Guy Lederfein

**Name of the Vulnerable Software and Affected Versions** Cisco products (affected versions not specified) **Description** A flaw exists in the processing of DCE/RPC requests that may allow a remote attacker to obtain sensitive information or cause the Snort 3 Detection Engine to restart, leading to an interruption of packet inspection. This is due to an error in buffer handling logic when processing DCE/RPC requests, resulting in a buffer out-of-bounds read. An attacker could exploit this by sending numerous DCE/RPC requests through an established connection inspected by Snort 3. The vulnerability could allow an attacker to obtain sensitive information from the Snort 3 data stream. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Snort (affected versions not specified) **Description** A flaw exists in the processing of DCE/RPC requests that may allow a remote, unauthenticated attacker to cause the Snort 3 Detection Engine to leak sensitive information or restart, leading to a disruption of packet inspection. This issue is due to a buffer use-after-free read error in the buffer handling logic when processing DCE/RPC requests. An attacker could exploit this by sending a large number of DCE/RPC requests through an established connection inspected by Snort 3. A successful exploit could unexpectedly restart the Snort 3 Detection Engine, potentially causing a denial of service (DoS). The vulnerable component is the ` bnfa search csparse nfa` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SolarWinds Web Help Desk versions prior to 12.8.3 Hotfix 2 **Description** SolarWinds Web Help Desk is susceptible to a Java deserialization Remote Code Execution issue. Successful exploitation of this issue allows an unauthenticated attacker to execute arbitrary commands on the host machine. The vulnerability resides in the AjaxProxy component and involves improper deserialization of untrusted data. This flaw is actively exploited. **Recommendations** Apply the hotfix released by SolarWinds for versions prior to 12.8.3 Hotfix 2.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server (affected versions not specified) **Description** This issue involves flaws in the deserialization mechanism within Microsoft SharePoint Server. Successful exploitation could allow a remote attacker to execute arbitrary code by uploading a specially crafted file. The vulnerability requires authentication to exploit. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: vCenter Server (affected versions not specified) VMware Cloud Foundation (affected versions not specified) Description: The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition. This issue is related to an uncontrolled resource consumption, which can be exploited by a remote attacker to cause a denial-of-service condition. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows libarchive (affected versions not specified) **Description** The vulnerability is related to insufficient input validation in the libarchive library of the Windows operating system. It allows remote attackers to execute arbitrary code and affect the system. An attacker could exploit this bug by enticing a user into extracting a crafted RAR archive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jenkins Scriptler Plugin versions 3.3 and earlier **Description** The issue is related to a stored cross-site scripting (XSS) vulnerability. It occurs because the Jenkins Scriptler Plugin does not escape the name of scripts on the UI when asking to confirm their deletion. This makes it exploitable by attackers who are able to create Scriptler scripts. **Recommendations** For Jenkins Scriptler Plugin versions 3.3 and earlier, update to version 3.4 or later, which escapes the name of scripts on the UI when asking to confirm their deletion.