[oss-security] CVE-2024-45217: Apache Solr: ConfigSets created during a backup restore command are trusted implicitly

Severity: moderate Affected versions: - Apache Solr 6.6.0 before 8.11.4 - Apache Solr 9.0.0 before 9.7.0 Description: Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and giv

[oss-security] CVE-2024-45216: Apache Solr: Authentication bypass possible using a fake URL Path ending

Severity: critical Affected versions: - Apache Solr 5.3.0 before 8.11.4 - Apache Solr 9.0.0 before 9.7.0 Description: Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulne

Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

On Tue, Oct 15, 2024 at 03:17:34PM -0400, Demi Marie Obenour wrote: > What about opening the path one portion at a time using openat() with > O_NOFOLLOW (and, as applicable, O_DIRECTORY), As I understand, the SUSE patch already does that. > ensuring that each portion > is not "." or "..", does no

Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

On Tue, Oct 15, 2024 at 01:43:42PM +0200, Matthias Gerstner wrote: > Hi, > > thanks for bringing up the potential problems with the patch we (SUSE) > suggested. The missing drop of the ancillary group list has indeed been > overlooked and will result in a lack of protection, since the > "unprivile

[oss-security] CVE-2024-45693: Apache CloudStack: Request origin validation bypass makes account takeover possible

Severity: important Affected versions: - Apache CloudStack 4.15.1.0 through 4.18.2.3 - Apache CloudStack 4.19.0.0 through 4.19.1.1 Description: Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requests due to missing validation of the origin of th

[oss-security] CVE-2024-45462: Apache CloudStack: Incomplete session invalidation on web interface logout

Severity: moderate Affected versions: - Apache CloudStack 4.15.1.0 through 4.18.2.3 - Apache CloudStack 4.19.0.0 through 4.19.1.1 Description: The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the

[oss-security] CVE-2024-45461: Apache CloudStack Quota plugin: Access checks not enforced in Quota

Severity: moderate Affected versions: - Apache CloudStack Quota plugin 4.7.0 through 4.18.2.3 - Apache CloudStack Quota plugin 4.19.0.0 through 4.19.1.1 Description: The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is

[oss-security] CVE-2024-45219: Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure

Severity: important Affected versions: - Apache CloudStack 4.0.0 through 4.18.2.3 - Apache CloudStack 4.19.0.0 through 4.19.1.1 Description: Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as dat

Re: [oss-security] CVE-2024-47191: Local root exploit in the PAM module pam_oath.so

Hi, thanks for bringing up the potential problems with the patch we (SUSE) suggested. The missing drop of the ancillary group list has indeed been overlooked and will result in a lack of protection, since the "unprivileged" process will likely still be a member of the root group. I will adjust th