Raphael Kuhn

Name of the Vulnerable Software and Affected Versions: Avid NEXIS E-series versions prior to 2024.6.0 Avid NEXIS F-series versions prior to 2024.6.0 Avid NEXIS PRO+ versions prior to 2024.6.0 System Director Appliance (SDA+) versions prior to 2024.6.0 Description: The issue is related to an Improper Input Validation vulnerability in Avid products on Linux, allowing code execution on the underlying operating system with root permissions. Recommendations: Update Avid NEXIS E-series to version 2024.6.0 or later Update Avid NEXIS F-series to version 2024.6.0 or later Update Avid NEXIS PRO+ to version 2024.6.0 or later Update System Director Appliance (SDA+) to version 2024.6.0 or later

**Name of the Vulnerable Software and Affected Versions** LiveConfig versions prior to 2.5.2 **Description** A Directory Traversal issue allows a remote attacker to obtain sensitive information via a crafted request to the "/static/" endpoint. This enables the attacker to access files or directories that are outside the intended directory, potentially leading to information disclosure. **Recommendations** For versions prior to 2.5.2, update to version 2.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/static/" endpoint until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Univention Corporate Server (UCS) versions 5.0-5 **Description** The issue is related to the `check univention joinstatus` prometheus monitoring script, which reveals the LDAP plaintext password of the machine account in the process list. This allows attackers with local ssh access to gain higher privileges and perform follow-up attacks. By default, the configuration of UCS does not allow local ssh access for regular users. The exploitation of this issue may permit an attacker to elevate their privileges. **Recommendations** For Univention Corporate Server (UCS) versions 5.0-5, consider disabling the `check univention joinstatus` function as a temporary workaround until a patch is available. Restrict access to the process list to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HPE iMC PLAT versions prior to 7.2 E0403P04 HPE iMC EAD versions prior to 7.2 E0405P05 HPE iMC APM versions prior to 7.2 E0401P04 HPE iMC NTA versions prior to 7.2 E0401P01 HPE iMC BIMS versions prior to 7.2 E0402P02 HPE iMC UAM TAM versions prior to 7.2 E0405P05 **Description** The issue allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. **Recommendations** For HPE iMC PLAT versions prior to 7.2 E0403P04, update to version 7.2 E0403P04 or later. For HPE iMC EAD versions prior to 7.2 E0405P05, update to version 7.2 E0405P05 or later. For HPE iMC APM versions prior to 7.2 E0401P04, update to version 7.2 E0401P04 or later. For HPE iMC NTA versions prior to 7.2 E0401P01, update to version 7.2 E0401P01 or later. For HPE iMC BIMS versions prior to 7.2 E0402P02, update to version 7.2 E0402P02 or later. For HPE iMC UAM TAM versions prior to 7.2 E0405P05, update to version 7.2 E0405P05 or later.