In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 17-18, 2023.
During this period, The National Vulnerability Database published 68, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 14
Medium: 12
Low: 3
Severity Not Assigned: 34
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-47797
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the `p_l_back_url_title` parameter.
References: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-47797
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-5444
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description:
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.
References: https://kcm.trellix.com/agent/index?page=content&id=SB10410
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-47066
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-47067
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-47068
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-47069
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-47070
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-47073
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-22272
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-22273
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-22274
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-611
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-22275
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-44324
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe FrameMaker versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's password. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/framemaker/apsb23-58.html
CWE-ID: CWE-287
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-26347
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-44350
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-44351
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-44353
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-6179
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). A(n) attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most recent version of this product, service or offering (Pro-watch 6.0.2, 6.0, 5.5.2,5.0.5).
References: https://buildings.honeywell.com/us/en/brands/our-brands/security/support-and-resources/product-resources/eol-and-security-notices
https://www.honeywell.com/us/en/product-security
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-48238
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm.
References: https://github.com/joaquimserafim/json-web-token/security/advisories/GHSA-4xw9-cx39-r355
CWE-ID: CWE-345
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 17-18, 2023.
During this period, The National Vulnerability Database published 68, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 5
High: 14
Medium: 12
Low: 3
Severity Not Assigned: 34
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-47797
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Reflected cross-site scripting (XSS) vulnerability on a content page’s edit page in Liferay Portal 7.4.3.94 through 7.4.3.95 allows remote attackers to inject arbitrary web script or HTML via the `p_l_back_url_title` parameter.
References: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-47797
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-5444
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description:
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this the attacker must change the HTTP payload post submission, prior to it reaching the ePO server.
References: https://kcm.trellix.com/agent/index?page=content&id=SB10410
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-47066
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-47067
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-47068
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-47069
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-47070
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-47073
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References: https://helpx.adobe.com/security/products/after_effects/apsb23-66.html
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-22272
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-22273
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-22274
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-611
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-22275
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-44324
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe FrameMaker versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's password. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/framemaker/apsb23-58.html
CWE-ID: CWE-287
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-26347
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-44350
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-44351
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-44353
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
References: https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-6179
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). A(n) attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most recent version of this product, service or offering (Pro-watch 6.0.2, 6.0, 5.5.2,5.0.5).
References: https://buildings.honeywell.com/us/en/brands/our-brands/security/support-and-resources/product-resources/eol-and-security-notices
https://www.honeywell.com/us/en/product-security
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-48238
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm.
References: https://github.com/joaquimserafim/json-web-token/security/advisories/GHSA-4xw9-cx39-r355
CWE-ID: CWE-345
Common Platform Enumerations (CPE): Not Found