Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing outside attack surface. Netizen’s Security Operations Center (SOC) has compiled four vulnerabilities from December that should be immediately patched or addressed if present in your environment. Detailed writeups below:
Apache Fineract allowed an authenticated user to perform remote code execution. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. The Apache Fineract, an open-source software for financial services, has a vulnerability in its File Upload Handler component that allows a path traversal attack which an attacker can leverage to run remote code on a system and has a high impact upon the CIA Triad. This vulnerability affects versions 1.8.0 and earlier. It is recommended that Apache Fineract be upgrade to version 1.8.1.
ZKConfigurationStore which is optionally used by Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and is found in versions 2.10.1, 3.2.3, 3.3.3. An Attacker that can access ZooKeeper can manipulate input to the application leading to the desterilizing of input that isn’t verified properly. This allows the attacker to run randomly chosen commands.
An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication. This vulnerability has a NIST CVSSv3 base score rating of 8.1/10. If the default configuration is used, version 22.1 and earlier will not check the remoter server host key correctly when an SFTP or SSH session is initiated. This vulnerability can allow an attacker to perform a MITM (Man In The Middle) attacker leading to leveraging the ability to log into other remote servers.
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 Router V4.1 build 17030317. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. An attacker can enter a specially crafted HTTP POST to get privilege escalation to a root shell. The attacker configures OpenVPN through the POST “/goform/net\_Web\_get_value” which gives the attacker root user privileges and allows injected commands to run as root. The attack is not complex in nature and doesn’t require user interaction.
A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and affects Apache Atlas versions from 0.8.4 to 2.2.0. The Apache Atlas is an open source framework to help scientists & engineers classify & govern data assets. The vulnerability allows the manipulation of input to perform a path directory traversal to restricted directories. This vulnerability can have a high impact on the CIA Triad, Confidentiality, Integrity & Accessability.
In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact