Matthew Galligan

Name of the Vulnerable Software and Affected Versions: Agiloft versions prior to 30 Description: Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Recommendations: Upgrade to Agiloft Release 30.

Name of the Vulnerable Software and Affected Versions: Agiloft versions prior to 31 Description: Agiloft Release 28 contains an XML External Entities issue in any table that allows 'import/export'. An authenticated attacker can import a template file and perform path traversal on local system files. Recommendations: Upgrade to Agiloft Release 31.

Name of the Vulnerable Software and Affected Versions: Agiloft versions prior to 30 Description: Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Recommendations: Upgrade to Agiloft Release 30.

Name of the Vulnerable Software and Affected Versions: Agiloft versions prior to 31 Description: Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Recommendations: Upgrade to Agiloft Release 31.

**Name of the Vulnerable Software and Affected Versions** Fedora Repository versions 3.8.x **Description** The issue concerns a service account named `fedoraIntCallUser` with default credentials and privileges that allow reading local files by manipulating datastreams. It is recommended to migrate to a currently supported version. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Fedora Repository versions 3.8.x, migrate to a currently supported version, such as 6.5.1, to resolve the issue. As a temporary workaround, consider restricting the privileges of the `fedoraIntCallUser` service account to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Fedora Repository version 3.8.1 **Description** The issue allows path traversal when extracting uploaded archives, also known as "Zip Slip". A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. **Recommendations** For Fedora Repository version 3.8.1, migrate to a currently supported version, such as 6.5.1, to resolve the issue. As a temporary workaround, consider restricting access to the archive upload feature until the migration is complete. Additionally, avoid using the vulnerable archive extraction functionality until the issue is resolved by migrating to the supported version.

**Name of the Vulnerable Software and Affected Versions** IBM webMethods Integration version 10.15 **Description** The issue allows an authenticated user to create scheduler tasks, enabling them to escalate their privileges to administrator due to missing authentication. This can lead to unauthorized access and control. **Recommendations** For IBM webMethods Integration version 10.15, consider disabling the scheduler task creation feature for authenticated users until a patch is available to prevent privilege escalation. Restrict access to the scheduler module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM webMethods Integration version 10.15 **Description** The issue allows an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. This could lead to unauthorized access and data exposure. **Recommendations** For IBM webMethods Integration version 10.15, upgrade the affected component to a patched version to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM webMethods Integration version 10.15 **Description** The issue allows an authenticated user to upload and execute arbitrary files, which could be executed on the underlying operating system. This flaw enables attackers to execute arbitrary commands, escalating privileges and accessing sensitive files. Immediate action is required to address this flaw. **Recommendations** For IBM webMethods Integration version 10.15, consider disabling the file upload feature until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, limit the privileges of authenticated users to prevent arbitrary command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.