an XML request, exploiting an XML external entity (XXE) vulnerability. **Recommendations** For Fortify Software Security Center (SSC) versions 17.1 through 18.1, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dataiku DSS versions prior to 4.2.3 **Description** The issue allows remote attackers to obtain sensitive information, specifically determining if a username is valid, due to the visibility of profile pictures in the REST API. **Recommendations** For versions prior to 4.2.3, update to version 4.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to profile pictures to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Samsung DVR SHR2040 Description: The issue concerns a denial of service that can be triggered through the web interface by sending a malformed HTTP request. This request is related to the filter for configuration properties and the presence of "/x" characters. Recommendations: For Samsung DVR SHR2040, avoid using malformed HTTP requests that include "/x" characters to prevent causing a denial of service. As a temporary workaround, consider restricting access to the web interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** March Networks DVR 3204 (affected versions not specified) **Description** The issue concerns the storage of sensitive information under the web root with insufficient access control. This allows remote attackers to obtain sensitive data, including usernames, passwords, device names, and IP addresses, by making a direct request for the `scripts/logfiles.tar.gz` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AirDefense Airsensor M520 versions 4.3.1.1 through 4.4.1.4 **Description** The issue is related to multiple buffer overflows that can be triggered by remote authenticated users, leading to a denial of service (HTTPS service outage). This can be achieved by sending a crafted query string in an HTTPS request to specific API endpoints, including (1) "adLog.cgi", (2) "post.cgi", or (3) "ad.cgi", which are related to the "files filter." **Recommendations** For AirDefense Airsensor M520 versions 4.3.1.1 through 4.4.1.4, consider restricting access to the affected API endpoints "adLog.cgi", "post.cgi", and "ad.cgi" to minimize the risk of exploitation until a patch is available. Avoid using crafted query strings in HTTPS requests to these endpoints.

**Name of the Vulnerable Software and Affected Versions** CipherTrust IronMail version 5.0.1 **Description** The issue allows remote attackers to cause a denial of service, possibly due to CPU consumption, via a SYN flood with malformed TCP packets from multiple connections when "Denial of Service Protection" is enabled. **Recommendations** For CipherTrust IronMail version 5.0.1, consider disabling the "Denial of Service Protection" feature as a temporary workaround until a patch is available. Restrict access to the system to minimize the risk of exploitation.