{"id":53890,"date":"2024-11-14T11:22:38","date_gmt":"2024-11-14T10:22:38","guid":{"rendered":"https:\/\/www.usd.de\/?p=53890"},"modified":"2024-11-14T11:55:19","modified_gmt":"2024-11-14T10:55:19","slug":"security-advisories-autumn-2024","status":"publish","type":"post","link":"https:\/\/www.usd.de\/en\/security-advisories-autumn-2024\/","title":{"rendered":"Security Advisories on SAP, Atlassian, Contao, Metaways Infosystems, Oveleon, PebbleRoad und Webswing"},"content":{"rendered":"\n

The pentest professionals<\/a> at usd HeroLab<\/a> examined SAP, Atlassian, Contao, Metaways Infosystems, Oveleon, PebbleRoad and Webswing during their pentests<\/a>.Thereby, several vulnerabilities were identified in the various applications.<\/p>\n\n\n\n

The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy<\/a>.<\/p>\n\n\n\n

<\/p>\n\n\n\n

SAP Business Connector & SAP Fiori<\/h3>\n\n\n\n

Several cross-site scripting vulnerabilities were identified in SAP Business Connector. Attackers were able to execute JavaScript in the context of other users.<\/p>\n\n\n\n

Vulnerabilities were discovered in SAP Fiori that allowed attackers to gain unauthorized access to business travel data and authorize arbitrary individuals to approve vacation requests.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
usd-2024-0004<\/a><\/td>SAP Business Connector<\/td>Improper Neutralization of Input During Web Page Generation
(CWE-79 'Stored Cross-site Scripting')<\/td><\/tr>
usd-2024-0003<\/a><\/td>SAP Business Connector<\/td>Improper Neutralization of Input During Web Page Generation (CWE 79 - 'Reflected Cross-site Scripting')<\/td><\/tr>
usd-2023-0042<\/a><\/td>SAP Fiori<\/td>CWE-284: Improper Access Control<\/td><\/tr>
usd-2023-0040<\/a><\/td>SAP Fiori<\/td>CWE-862: Missing Authorization<\/td><\/tr><\/tbody><\/table>
Security Advisories on SAP<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

Contao & Oveleon<\/h3>\n\n\n\n

The vulnerabilities found in Contao allowed attackers with access to the backend of Contao to list files on the underlying system and upload any file, which could then be executed on the web server.<\/p>\n\n\n\n

A cross-site scripting vulnerability was identified in the cookiebar for Contao developed by Oveleon. This made it possible for attackers to execute JavaScript in the context of other users.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
usd-2024-0013<\/a><\/td>Contao CMS<\/td>Unrestricted Upload of File with Dangerous Type (CWE-434)<\/td><\/tr>
<\/a>usd-2024-0012<\/a><\/td>Contao CMS<\/td>Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)<\/td><\/tr>
usd-2024-0009<\/a><\/a><\/td>Oveleon<\/td>CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<\/td><\/tr><\/tbody><\/table>
Security Advisories on Contao und Oveleon<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

Metaways Infosystems<\/h3>\n\n\n\n

The identified vulnerability in Tine Groupware allowed unauthenticated attackers to gain access to login data if LDAP was used for user authentication.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
<\/a>usd-2024-0005<\/a><\/td>Tine<\/td>Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)<\/td><\/tr><\/tbody><\/table>
Security Advisories on Metaways<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

Atlassian<\/h3>\n\n\n\n

The vulnerability in Jira Cloud allowed system commands to be included in CSV files. Low privileged attackers could insert potentially malicious code into exported CSV files.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
<\/a>usd-2024-0007<\/a><\/a><\/td>Jira Cloud<\/td>Improper Neutralization of Formula Elements in a CSV File (CWE 1236)<\/td><\/tr><\/tbody><\/table>
Security Advisories on Atlassian<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

PebbleRoad<\/h3>\n\n\n\n

During their pentests a cross-site scripting vulnerability was found, which allows attackers to execute JavaScript code in the context of other users.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
<\/a>usd-2024-0011<\/a><\/td>Glossarizer<\/td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)<\/td><\/tr><\/tbody><\/table>
Security Advisories zu PebbleRoad<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

Webswing<\/h3>\n\n\n\n

A vulnerability that was found in Webswing enabled attackers to overwrite any file on the underlying system and ultimately execute their own code on the system.<\/p>\n\n\n\n

ID<\/th>Product<\/th>Vulnerability Type<\/strong><\/th><\/tr><\/thead>
<\/a>usd-2024-0008<\/a><\/td>Webswing<\/td>Relative Path Traversal (CWE-23)<\/td><\/tr><\/tbody><\/table>
Security Advisory on Webswing<\/figcaption><\/figure>\n\n\n\n

<\/p>\n\n\n\n

About usd HeroLab Security Advisories<\/h2>\n\n\n\n

In order to protect businesses against hackers and criminals, we must ensure that our skills and knowledge are up to date at all times. Therefore, security research is just as important to our work as is building up a security community to promote an exchange of knowledge. After all, more security can only be achieved if many people take on the task.<\/p>\n\n\n\n

We analyze attack scenarios, which are changing constantly, and publish a series of Security Advisories on current vulnerabilities and security issues \u2013 always in line with our Responsible Disclosure Policy<\/a>.<\/p>\n\n\n\n

Always in the name of our mission: \u201cmore security.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

The pentest professionals at usd HeroLab examined SAP, Atlassian, Contao, Metaways Infosystems, Oveleon, PebbleRoad and Webswing during their pentests.Thereby, several vulnerabilities were identified in the various applications. The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy. SAP Business Connector & SAP Fiori Several cross-site scripting vulnerabilities were identified in SAP […]<\/p>\n","protected":false},"author":117,"featured_media":46998,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[373,1674,10757],"tags":[11405,11406,11407,11408,11409,8540,11410,380,487,381,11411],"class_list":["post-53890","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en","category-security-advisories-en","category-usd-herolab-en","tag-atlassian-en","tag-contao-en","tag-metaways-en","tag-oveleon-en","tag-pebbleroad-en","tag-sap-en","tag-sap-fiori-en","tag-security-advisories-en","tag-security-analysis-en","tag-security-research-en","tag-webswing-en"],"_links":{"self":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/53890","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/users\/117"}],"replies":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/comments?post=53890"}],"version-history":[{"count":5,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/53890\/revisions"}],"predecessor-version":[{"id":53942,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/53890\/revisions\/53942"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media\/46998"}],"wp:attachment":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media?parent=53890"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/categories?post=53890"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/tags?post=53890"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}