Jose Alexis Correa Valencia, Author at AlterPlex

11 Mar 2025

CVE-2024-55592

Título es
CVE-2024-55592

Mar, 11/03/2025 – 15:15

Tipo
CWE-863

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-55592

Descripción en
An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions, may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
3.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-377

Enviar en el boletín
Off

11 Mar 2025

CVE-2024-55590

Título es
CVE-2024-55590

Mar, 11/03/2025 – 15:15

Tipo
CWE-78

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-55590

Descripción en
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiIsolator version 2.4.0 through 2.4.5 allows an authenticated attacker with at least read-only admin permission and CLI access to execute unauthorized code via specifically crafted CLI commands.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
8.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-178

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-22454

Título es
CVE-2025-22454

Mar, 11/03/2025 – 15:15

Tipo
CWE-732

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-22454

Descripción en
Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
7.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://forums.ivanti.com/s/article/March-Security-Advisory-Ivanti-Secure-Access-Client-ISAC-CVE-2025-22454

Enviar en el boletín
Off

11 Mar 2025

CVE-2024-55597

Título es
CVE-2024-55597

Mar, 11/03/2025 – 15:15

Tipo
CWE-22

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-55597

Descripción en
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiWeb versions 7.0.0 through 7.6.0 allows attacker to execute unauthorized code or commands via crafted requests.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
5.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-439

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-27403

Título es
CVE-2025-27403

Mar, 11/03/2025 – 15:15

Tipo
CWE-287

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27403

Descripción en
Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azure Container Registry (ACR). The Azure workload identity and Azure managed identity authentication providers are configured in this setup. Users that configure a private ACR to be used with the Azure authentication providers may be impacted by a vulnerability that exists in versions prior to 1.2.3 and 1.3.2. Both Azure authentication providers attempt to exchange an Entra ID (EID) token for an ACR refresh token. However, Ratify’s Azure authentication providers did not verify that the target registry is an ACR. This could have led to the EID token being presented to a non-ACR registry during token exchange. EID tokens with ACR access can potentially be extracted and abused if a user workload contains an image reference to a malicious registry. As of versions 1.2.3 and 1.3.2, the Azure workload identity and Azure managed identity authentication providers are updated to add new validation prior to EID token exchange. Validation relies upon registry domain validation against a pre-configured list of well-known ACR endpoints. EID token exchange will be executed only if at least one of the configured well-known domain suffixes (wildcard support included) matches the registry domain of the image reference.

11/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Gravedad 4.0
7.20

Gravedad 4.0 txt
HIGH

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://github.com/ratify-project/ratify/commit/0ec0c08490e3d672ae64b1a220c90d5484f1c93f

https://github.com/ratify-project/ratify/commit/84c7c48fa76bb9a1c9583635d1e90bc25b1a546c

https://github.com/ratify-project/ratify/security/advisories/GHSA-44f7-5fj5-h4px

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-27601

Título es
CVE-2025-27601

Mar, 11/03/2025 – 16:15

Tipo
CWE-285

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27601

Descripción en
Umbraco is a free and open source .NET content management system. An improper API access control issue has been identified Umbraco's API management package prior to versions 15.2.3 and 14.3.3, allowing low-privilege, authenticated users to create and update data type information that should be restricted to users with access to the settings section. The issue is patched in versions 15.2.3 and 14.3.3. No known workarounds are available.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
4.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/umbraco/Umbraco-CMS/commit/d9fb6df16e9adf8656181cac8497fc5ba23321cd

https://github.com/umbraco/Umbraco-CMS/commit/ebb6a580dc1da2c772a99838dc7b4660bf77eb9c

https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-6ffg-mjg7-585x

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-25747

Título es
CVE-2025-25747

Mar, 11/03/2025 – 16:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-25747

Descripción en
Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 allows an attacker to execute arbitrary code and obtain sensitive information via the ripristina_backup parameter in the crea_backup.php endpoint

11/03/2025

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://cwe.mitre.org/data/definitions/79.html

https://www.huyvo.net/post/cve-2025-25747-reflected-xss-vulnerability-in-hoteldruid-3-0-7

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-25680

Título es
CVE-2025-25680

Mar, 11/03/2025 – 16:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-25680

Descripción en
LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera.

11/03/2025

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://github.com/Yasha-ops/LSC_Indoor_PTZ_Camera-RCE

https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-25680

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-27617

Título es
CVE-2025-27617

Mar, 11/03/2025 – 16:15

Tipo
CWE-89

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27617

Descripción en
Pimcore is an open source data and experience management platform. Prior to version 11.5.4, authenticated users can craft a filter string used to cause a SQL injection. Version 11.5.4 fixes the issue.

11/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Gravedad 4.0
6.30

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Extension/RelationFilterConditionParser.php#L29-L47

https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Multiselect.php#L332-L347

https://github.com/pimcore/pimcore/commit/19a8520895484e68fd254773e32476565d91deea

https://github.com/pimcore/pimcore/security/advisories/GHSA-qjpx-5m2p-5pgh

Enviar en el boletín
Off

11 Mar 2025

CVE-2025-27602

Título es
CVE-2025-27602

Mar, 11/03/2025 – 16:15

Tipo
CWE-285

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27602

Descripción en
Umbraco is a free and open source .NET content management system. In versions of Umbraco's web backoffice program prior to versions 10.8.9 and 13.7.1, via manipulation of backoffice API URLs, it's possible for authenticated backoffice users to retrieve or delete content or media held within folders the editor does not have access to. The issue is patched in versions 10.8.9 and 13.7.1. No known workarounds are available.

11/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
4.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/umbraco/Umbraco-CMS/commit/5b54bed406682ceff57903bf7d3c57814eef31a7

https://github.com/umbraco/Umbraco-CMS/commit/7888b9a4ce5ae7f9bda7ff3bb705b8fcd2f1675d

https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wx5h-wqfq-v698

Enviar en el boletín
Off

Autor: Jose Alexis Correa Valencia