Secure77

**Name of the Vulnerable Software and Affected Versions** NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus versions 8.x through 8.6 **Description** The issue concerns incorrect access control in the component /iclock/Settings?restartNCS=1, allowing attackers to arbitrarily restart the NCServiceManger via a crafted GET request. **Recommendations** For versions 8.x through 8.6, consider disabling access to the /iclock/Settings?restartNCS=1 component until a patch is available. Restrict access to the NCServiceManger to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus versions 8.x through 8.6 **Description** The issue is related to a SQL injection vulnerability. It can be exploited via the `addProject` method in the "smarttimeplus/MySQLConnection" endpoint. **Recommendations** For versions 8.x through 8.6, consider restricting access to the "smarttimeplus/MySQLConnection" endpoint until a patch is available. As a temporary workaround, avoid using the `addProject` method in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus versions 8.x through 8.6 **Description** A SQL injection issue was found in the getCookieNames method via the "smarttimeplus/MySQLConnection" endpoint. **Recommendations** For versions 8.x through 8.6, consider disabling the getCookieNames method in the smarttimeplus/MySQLConnection endpoint until a patch is available. Restrict access to the smarttimeplus/MySQLConnection endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Metabase versions prior to 0.40.8 Metabase versions prior to 0.41.7 Metabase versions prior to 0.42.4 Metabase versions prior to 1.40.8 Metabase versions prior to 1.41.7 Metabase versions prior to 1.42.4 **Description** Metabase is an open source business intelligence and analytics application. It has a proxy to load arbitrary URLs for JSON maps as part of its GeoJSON support. Although validation is performed to prevent returning contents of arbitrary URLs, a particularly crafted request could result in file access on Windows, enabling an `NTLM relay attack`. This potentially allows an attacker to receive the system password hash. **Recommendations** For Metabase versions prior to 0.40.8, upgrade to version 0.40.8 or greater. For Metabase versions prior to 0.41.7, upgrade to version 0.41.7 or greater. For Metabase versions prior to 0.42.4, upgrade to version 0.42.4 or greater. For Metabase versions prior to 1.40.8, upgrade to version 1.40.8 or greater. For Metabase versions prior to 1.41.7, upgrade to version 1.41.7 or greater. For Metabase versions prior to 1.42.4, upgrade to version 1.42.4 or greater.