Thomas Pianezzola

**Name of the Vulnerable Software and Affected Versions** Eigen NLP version 3.10.1 **Description** The issue is related to a lack of access control on the "/auth/v1/sso/config/" SSO configuration endpoint. This allows any logged-in user, regardless of their role (guest, standard, or admin), to view and modify information. **Recommendations** For Eigen NLP version 3.10.1, restrict access to the "/auth/v1/sso/config/" endpoint to authorized users only, to prevent unauthorized viewing and modification of SSO configuration information.

**Name of the Vulnerable Software and Affected Versions** Eigen NLP version 3.10.1 **Description** A lack of access control on the "/auth/v1/user/{user-guid}/" user edition endpoint could permit any logged-in user to increase their own permissions via a `user permissions` array in a PATCH request. A guest user could modify other users' profiles and more. **Recommendations** For Eigen NLP version 3.10.1, restrict access to the "/auth/v1/user/{user-guid}/" endpoint to prevent unauthorized modifications, and consider implementing proper access control to prevent users from increasing their own permissions via the `user permissions` array. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Eigen NLP version 3.10.1 **Description** The issue is related to a lack of access control on the "/auth/v1/user/" endpoint, which allows a standard user to create a super user account with a defined password. This leads to privilege escalation. **Recommendations** For Eigen NLP version 3.10.1, restrict access to the "/auth/v1/user/" endpoint to prevent standard users from creating super user accounts until a patch is available. Consider implementing proper access controls to prevent privilege escalation.

Name of the Vulnerable Software and Affected Versions: JUMP AMS version 3.6.0.04.009-2487 Description: An issue was discovered in JUMP AMS where a JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem with user-controlled content via directory traversal, potentially leading to remote code and command execution. Recommendations: For JUMP AMS version 3.6.0.04.009-2487, consider restricting access to the JUMP SOAP endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: JUMP AMS version 3.6.0.04.009-2487 Description: An issue was discovered in JUMP AMS where a JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, including all directories and files. Recommendations: For JUMP AMS version 3.6.0.04.009-2487, consider restricting access to the JUMP SOAP endpoint to minimize the risk of exploitation. As a temporary workaround, disabling the endpoint until a patch is available can help mitigate the issue.

Name of the Vulnerable Software and Affected Versions: JUMP AMS version 3.6.0.04.009-2487 Description: An issue was discovered in the JUMP SOAP API, which is vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, also known as directory traversal. Recommendations: For JUMP AMS version 3.6.0.04.009-2487, consider restricting access to the JUMP SOAP API until a patch is available. As a temporary workaround, limit the file loading on the server filesystem to prevent directory traversal. At the moment, there is no information about a newer version that contains a fix for this vulnerability.