National Cyber Security Center | Securing Ghana's Digital Journey

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Cisco ASR 5000
• Cisco ASR 5500
• Cisco Virtual Packet Core
Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC

Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Notes: No patch is currently available.

Denial of Service
Remote Code Execution
Information Disclosure

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• Cisco ASR 5000 21.5.27
• Cisco ASR 5500 21.5.27
• Cisco ASR 5500 21.11.15
• Cisco ASR 5500 21.14.22
• Cisco ASR 5500 21.20.2
• Cisco Virtual Packet Core 21.5.27
• Cisco Virtual Packet Core 21.11.15
• Cisco Virtual Packet Core 21.14.22
• Cisco Virtual Packet Core 21.20.2
Notes: Patch will be available on 31-Jul-2020
Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC

• CVE-2020-11896
• CVE-2020-11897
• CVE-2020-11898
• CVE-2020-11899
• CVE-2020-11900
• CVE-2020-11901
• CVE-2020-11902
• CVE-2020-11903
• CVE-2020-11904
• CVE-2020-11905
• CVE-2020-11906
• CVE-2020-11907
• CVE-2020-11908
• CVE-2020-11909
• CVE-2020-11910
• CVE-2020-11911
• CVE-2020-11912
• CVE-2020-11913
• CVE-2020-11914

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Adobe Reader Mobile versions 20.0.1 and earlier

A vulnerability was identified in Adobe Reader Mobile, a remote attacker can exploit this vulnerability to obtain sensitive information on the targeted system.

Information Disclosure

Before installation of the software, please visit the vendor web-site for more details.
The vendor has issued a fix :
https://play.google.com/store/apps/details?id=com.adobe.reader

• CVE-2020-9663

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Photoshop CC 2019 versions 20.0.9 and earlier
• Photoshop 2020 versions 21.2 and earlier

A vulnerability was identified in Adobe Photoshop, a remote attacker can exploit this vulnerability to trigger remote code execution on the targeted system.

Remote Code Execution

Before installation of the software, please visit the vendor web-site for more details.
The vendor has issued a fix :
https://helpx.adobe.com/security/products/photoshop/apsb20-45.html

• CVE-2020-9683
• CVE-2020-9686
• CVE-2020-9684
• CVE-2020-9685
• CVE-2020-9687

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Microsoft Windows

A vulnerability has been identified in Microsoft Windows, a remote user can exploit this vulnerability to trigger sensitive information disclosure on the targeted system.
Notes: No patch is currently available.

Information Disclosure

Workaround:
Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application.

• No CVE information is available

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Version 3.6 - 3.6.10
• Version 3.7 - 3.7.8
• Version 3.8 - 3.4.8rc1

A vulnerability was identified in Python, a remote attacker can exploit this vulnerability to trigger remote code execution on the targeted system.

Remote Code Execution

Before installation of the software, please visit the vendor web-site for more details.
The vendor has issued a fix :
https://docs.python.org/3/whatsnew/changelog.html#python-3-8-4-final

• CVE-2020-15523

Original Issue Date: July 22, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• SQLite through version 3.32.0
• IBM Watson Machine Learning Community Edition version 1.6.2
• IBM Watson Machine Learning Community Edition version 1.7.0

Multiple vulnerabilities were identified in SQLite, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system.

Denial of Service
Remote Code Execution

Before installation of the software, please visit the vendor web-site for more details.
Update SQLite to version 3.32.3. TensorFlow must be updated to obtain the security fix.

• CVE-2020-13434
• CVE-2020-13435

Original Issue Date: July 20, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• WebSphere Application Server 7.0
• WebSphere Application Server 8.0
• WebSphere Application Server 8.5
• WebSphere Application Server 9.0

A vulnerability was identified in IBM WebSphere Application Server, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

Remote Code Execution

Before installation of the software, please visit the vendor web-site for more details.
https://www.ibm.com/support/pages/node/6250059

• CVE-2020-4464

Original Issue Date: July 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
Versions:
• Cisco Webex Meetings 40.6.0 and prior versions
• Cisco Webex Meetings Server 4.0 MR3 and prior versions

A vulnerability was identified in Cisco Webex Meetings and Cisco Webex Meetings Server, a remote user can exploit this vulnerability to perform data manipulation on the targeted system.

Data Manipulation

Before installation of the software, please visit the vendor web-site for more details.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-html-BJ4Y9tX

• CVE-2020-3345

Original Issue Date: July 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• FortiOS 6.0.9 and prior versions
• FortiOS 6.2.0 - 6.2.3
• FortiOS 6.4.0

A vulnerability was identified in Fortinet FortOS, a remote attacker could exploit this vulnerability to bypass security restriction on the targeted system.

Security Restriction Bypass

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• FortiOS 6.0.10 or later version
• FortiOS 6.2.4 or later version
• FortiOS 6.4.1 or later version

• CVE-2020-1281

Original Issue Date: July 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
Please refer to the Related Link for detail.

Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and security restriction bypass on the targeted system.

Denial of Service
Security Restriction Bypass

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
-10.0.0-M7 or later
- 9.0.37 or later
- 8.5.57 or later

• CVE-2020-13934
• CVE-2020-13935

Original Issue Date: July 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• MySQL
• Java SE
• Oracle Database Server
For other Oracle products, please refer to the link below: https://www.oracle.com/security-alerts/cpujul2020.html

Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, data manipulation and bypass security restriction on the targeted system.

Denial of Service
Security Restriction Bypass
Remote Code Execution
Information Disclosure
Data Manipulation

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Oracle Critical Patch Update Advisory

https://www.cvedetails.com/vulnerability-list.php?vendor_id=93&year=2020&month=7

Original Issue Date: July 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Microsoft Office
• Windows
• Extended Security Updates (ESU)
• Developer Tools
• Browser
• Open Source Software
• System Center

Microsoft has released monthly security update for their products:

Vulnerable Product	Impacts	Notes
Microsoft Office	Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
Windows	Elevation of Privilege Remote Code Execution Information Disclosure Data Manipulation Denial of Service	[Updated 16-Jul-2020]: A critical vulnerability in DNS Server CVE-2020-1350 potentially might develop into a worm-like outbreak in the Internet and trigger full control on targeted system. As such, the risk level is changed from Medium to High.
Extended Security Updates (ESU)	Remote Code Execution Information Disclosure Data Manipulation Elevation of Privilege Denial of Service
Developer Tools	Elevation of Privilege Remote Code Execution Spoofing
Browser	Remote Code Execution Information Disclosure
Open Source Software	Elevation of Privilege Denial of Service
Open Source Software	Elevation of Privilege Denial of Service
System Center	Elevation of Privilege

Denial of Service
Elevation of Privilege
Remote Code Execution
Information Disclosure
Spoofing
Data Manipulation

Before installation of the software, please visit the vendor's web-site for more details.
• Apply fixes issued by the vendor.

• https://www.cvedetails.com/vulnerability-list.php?vendor_id=26&year=2020&month=07

Original Issue Date: June 04, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Android 8.0, 8.1, 9, 10

Multiple vulnerabilities were identified in Android, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.

Elevation of Privilege
Remote Code Execution
Information Disclosure

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://source.android.com/security/bulletin/2020-06-01

• CVE-2017-9704
• CVE-2019-10597
• CVE-2019-14047
• CVE-2019-14062
• CVE-2019-14073
• CVE-2019-14076
• CVE-2019-14080
• CVE-2019-2219
• CVE-2019-9460
• CVE-2020-0113
• CVE-2020-0114
• CVE-2020-0115
• CVE-2020-0116
• CVE-2020-0117
• CVE-2020-0118
• CVE-2020-0119
• CVE-2020-0121
• CVE-2020-3614
• CVE-2020-3626
• CVE-2020-3628
• CVE-2020-3635
• CVE-2020-3642
• CVE-2020-3658
• CVE-2020-3660
• CVE-2020-3661
• CVE-2020-3662
• CVE-2020-3663
• CVE-2020-3665
• CVE-2020-3676
• CVE-2020-8428
• CVE-2020-8597
• CVE-2020-8647
• CVE-2020-8648

Original Issue Date: May 21, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• FortiAnalyzer 6.2.3 and below
• FortiManager 6.2.3 and below

A vulnerability was identified in Fortinet products, a remote attacker could exploit this vulnerability to trigger denial of service on the targeted system.

Denial of Service

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://fortiguard.com/psirt/FG-IR-16-039

• CVE-2004-0230

Original Issue Date: May 21, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Google Chrome (Desktop version) prior to 83.0.4103.61

Multiple vulnerabilities were identified in Google Chrome, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

Remote Code Execution
Security Restriction Bypass

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• Google Chrome 83.0.4103.61

• CVE-2020-6465
• CVE-2020-6466
• CVE-2020-6467
• CVE-2020-6468
• CVE-2020-6469
• CVE-2020-6470
• CVE-2020-6471
• CVE-2020-6472
• CVE-2020-6473
• CVE-2020-6474
• CVE-2020-6475
• CVE-2020-6476
• CVE-2020-6477
• CVE-2020-6478
• CVE-2020-6479
• CVE-2020-6480
• CVE-2020-6481
• CVE-2020-6482
• CVE-2020-6483
• CVE-2020-6484
• CVE-2020-6485
• CVE-2020-6486
• CVE-2020-6487
• CVE-2020-6488
• CVE-2020-6489
• CVE-2020-6490
• CVE-2020-6491

Original Issue Date: May 21, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
BIND Versions:
• 9.0.0 to 9.11.18
• 9.12.0 to 9.12.4-P2
• 9.14.0 to 9.14.11
• 9.16.0 to 9.16.2
BIND 9.17 experimental development branch: 9.17.0 to 9.17.1
BIND development branch: All 9.13 and 9.15
BIND Supported Preview Edition: 9.9.3-S1 to 9.11.18-S1

A vulnerability was identified in ISC BIND, a remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.

Denial of Service

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• BIND 9.11.19
• BIND 9.14.12
• BIND 9.16.3
• BIND 9.11.19-S1

For detail, please refer to the link below:
https://kb.isc.org/docs/cve-2020-8616 and https://kb.isc.org/docs/cve-2020-8617

• CVE-2020-8617
• CVE-2020-8616

Original Issue Date: May 21, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• All supported versions of Windows Server

A vulnerability has been identified in Microsoft Windows DNS Server, a remote user can exploit this vulnerability to trigger denial of service on the targeted system.

Denial of Service

• Workaround:
Enable RRL on a DNS server, please refer to DNS Server Response Rate Limiting

• No CVE information is available

• US-CERT
• Microsoft

Original Issue Date: May 21, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• RedHat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.1 aarch64
• RedHat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.1 ppc64le
• RedHat CodeReady Linux Builder for x86_64 - Extended Update Support 8.1 x86_64
• RedHat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
• RedHat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
• RedHat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
• RedHat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
• RedHat Enterprise Linux Server - AUS 7.4 x86_64
• RedHat Enterprise Linux Server - TUS 7.4 x86_64
• RedHat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64
• RedHat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
• RedHat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
• RedHat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le

Multiple vulnerabilities were identified in Red Hat Kernel, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and elevation of privilege on the targeted system.

Elevation of Privilege
Denial of Service

https://access.redhat.com/errata/RHSA-2020:2199 https://access.redhat.com/errata/RHSA-2020:2203 https://access.redhat.com/errata/RHSA-2020:2214

• CVE-2017-18595
• CVE-2019-19768
• CVE-2020-10711
• CVE-2020-11884

Original Issue Date: May 06, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Android 8.0, 8.1, 9, 10

Multiple vulnerabilities were identified in Android, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.

Elevation of Privilege
Remote Code Execution
Information Disclosure

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• https://source.android.com/security/bulletin/2020-05-01

• CVE-2019-14053
• CVE-2019-14054
• CVE-2019-14066
• CVE-2019-14067
• CVE-2019-14077
• CVE-2019-14078
• CVE-2019-14087
• CVE-2019-19536
• CVE-2020-0024
• CVE-2020-0064
• CVE-2020-0065
• CVE-2020-0090
• CVE-2020-0091
• CVE-2020-0092
• CVE-2020-0093
• CVE-2020-0094
• CVE-2020-0096
• CVE-2020-0097
• CVE-2020-0098
• CVE-2020-0100
• CVE-2020-0101
• CVE-2020-0102
• CVE-2020-0103
• CVE-2020-0104
• CVE-2020-0105
• CVE-2020-0106
• CVE-2020-0109
• CVE-2020-0110
• CVE-2020-3610
• CVE-2020-3615
• CVE-2020-3616
• CVE-2020-3618
• CVE-2020-3623
• CVE-2020-3625
• CVE-2020-3630
• CVE-2020-3633
• CVE-2020-3641
• CVE-2020-3645
• CVE-2020-3680

• Android

Original Issue Date: May 06, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Version 1.1.1d, 1.1.1e and 1.1.1f

A vulnerability was identified in OpenSSL, which could be exploited by attackers to trigger denial of service on the targeted system.
Note: Proof Of Concept Exploit Code Is Publicly Available

Denial of Service

Before installation of the software, please visit the vendor web-site for more details.
Update to:
• Version 1.1.1g

• CVE-2020-1967

• openSSL
• US-CERT
• Security Affairs

Original Issue Date: May 06, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• MySQL
• Java SE
• Oracle Database Server
• Oracle VM VirtualBox
• Oracle WebLogic

For other Oracle products, please refer to the link below:
https://www.oracle.com/security-alerts/cpuapr2020.html

Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and tampering on the targeted system.

One of the vulnerabilities (CVE-2020-2883) in Oracle WebLogic Server was currently being exploited in the wild. The risk level was increased to extremely high risk correspondingly.

Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Information Disclosure
Data Manipulation

Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
• Oracle Critical Patch Update Advisory

https://www.cvedetails.com/vulnerability-list.php?vendor_id=93&year=2020&month=4

Original Issue Date: May 04, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Magento Commerce 2.3.4 and earlier versions
• Magento Commerce 2.2.11 and earlier versions*
• Magento Open Source 2.3.4 and earlier versions
• Magento Open Source 2.2.11 and earlier versions*
• Magento Enterprise Edition 1.14.4.4 and earlier versions
• Magento Community Edition 1.9.4.4 and earlier versions

*Note: Magento 2.2.x reached end of support on December 31, 2019.

Multiple vulnerabilities were identified in Adobe Magento, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

Remote Code Execution
Security Restriction Bypass
Information Disclosure

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
• Magento Commerce 2.3.4-p2
• Magento Commerce 2.3.5-p1
• Magento Open Source 2.3.4-p2
• Magento Open Source 2.3.5-p1
• Magento Enterprise Edition 1.14.4.5
• Magento Community Edition 1.9.4.5

For detail, please refer to the link below:
https://helpx.adobe.com/security/products/magento/apsb20-22.html

• CVE-2020-9591
• CVE-2020-9588
• CVE-2020-9587
• CVE-2020-9586
• CVE-2020-9585
• CVE-2020-9584
• CVE-2020-9583
• CVE-2020-9582
• CVE-2020-9581
• CVE-2020-9580
• CVE-2020-9579
• CVE-2020-9578
• CVE-2020-9577
• CVE-2020-9576

Original Issue Date: May 04, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• MySQL
• Java SE
• Oracle Database Server
• Oracle VM VirtualBox
• Oracle WebLogic

Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and tampering on the targeted system.

One of the vulnerabilities (CVE-2020-2883) in Oracle WebLogic Server was currently being exploited in the wild. The risk level was increased to extremely high risk correspondingly.

Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Information Disclosure
Data Manipulation

Before installation of the software, please visit the vendor's web-site for more details.
Oracle Critical Patch Update Advisory

https://www.cvedetails.com/vulnerability-list.php?vendor_id=93&year=2020&month=4

Original Issue Date: May 04, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• WordPress versions prior to 5.4.1

Multiple vulnerabilities were identified in WordPress, a remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, security restriction bypass and sensitive information disclosure on the targeted system.

Cross-Site Scripting
Security Restriction Bypass
Information Disclosure

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
WordPress version 5.4.1

No CVE information is available

• WordPress
• US-CERT

Original Issue Date: April 24, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• iOS 13.4.1 and previous versions

Multiple vulnerabilities have been identified in Apple iOS. A remote attacker can exploit these vulnerabilities to trigger remote code execution, denial of service, sensitive information disclosure and data manipulation in the context of the Mail app (such as MobileMail on iOS 12 or maild on iOS 13) on the targeted system.

Denial of Service
Remote Code Execution
Information Disclosure
Data Manipulation

Note: Stable version of the patch is under development – only Beta version of the patch is available at the moment.

Original Issue Date: April 16, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Cisco UCS Director
• Cisco Unified Communications Manager (UCM)
• Cisco Webex Meetings

Please refer to the link below for detail:
https://tools.cisco.com/security/center/publicationListing.x

Multiple vulnerabilities were identified in Cisco products, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, security restriction bypass and sensitive information disclosure on the targeted system.

Remote Code Execution
Security Restriction Bypass
Information Disclosure

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
• Cisco UCS Director
Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E

• Cisco Unified Communications Manager (UCM)
Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-taps-path-trav-pfsFO93r

• Cisco Webex Meetings
Please refer to the link below for detail:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-Q7Rtgvby

• CVE-2020-3177
• CVE-2020-3194
• CVE-2020-3239
• CVE-2020-3240
• CVE-2020-3243
• CVE-2020-3247
• CVE-2020-3248
• CVE-2020-3249
• CVE-2020-3250
• CVE-2020-3251
• CVE-2020-3252

Original Issue Date: April 15, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• Adobe ColdFusion 2016 Update 14 and earlier versions
• Adobe ColdFusion 2018 Update 8 and earlier versions
• Adobe After Effects 17.0.1 and earlier versions
• Adobe Digital Editions 4.5.11.187212 and earlier versions

Adobe has released monthly security update for their products:

Vulnerable Product	Impacts	Details (including CVE)
Adobe ColdFusion	Information Disclosure Denial of Service Elevation of Privilege	APSB20-18
Adobe After Effects	Information Disclosure	APSB20-21
Adobe Digital Editions	Information Disclosure	APSB20-23

Denial of Service
Elevation of Privilege
Information Disclosure

Before installation of the software, please visit the vendor's web-site for more details.
• Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2020&month=04

Original Issue Date: April 15, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• MySQL
• Java SE
• Oracle Database Server
• Oracle VM VirtualBox
• Oracle WebLogic

For other Oracle products, please refer to the link below:
https://www.oracle.com/security-alerts/cpuapr2020.html

Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and tampering on the targeted system.

Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Data Manipulation

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
Oracle Critical Patch Update Advisory

https://www.cvedetails.com/vulnerability-list.php?vendor_id=93&year=2020&month=4

Original Issue Date: April 15, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:
• VMware vCenter Server prior to 6.7u3f

A vulnerability was identified in VMWare vCenter Server, a remote attacker could exploit this vulnerability to trigger sensitive information disclosure on the targeted system.

Information Disclosure

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:
https://www.vmware.com/security/advisories/VMSA-2020-0006.html

• CVE-2020-3952

Original Issue Date: April 15, 2020  
Severity Rating: HIGH
Systems / Technologies Affected:

Vulnerable Product	Impacts
ESU	Elevation of Privilege Information Disclosure Denial of Service Remote Code Execution
Windows	Elevation of Privilege Security Restriction Bypass Information Disclosure Denial of Service Remote Code Execution
Microsoft Apps	Elevation of Privilege
Browser	Remote Code Execution
Developer Tools	Elevation of Privilege Security Restriction Bypass
Microsoft Dynamics	Remote Code Execution Spoofing Information Disclosure
Microsoft Office	Remote Code Execution Spoofing Elevation of Privilege

Microsoft has released monthly security update for their products:

Denial of Service
Elevation of Privilege
Remote Code Execution
Information Disclosure
Spoofing

• Extended Security Updates (ESU)
• Windows
• Microsoft Apps
• Browser
• Developer Tools
• Microsoft Dynamics
• Microsoft Office

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor

• https://www.cvedetails.com/vulnerability-list.php?vendor_id=26&year=2020&month=04

Original Issue Date: February 10, 2020  
Severity Rating: HIGH
Systems / Technologies Affected: Google Chrome (Desktop version) prior to 80.0.3987.87

Multiple vulnerabilities were identified in Google Chrome, a remote attacker could exploit these vulnerabilities to trigger spoofing, remote code execution and security restriction bypass on the targeted system.

Remote Code Execution
Security Restriction Bypass
Spoofing

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:

Google Chrome 80.0.3987.87

• CVE-2019-18197
• CVE-2019-19880
• CVE-2019-19923
• CVE-2019-19925
• CVE-2019-19926
• CVE-2020-6381
• CVE-2020-6382
• CVE-2020-6385
• CVE-2020-6387
• CVE-2020-6388
• CVE-2020-6389
• CVE-2020-6390
• CVE-2020-6391
• CVE-2020-6392
• CVE-2020-6393
• CVE-2020-6394
• CVE-2020-6395
• CVE-2020-6396
• CVE-2020-6397
• CVE-2020-6398
• CVE-2020-6399
• CVE-2020-6400
• CVE-2020-6401
• CVE-2020-6402
• CVE-2020-6403
• CVE-2020-6404
• CVE-2020-6405
• CVE-2020-6406
• CVE-2020-6408
• CVE-2020-6409
• CVE-2020-6410
• CVE-2020-6411
• CVE-2020-6412
• CVE-2020-6413
• CVE-2020-6414
• CVE-2020-6415
• CVE-2020-6416
• CVE-2020-6417

Original Issue Date: February 10, 2020  
Severity Rating: HIGH
Systems / Technologies Affected: Google Chrome (Desktop version) prior to 80.0.3987.87

Multiple vulnerabilities were identified in Google Chrome, a remote attacker could exploit these vulnerabilities to trigger spoofing, remote code execution and security restriction bypass on the targeted system.

Remote Code Execution
Security Restriction Bypass
Spoofing

Before installation of the software, please visit the vendor's web-site for more details.
Apply fixes issued by the vendor:

Google Chrome 80.0.3987.87

• CVE-2019-18197
• CVE-2019-19880
• CVE-2019-19923
• CVE-2019-19925
• CVE-2019-19926
• CVE-2020-6381
• CVE-2020-6382
• CVE-2020-6385
• CVE-2020-6387
• CVE-2020-6388
• CVE-2020-6389
• CVE-2020-6390
• CVE-2020-6391
• CVE-2020-6392
• CVE-2020-6393
• CVE-2020-6394
• CVE-2020-6395
• CVE-2020-6396
• CVE-2020-6397
• CVE-2020-6398
• CVE-2020-6399
• CVE-2020-6400
• CVE-2020-6401
• CVE-2020-6402
• CVE-2020-6403
• CVE-2020-6404
• CVE-2020-6405
• CVE-2020-6406
• CVE-2020-6408
• CVE-2020-6409
• CVE-2020-6410
• CVE-2020-6411
• CVE-2020-6412
• CVE-2020-6413
• CVE-2020-6414
• CVE-2020-6415
• CVE-2020-6416
• CVE-2020-6417

Original Issue Date: January 29, 2020  
Severity Rating: HIGH
Systems / Technologies Affected: IOS IPadOS
MacOS
TvOS
WatchOS
Safari
ITunes for Windows

CERT-GH confirmed that information including Proof-of-Concept code about a vulnerability (CVE-2019-19781) in Citrix Application Delivery Controller and Citrix Gateway has been made public. A remote attacker leveraging this vulnerability may execute arbitrary code. On January 12, 2020, Bad Packets released information about scanning activities that appeared to be leveraging the vulnerability.

Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Information Disclosure
Spoofing

Before installation of the software, please visit the vendor web-site for more details.
Update to the following versions via "Software Update":

iOS 13.3.1
iPadOS 13.3.1
macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra
tvOS 13.3.1
watchOS 6.1.2
Safari 13.0.5
iTunes 12.10.4 for Windows

• CVE-2020-3828
• CVE-2020-3829
• CVE-2020-3831
• CVE-2020-3833
• CVE-2020-3836
• CVE-2020-3837
• CVE-2020-3838
• CVE-2020-3840
• CVE-2020-3842
• CVE-2020-3841
• CVE-2020-3844
• CVE-2020-3853
• CVE-2020-3856
• CVE-2020-3857
• CVE-2020-3858
• CVE-2020-3859
• CVE-2020-3860
• CVE-2020-3861
• CVE-2020-3868
• CVE-2020-3869
• CVE-2020-3870
• CVE-2020-3872
• CVE-2020-3873
• CVE-2020-3874
• CVE-2020-3875
• CVE-2020-3878

Original Issue Date: January 28, 2020  
Severity Rating: HIGH
Software Affected: Citrix ADC and Citrix Gateway version 13.0
Citrix ADC and NetScaler Gateway version 12.1
Citrix ADC and NetScaler Gateway version 12.0
Citrix ADC and NetScaler Gateway version 11.1
Citrix NetScaler ADC and NetScaler Gateway version 10.5
Citrix SD-WAN WANOP software and appliance model 4000
Citrix SD-WAN WANOP software and appliance model 4100
Citrix SD-WAN WANOP software and appliance model 5000
Citrix SD-WAN WANOP software and appliance model 5100

CERT-GH confirmed that information including Proof-of-Concept code about a vulnerability (CVE-2019-19781) in Citrix Application Delivery Controller and Citrix Gateway has been made public. A remote attacker leveraging this vulnerability may execute arbitrary code. On January 12, 2020, Bad Packets released information about scanning activities that appeared to be leveraging the vulnerability.

The method of confirming whether this vulnerability is exploited is as follows;

Check if there is any access to the device from a suspicious IP address.
The log of HTTP traffic to the device is recorded in httpaccess.log and httperror.log
Check whether traffic that exploits the vulnerability is recorded in the device log.
If the Proof-of-Concept code that exploits this vulnerability is executed, traffic including the following string is recorded in the device.
/vpns/
/vpn/../vpns/cfg/smb.conf
/vpn/../vpns/portal/scripts/newbm.pl
/vpn/../vpns/portal/backdoor.xml
/vpns/portal/scripts/newbm.pl
Check the files under the following directory on the device.
If there is a recently created unknown xml file, the file is a malicious file created by an attacker, it is possible that an attack has been already conducted to compromise the device.
/var/tmp/netscaler/portal/templates
/netscaler/portal/templates
Check device processes and corn jobs
Execute commands on the device to check if there is any process or corn job running by the user "nobody".
If this vulnerability is exploited, processes are executed by a user named "nobody". If such processes are running, it is possible that an attack has been already conducted to compromise the device.

As of January 17, 2020, Citrix has not provided solution for this vulnerability. Please consider applying "V. Mitigation" or discontinuing the use of the products.

Also, Citrix is planning to provide versions addressing the vulnerability on the following dates.
January 24, 2020
- Citrix NetScaler ADC and NetScaler Gateway version 10.5
On January 24, Citrix released the version 10.5 of Citrix NetScaler ADC and NetScaler Gateway that addresses this vulnerability. Since attacks leveraging the vulnerability are still being observed, we would recommend to apply solution and check whether system has been compromised as soon as possible.

Please consider to apply the following mitigation.

Restrict unnecessary traffic by firewall, etc
Apply workarounds provided by Citrix

Citrix Systems
Mitigation Steps for CVE-2019-19781
https://support.citrix.com/article/CTX267679
According to Citrix information, Citrix ADC version 12.1 builds 51.16,51.19 and builds prior to 50.31 have bugs and mitigation settings are not applied. It is recommended to update to a build that is not affected by this bug in order to properly apply the mitigation.

Original Issue Date: September 02, 2019  
Severity Rating: HIGH
Software Affected: Windows Server 2008 R2

Privilege Escalation Vulnerability has been reported in Microsoft Windows Installer which could allow an attacker to execute arbitrary code on a targeted system.

This vulnerability exists due to Windows Installer fails to properly sanitize input. A local attacker could exploit this vulnerability by accessing the system and executing an application that submits malicious input to the affected system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code with escalated privileges.

Apply appropriate updates as mentioned in the following
URL: https://portal.msrc.microsoft.com/en-US/security-guidance 
Vendor Information
Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance

Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973
CVE Name 
CVE-2019-0973

Original Issue Date: September 02, 2019  
Severity Rating: HIGH
Software Affected:

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit and x64-based Systems
Windows 10 Version 1703 for 32-bit and x64-based Systems
Windows 10 Version 1709 for 32-bit and 64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1803 for 32-bit and x64-based Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit and x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit and x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 7 for 32-bit and x64-based Systems Service Pack 1
Windows 8.1 for 32-bit and x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation also affected)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation also affected)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation also affected)
Windows Server 2012 (Server Core installation also affected)
Windows Server 2012 R2 (Server Core installation also affected)
Windows Server 2016 (Server Core installation also affected)
Windows Server 2019 (Server Core installation also affected)
Windows Server Version 1803 (Server core installation)
Windows Server Version 1903 (Server core installation)

A Vulnerability has been reported in Windows kernel which could be exploited by remote attacker to disclose sensitive information on the targeted system.

This vulnerability exists in Windows kernel due to improper initialization of objects in the memory. An attacker could exploit this vulnerability by hosting specially crafted website.
Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information to further compromise the users system.

Apply appropriate patches as mentioned in Microsoft Security Bulletin
URL: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1039
Vendor Information
Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1039

Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1039

Cisco
https://tools.cisco.com/security/center/viewAlert.x?alertId=60599
CVE Name 
CVE-2019-1039

Original Issue Date: September 02, 2019  
Severity Rating: HIGH
Software Affected:

Drupal 8.x

Multiple Vulnerability have been reported in Drupal which could be exploited by an attacker to execute arbitrary commands on a targeted system.

Access bypass Vulnerability
This vulnerability exists due to insufficient check user permissions to access its workflows entities. An attacker could exploit this vulnerability by Forms Steps provides an UI to create form workflows using form modes. Successful exploitation of this vulnerability could allow the attacker to see any entities that have been created through the different steps of its multistep forms.
Insecure session token management Vulnerability
This vulnerability allows you to store external images on your server and apply your own Image Styles. The module exposes cookies to external sites when making external image requests. An attacker could exploit this vulnerability successfully take control of the targeted website.

Apply appropriate updates as mentioned in the following URL:
https://www.drupal.org/sa-contrib-2019-064
https://www.drupal.org/sa-contrib-2019-065
Vendor Information
Drupal
https://www.drupal.org/security/contrib

Drupal
https://www.drupal.org/sa-contrib-2019-064 
https://www.drupal.org/sa-contrib-2019-0645

Original Issue Date: September 01, 2019  
Severity Rating: HIGH
Software Affected:

Apple macOS Mojave 10.14.6
Apple iOS 12.4.1

This vulnerability has been reported Apple products which could allow a remote attacker to execute arbitrary code on the targeted system.

This use after free vulnerability exists in the XNU kernel of iOS and macOS due to improper memory management.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code with system privileges on the affected systems and allowing the jailbreak of the devices.

Apply appropriate security updates as mentioned in the Apple Security Advisory
Vendor Information
Apple
https://support.apple.com/en-in/HT210548
https://support.apple.com/en-in/HT210549

Apple
https://support.apple.com/en-in/HT210548
https:/ools.cisco.com/security/center/viewAlert.x?alertId=60599
CVE Name 
CVE-2019-8605

Original Issue Date: August 21, 2019  
Severity Rating: HIGH
Software Affected:

SAP NetWeaver UDDI Server (Services Registry), Versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
SAP Commerce Cloud (mediaconversion and virtualjdbc extension), Versions - 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905
SAP NetWeaver Application Server for Java (Administrator System Overview), Versions - 7.30, 7.31, 7.40, 7.50
SAP HANA Database, Versions - 1.0, 2.0
SAP Kernel (ABAP Debugger), Versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77
SAP Business Objects Business Intelligence Platform (Web Intelligence and CMC), Version - 4.2
SAP Enable Now, Version - 1902
SAP NetWeaver Process Integration (Java Proxy Runtime), Versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50
SAP BusinessObjects Business Intelligence Platform (BI Workspace, Infoview and CMC), Versions - 4.1, 4.2, 4.3
SAP Gateway, Versions - 750, 751, 752, 753

Multiple vulnerabilities have been reported in SAP products, which could be exploited by a remote attacker to execute arbitrary code, inject malicious code, obtain sensitive information, cause denial of service conditions, perform cross site scripting attacks or perform other unauthorized activities on a targeted system.

These vulnerabilities exist in SAP products due to unsafe deserialization error, insufficient encoding of user-controlled inputs, absence of HTTP Only flag in session cookie, incorrect hardening of the XML Parser, unencrypted communication error and other flaws in the affected software. A remote attacker can exploit these vulnerabilities by injecting malicious code, sending a specially crafted XML file, executing a "Go to statement", performing unauthorized queries, running/storing a malicious script or payload, giving a payload as keyword in the search and via other attack vectors.
Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code, inject malicious code, obtain sensitive information, cause denial of service conditions, perform cross site scripting attacks or perform other unauthorized activities on a targeted system. 

Apply appropriate patches as mentioned on SAP website: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
Vendor Information
SAP
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017

SAP
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
Onapsis
https://www.onapsis.com/blog/sap-security-notes-august-19-sap-java-systems-continuity-risk-unauthenticated-attack
CVE Name 
CVE-2019-0351
CVE-2019-0344
CVE-2019-0343
CVE-2019-0345
CVE-2019-0350
CVE-2019-0349
CVE-2019-0333
CVE-2019-0346
CVE-2019-0340
CVE-2019-0337
CVE-2019-0334
CVE-2019-0338
CVE-2019-0331
CVE-2019-0332
CVE-2019-0335
CVE-2019-0348

Original Issue Date: September 12, 2019
Severity Rating: HIGH
Software Affected:

ADAL.NET
Nuget 5.2.0

A Vulnerability has been reported in Azure Active Directory Authentication Library which could allow an authenticated attacker to perform actions in context of another user on the targeted system.

This vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow. An attacker could exploit this vulnerability by accessing a service configured for On-Behalf-Of flow Library that assigns incorrect tokens.
Successful exploitation of this vulnerability could allow an authenticated attacker to perform actions in context of another user.

Apply appropriate patches as mentioned in Microsoft security bulletin:
https://portal.msrc.microsoft.com/en-US/security-guidance
Vendor Information
Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1258

Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1258
CVE Name
CVE-2019-1258

Original Issue Date: September 12, 2019
Severity Rating: HIGH
Software Affected:

EXIM email server versions prior to 4.92.2

A vulnerability has been reported in EXIM email server software which could allow an attacker to execute arbitrary code with root privileges.

This vulnerability exists in the EXIM email server software due to improper handling of peer distinguished names (DN) and ServerName Indication (SNI) during a TLS negotiation. A local or remote attacker could exploit this vulnerability by sending a specially crafted SNI data during a TLS negotiation leading to a buffer overflow error.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code with root privileges. Note: An Exim server which accepts TLS connections is vulnerable.

Apply appropriate patches as mentioned on EXIM website:
https://exim.org/static/doc/security/CVE-2019-15846.txt
Vendor Information
EXIM
https://exim.org/static/doc/security/CVE-2019-15846.txt

EXIM
https://exim.org/static/doc/security/CVE-2019-15846.txt
Bleeping Computer
https://www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/

CVE Name
CVE-2019-15846

Threats

LATEST VULNERABILITY THREATS

CVN-2020-0047

CVN-2020-0046

CVN-2020-0045

CVN-2020-0044

CVN-2020-0043

CVN-2020-0042

CVN-2020-0041

CVN-2020-0040

CVN-2020-0039

CVN-2020-0038

CVN-2020-0037

CVN-2020-0036

CVN-2020-0035

CVN-2020-0034

CVN-2020-0033

CVN-2020-0032

CVN-2020-0031

CVN-2020-0030

CVN-2020-0029

CVN-2020-0028

CVN-2020-0027

CVN-2020-0026

CVN-2020-0025

CVN-2020-0024

CVN-2020-0023

CVN-2020-0022

CVN-2020-0021

CVN-2020-0020

CVN-2020-0019

CVN-2020-0017

CVN-2020-0016

CVN-2020-0015

CVN-2020-0014

CVN-2020-0014

CVN-2020-0013

CVN-2020-0012

CVN-2020-0011

CVN-2020-0010

CVN-2020-0009

CVN-2020-0008

CVN-2020-0007

CVN-2020-0006

CVN-2020-0005

CVN-2020-0004

CVN-2020-0003

CVN-2020-0002

CVN-2020-0001

CVN-2019-0153

CVN-2019-0153

CVN-2019-0154

CVN-2019-0155

CVN-2019-0143

CVN-2019-0142

CVN-2019-0141

CVN-2019-0030

CVN-2019-0029