Recently, NVD published a list of Common Vulnerabilities and Exposures(CVE) and their impact metrics
Security Update
NVD, the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP).
In addition, the update on 20 CVE’s including 5 Critical, 8 High and remaining Medium, Low bugs.
Critical Vulnerability — CVE-2020-35185
Description:
The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user.
Moreover, System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
Secondly, the weak enumeration — Missing Authentication for Critical Function
Base Score:
CVSS 3.x – 9.8 CRITICAL
Critical Vulnerability — CVE-2020-35550
Description:
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software.
However, Attackers can bypass Factory Reset Protection (FRP) via StatusBar. The Samsung ID is SVE-2020-17888 (December 2020).
Base Score:
CVSS 3.x – 9.8 CRITICAL
Critical Vulnerability — CVE-2020-35551
Description:
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software.
However, They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB write operation can be replayed, a related issue to CVE-2020-13799.
In addition, The Samsung ID is SVE-2020-18100 (December 2020).
Secondly, the weak enumeration — Authentication Bypass by Capture-replay.
Base Score:
CVSS 3.x – 9.8 CRITICAL
Critical Vulnerability — CVE-2020-7781
Description:
This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js.
Secondly, the weak enumeration — Improper Neutralization of Special Elements used in a Command (‘Command Injection’).
Base Score:
CVSS 3.x – 9.8 CRITICAL
Critical Vulnerability — CVE-2020-26276
Description:
Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go’s standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document.
However, This can result in allowing unverified logins from a SAML IdP. Users that configure Fleet with SSO login may be vulnerable to this issue. This issue is patched in 3.5.1.
Secondly, the weak enumeration — Authentication Bypass by Spoofing
Base Score:
CVSS 3.x – 9.8 CRITICAL
Other Vulnerabilities:
Below are the list of scored vulnerabilities of severity – Medium & Low
| CVE – ID | Description |
| CVE-2020-25612 | The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated privilege to access user files due to insufficient access control. |
| CVE-2020-25611 | The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. |
| CVE-2020-25610 | The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web conference due to insufficient access control for conference codes. |
| CVE-2020-20138 | Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow module in CMS Made Simple (CMSMS) 2.2.4. |
| CVE-2020-25609 | The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts. |
| CVE-2020-25608 | The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection. |
| CVE-2020-35474 | In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges legend |
| CVE-2020-24693 | The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. |
| CVE-2020-35490 | FasterXML jackson databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing |
| CVE-2020-35491 | FasterXML jackson databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing |
| CVE-2020-5359 | Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. |
| CVE-2020-9952 | An input validation issue was addressed with improved input validation. |
| CVE-2020-5360 | Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under |
| CVE-2020-7837 | An issue was discovered in ML Report Program. There is a stack based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. |
| CVE-2020-35552 | An issue was discovered in the GPS daemon on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (non Qualcomm chipsets) software. |
Recommendations:
Visit https://nvd.nist.gov/ to get the patch updates and security recommendations.
Leave A Comment