Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from December that should be immediately patched or addressed if present in your environment. Detailed writeups below:
CVE-2023-36019:
This vulnerability affects the Microsoft Power Platform Connector and is considered critical due to its spoofing nature, with a CVSS score of 9.6/10. It primarily affects the Microsoft Power Platform Connector and requires user interaction, as exploitation depends on the victim clicking a specially crafted URL. The vulnerability lies in the web server, but the malicious scripts are executed in the victim’s browser. Microsoft has addressed this issue by updating OAuth 2.0 connectors to use a per-connector redirect URI, thereby reducing the risk of spoofing attacks. Users are strongly advised to update their systems with these security improvements to mitigate this threat. The detailed technical specifics about the attack vector and complexity, beyond the requirement for user interaction, are not extensively detailed in the available public resources. For more information, see the NIST documentation.
CVE-2023-7024:
CVE-2023-7024 is a high-severity vulnerability identified in Google Chrome’s WebRTC framework, characterized as a heap-based buffer overflow bug. Although the exact CVSS score is not specified, its critical nature is underscored by the fact that it has been exploited in the wild. The flaw was discovered by Google’s Threat Analysis Group and could lead to arbitrary code execution or crashes in the Chrome browser. Due to the severity of this issue, Google has promptly rolled out security updates. Given WebRTC’s open-source nature and support by other browsers like Mozilla Firefox and Apple Safari, the broader impact of this flaw beyond Chrome and Chromium-based browsers remains a concern. Users are advised to update to the latest versions of Chrome (version 120.0.6099.129/130 for Windows and 120.0.6099.129 for macOS and Linux) to protect against potential exploits. The specific attack complexity and user interaction requirements are not fully detailed, but the urgency of the update suggests a significant risk. For more information, check out the NVD’s vulnerability documentation.
CVE-2023-50164:
Apache Struts, a popular open-source framework for building Java web applications, has a critical vulnerability identified as CVE-2023-50164, with a high CVSS score of 9.8/10. This vulnerability affects versions 2.5.0 to 2.5.32 and 6.0.0 to 6.3.0 of Apache Struts. It allows attackers to manipulate file upload parameters to achieve path traversal, leading to potential remote code execution. Given its widespread use in commercial and open-source projects, this vulnerability poses a significant risk. Apache has responded by releasing patches for affected versions, and it is highly recommended for users to update their Apache Struts installations to the secure versions. Detailed information about the attack complexity and user interaction requirements are not provided, but the high CVSS score suggests a severe impact. Check out the NIST documentation for more information.
CVE-2023-51385:
The SSH ProxyCommand feature is compromised by CVE-2023-51385, a critical vulnerability with a CVSS score of 9.8/10. This flaw enables attackers to perform shell injection on servers using SSH ProxyCommand, which is used for proxying SSH connections. The vulnerability arises due to the handling of invalid usernames or hostnames containing shell metacharacters when passed to SSH. Attackers could exploit this in scenarios like untrusted Git repositories containing submodules with shell metacharacters in a username or hostname. Patches have been issued by various vendors, including LibSSH, OpenSSH, and Debian. Users of affected SSH implementations are advised to update their systems with these patches. The exact attack complexity and user interaction requirements are not explicitly detailed in the available advisories. For more information on this vulnerability, check out the NIST documentation.
CVE-2023-49070:
Apache OFBiz, a widely used open-source enterprise resource planning system, faced a critical authentication bypass vulnerability identified as CVE-2023-49070. This vulnerability allows unauthorized users to bypass authentication mechanisms under certain conditions, posing a significant security risk. The vulnerability was discovered in the OFBiz’s XML-RPC service, where specific request parameters could be manipulated to bypass authentication checks. This flaw was particularly concerning due to its potential impact on the confidentiality and integrity of data managed by OFBiz applications. The vulnerability was addressed swiftly by the Apache OFBiz team with a patch that effectively resolved the issue. The patch involved code changes that corrected the flawed authentication logic, ensuring that the system no longer allowed unauthorized access under the conditions exploited by the vulnerability. This vulnerability has been documented as severe, with the National Institute of Standards and Technology (NIST) assigning a high CVSS 3.x base score of 9.8, indicating its critical nature. Users and administrators of Apache OFBiz systems are strongly advised to apply the patch as soon as possible to protect against potential exploits. More information can be found in the NVD vulnerability summary here.
Conclusion:
In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time –
https://www.netizen.net/contact
