Travis Emmert

**Name of the Vulnerable Software and Affected Versions** Jenkins versions 2.274 and earlier, LTS versions 2.263.1 and earlier **Description** The issue allows attackers to read arbitrary files using the file browser for workspaces and archived artifacts by following symlinks. This is possible because the file browser for workspaces, archived artifacts, and `$JENKINS HOME/userContent/` follows symbolic links to locations outside the directory being browsed. Attackers with Job/Workspace permission and the ability to control workspace contents can create symbolic links to access files outside workspaces using the workspace browser. **Recommendations** For Jenkins versions 2.274 and earlier, update to version 2.275 or later to resolve the issue. For LTS versions 2.263.1 and earlier, update to version 2.263.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the workspace browser and archived artifacts to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EMC ESRS Policy Manager versions prior to 6.8 **Description** The issue concerns an undocumented account, specifically the OpenDS admin, which has a default password. This allows a remote attacker who knows the default password to log in and gain administrator privileges to the local LDAP directory server. **Recommendations** For versions prior to 6.8, change the default password of the OpenDS admin account to prevent unauthorized access. As a temporary workaround, consider restricting access to the LDAP directory server until the default password is changed.

**Name of the Vulnerable Software and Affected Versions** Bro versions prior to 2.3.2 **Description** The issue arises from improper handling of zero values of a packet length in the DNP3 protocol analyzer, allowing remote attackers to cause a denial of service. This can result in a buffer overflow or buffer over-read if NDEBUG is defined; otherwise, it leads to an assertion failure. The attack is facilitated by a crafted DNP3 packet. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bro versions prior to 2.3.2 **Description** The issue allows remote attackers to cause a denial of service, potentially leading to a buffer overflow or buffer over-read, by sending a crafted DNP3 packet with certain non-zero values of a packet length. **Recommendations** For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Granite Data Services version 3.1.1-SNAPSHOT **Description** The issue allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service. This is related to an XML External Entity (XXE) issue, which occurs when an XML external entity declaration is used in conjunction with an entity reference. **Recommendations** For Granite Data Services version 3.1.1-SNAPSHOT, consider disabling XML external entity processing as a temporary workaround until a patch is available. Restrict access to sensitive files and intranet servers to minimize the risk of exploitation.