Garrett Foster

**Name of the Vulnerable Software and Affected Versions** System Center Operations Manager (affected versions not specified) **Description** Improper input validation exists in System Center Operations Manager, potentially allowing an authorized attacker to elevate privileges over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PDQ Smart Deploy version 3.0.2040 Description: An insecure permissions issue exists in PDQ Smart Deploy version 3.0.2040. A local attacker can execute arbitrary code via the `HKLMSYSTEMSetupSmartDeploy` component. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PDQ Smart Deploy version 3.0.2040 Description: An issue allows an attacker to escalate privileges via the credential encryption routines in SDCommon.dll. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SelectSurvey.NET versions prior to 5.052.000 **Description** A file disclosure issue allows a remote, unauthenticated attacker to retrieve survey user submitted data by modifying the `ID` parameter in sequential order beginning from 1 in the "UploadedImageDisplay.aspx" endpoint. **Recommendations** For versions prior to 5.052.000, update to version 5.052.000 or later to resolve the issue. As a temporary workaround, consider restricting access to the UploadedImageDisplay.aspx endpoint until a patch is applied. Avoid using sequential `ID` values in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SelectSurvey.NET versions prior to 5.052.000 **Description** The issue allows a remote, unauthenticated attacker to retrieve data from the application's backend database. This is achieved through SQL injection in the `ID` parameter of the "UploadedImageDisplay.aspx" endpoint. The attack can be performed using boolean-based blind and UNION injection techniques. **Recommendations** For versions prior to 5.052.000, update to version 5.052.000 or later to resolve the issue. As a temporary workaround, consider restricting access to the "UploadedImageDisplay.aspx" endpoint to minimize the risk of exploitation. Avoid using the `ID` parameter in the affected endpoint until the issue is resolved.