Davide Virruso

**Name of the Vulnerable Software and Affected Versions** Oracle BI Publisher versions 7.0.0.0.0 and 12.2.1.4.0 **Description** The issue is related to insufficient input validation in the XML Services component of Oracle BI Publisher, allowing an unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks can result in the takeover of Oracle BI Publisher. **Recommendations** For versions 7.0.0.0.0 and 12.2.1.4.0, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Oracle BI Publisher versions 7.0.0.0.0 and 12.2.1.4.0 Description: The issue is related to insufficient access control in the Service Gateway component of Oracle BI Publisher, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized read access to a subset of Oracle BI Publisher accessible data. This vulnerability may significantly impact additional products. Recommendations: For versions 7.0.0.0.0 and 12.2.1.4.0, update to a version that includes the fix for this issue to prevent unauthorized access. As a temporary workaround, consider restricting access to the Service Gateway component until a patch is available. Avoid using the HTTP protocol for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle BI Publisher versions 7.0.0.0.0 through 12.2.1.4.0 **Description** The issue is related to insufficient input validation in the Script Engine component of Oracle BI Publisher, allowing a high-privileged attacker with network access via HTTP to compromise the system. Successful attacks can result in the takeover of Oracle BI Publisher. The vulnerability is easily exploitable and can be used by an attacker to execute arbitrary code. **Recommendations** For versions 7.0.0.0.0 through 12.2.1.4.0, consider disabling the Script Engine component until a patch is available to prevent exploitation. Restrict access to the Script Engine component to minimize the risk of exploitation. Avoid using the Oracle BI Publisher product until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Eclipse Kura versions 5.0.0 through 5.4.1 org.eclipse.kura:org.eclipse.kura.web2 versions 2.0.600 through 2.4.0 **Description** A specifically crafted request to the LogServlet component can allow an unauthenticated user to retrieve the device logs. The downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an authenticated user reported in logs. **Recommendations** For Eclipse Kura versions 5.0.0 through 5.4.1, update to version 5.4.2 to resolve the issue. For org.eclipse.kura:org.eclipse.kura.web2 versions 2.0.600 through 2.4.0, update to a version that is not included in the affected range, as the specific fixed version for this component is not provided. As a temporary workaround, consider restricting access to the LogServlet component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (affected versions not specified) **Description** The issue is related to the improper validation of user input within requests as part of the web-based management interface, allowing an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This could enable the attacker to execute arbitrary operating system commands with the privileges of the web services user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** The issue is related to insufficient access control in the web-based management interface of Cisco Identity Services Engine (ISE), allowing a remote attacker to bypass existing security restrictions and access system files by sending a specially crafted HTTP request. This could enable the attacker to list, download, and delete certain files they should not have access to. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains certain character sequences to an affected system. A successful exploit could allow the attacker to read or delete specific files on the device that their configured administrative level should not have access to. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) Software (affected versions not specified) **Description** The issue is related to insufficient input validation in the External RESTful Services (ERS) API, which could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated administrator of the web-based management interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.