Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.

CVE-2023-24427: Jenkins Security Advisory 2023-01-24

Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.

CVE-2023-24429: Jenkins Security Advisory 2023-01-24

Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.

CVE-2023-24444: Jenkins Security Advisory 2023-01-24

Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.

CVE-2023-24440: Jenkins Security Advisory 2023-01-24

Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.

CVE-2023-24424: Jenkins Security Advisory 2023-01-24

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CVE-2022-38775: Security issues

By Waqas
Cybercriminals are leveraging two exploit chains (ProxyNotShell/OWASSRF) to target Microsoft Exchange servers, as warned by Bitdefender Labs.
This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers

Most of the attacks occurred in the U.S. in November 2022, but some organizations in Austria, Poland, and Turkey were also targeted.

Bitdefender Labs has shared its findings on a new wave of untargeted cyberattacks in which attackers are abusing two exploit chains to target on-premises **MS Exchange servers**.

**Findings Review**

Bitdefender noted that, at the end of November 2022, there was an increase in attacks leveraging two exploit chains identified as **ProxyNotShell** and OWASSRF to target MS Exchange servers. The researchers found that cybercriminals prefer to exploit on-premises Exchange servers 2013, 2016, and 2019.

**Vulnerabilities explained**

Attackers use two tactics in their new attacks against the MS Exchange servers. The first is the ProxyNotShell vulnerability, a combination of two already-disclosed vulnerabilities tracked as **CVE-2022-41082** and **CVE-2022-41080**. It requires threat actors to authenticate to the vulnerable server; this vulnerability was patched in November 2022.

OWASSRF is the other vulnerability exploited in this attack chain. This exploit uses the same two vulnerabilities but in a different way. It is capable of bypassing the ProxyNotShell mitigation solutions; it was used in the Rackspace attack in December 2022.

**Attack Details**

Technically, the attack is called **server-side request forgeries/SSRF**. It allows threat actors to send a specially crafted request from a vulnerable server to another server to access resources and fulfil their malicious objectives on the vulnerable server.

Using the two vulnerabilities will allow the attacker to carry out **remote code execution** if they have the login credentials. They don’t necessarily have to be an administrator to perform desired actions, as any account can be used.

Microsoft **patched** these vulnerabilities on September 30th and November 8th, 2022. This means only those companies that haven’t yet fixed their systems are at risk. Most of the attacks, according to Bitdefender’s **blog post**, occurred in the U.S. in November 2022, but some organizations in Austria, Poland, and Turkey were also targeted.

The attackers target companies from various sectors, including law and brokerage firms, real estate, consultancy firms, and wholesalers. So far, over 100,000 organizations worldwide have been targeted by SSRF attacks.

**What is SSRF Attack?**

SSRF attacks are increasingly popular among cybercriminals because, if a web app is vulnerable to SSRF, the attacker can send a request from the vulnerable server to any local network resource which isn’t otherwise accessible to the attacker. Otherwise, the attacker would send a request to an external server, e.g., a cloud platform, to carry out specific actions on behalf of the vulnerable server.

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

New Wave of Cyberattacks Targeting MS Exchange Servers

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.

%PDF-1.7 %���� 528 0 obj <> endobj 542 0 obj <>/Filter/FlateDecode/ID\[<39DCC2A24C0DE24D9B6C18325A97C7E1><78F235B8D01948A0B7B9A1427E9CE91B>\]/Index\[528 37\]/Info 527 0 R/Length 77/Prev 94092/Root 529 0 R/Size 565/Type/XRef/W\[1 2 1\]>>stream h�bbd\`\`b\`�$����@��H0� � �>�5H��R�AJ&�Xˀ�u&F��@#����/�0#l 0 endstream endobj startxref 0 %%EOF 564 0 obj <>stream h�b\`\`\`�J!Aʰ!��oI�~wE60506@�H����ژ��1~c�˴�i�'�ă�\`���.1@���A�����1�H;�0��N endstream endobj 529 0 obj <>/Metadata 11 0 R/Pages 526 0 R/StructTreeRoot 15 0 R/Type/Catalog/ViewerPreferences 543 0 R>> endobj 530 0 obj <>/MediaBox\[0 0 612 792\]/Parent 526 0 R/Resources<>/Font<>/ProcSet\[/PDF/Text/ImageB/ImageC/ImageI\]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 531 0 obj <>stream h�ėݎ�:�\_ŗ��\_�$R��.�E�n��s�R��\\6RHP����w��!��Т������{>��I�<"TPB�4 %T>��(�A�C� PS�p��S ¥M% W � (�C��&^���IXH�f�A��\`�Ҍ��� p")%��\`v)���:N�M�l��b�֙!u����qsG�r�dt�����~7����EB�����5�1�&�I�}\_=����x~Ho��{���j⋀�M�6��I��\*��N����)�����#�1�#b�y�� �i� n�ly7�ow�2F�u���Q��m1��$�4\_���\]���"\`j:���0��΁��.J�yg�Pl8�����R�ھG�4����\_�h~q\\�§��i#X�y��L\[{�c�J�M\*�����|Q����4�Uڶ'iYշOI�ܵ?7K=#�C�S�S� ��o\_j<�9�f�=yj�R��û!�@�x"�.D�DJ\[���00 Ft ��kSݛ�:�?��$y'I�D�$�9��%$)�ǂN+؏2��Q�\_R��\*���!IX���<�X�@��v2���8s=!�8'r�A�ҭq���N�����ݹ���{���?6<��X���~X�?�j��\]È���V��Q�8j���^�t�\_���:'��ZڀNGY?�ط���F\`k��u\]T�+��J^��<���d�l2�2<�Lt^Fj��Ѥ�C��\]Ru�����m��vӿ�l�v��Y2\]�(��,���},�ڐ�b�m���S�b�wt���c�4%��j���z��>�UZ����hY|1�a��&3k�����=I3���v��2���K��� �ǜG�s\]��c)#�߱�ѕ�;V2� �:�.H۱D��m�v(1�V|&��Nǳm^��\_���~�����t|�l�#�� �\\��mh2�Ƣ:Xt�\_L��?�@:cZC�2(A���W�P{G�e���\[?W�\_���!JzvLk�p�S���( endstream endobj 532 0 obj <>stream H���KO�@����hW�/��B��PH���Pz��, ;I��w֤ao�9��Y�73;�\]�:�����ޗ}�;;��߃�0���\_.$p0x������\`{a�u(@dpq'q�Xi��;�pԷ0��c0n޲��Q��N��XEw��o�/�$�����>��Xe��h'\*\*��ʍ}���q �k��i����\_��V1-^{�������%�o��s&��\`5��t�� ����L��?����e\]Ɖ��'odmh&X������\_�'xƸ�9JF�z E0�G�8i��7�������'�8��)�~�\\�0w�UΠ��h�:S6LYdJ7EPQR����Q����"�)��\*�ըN>��e5v'"Vn��|��| Er��@R\*��)�P&c�m��ܶbvu\[��W^��m1�MTn���Uؕd��"\*Y\*m���B-X��\`#�M�Ln8~� �ď�Wr�U���Q�YnZE�2&t�ޟݹ-?�\\�.�k�.W���9l)$Gr,��\]���s��NUvj�g��b:���El��i��@'3�:fH�륎�#2�皩 �����x�g3w�\]�a���7����������?ġ���I�Nx��^��q"06S7��x�+�S����ǲ�:#j('TP���8��c@�������#�O&�CN <�=�� ќ������8�M�k2�H3��22�a6\_-�-y�h�Y�s����#�b����q��ZS��XY�2��a��g���!�ǐ�Mk�=���A��� �R�^z��^��\[���n��+�9��v@T!��8Tg�\_�:C�&V� C{)�:�0�\\XN endstream endobj 533 0 obj <>stream H����N�@��-��Ү�ރ�BH%@ժH-���"��D8���wƦ\*Y���D�8�����$'�\`1J�&�d�P��0�% $>�JHm��B&�G��9-oG�i:�r�~9Ⱦ���(9�\[|%7����x3 W44�(d)ic�l�R�2F�R\\�B���)��i.����:.���F�B������\`�#��l���c�����6�ȶA؞��6�\_W��f���X�#m}����5���{���E�l���p:F ���L�F �-F͊S��b(�՗\[�rsZ勗�s$'��\[l�+�h�E �A��4%L�O��,ilW�^:KZ|��=F��b6�y��2o@Y�3�WNH������\]1^X�T|넉a�i}��C��0. �k� �ڄRX���p\*��{å\*�?�u-�4�L@�@sWe>m���F�(���K�\]�\]�/6��5� �s��v�����I����u��a��t�̻�=�Y����n��\[g�q�\_aDb�^/�,G\[�hЬ��r�)hɘ��Pcc\\M)20������h�˚v.�^p�Q� L4W�U�ֿʓJE@4���3x���y���+6+�n��j��%W���'l�k�r{�T�&,/���4�F��4\]P@T憭���S�N�Pe6��>m��\\��ƆR��c�W\`rU��ͱ����}��ӵ���M����oٺфN��p\]ݑtE9%3�ty�'AX���w�+�.S��A��֙��S�WW6i0'���ifu�q��\\Lӫ�z&�gV M7Ev�U\*�rO%I��֔�%�-\`�kk��e�"�a.��B뗎/Ɂ�"<'< �y�E#��4��n��f�e�@l�PV�Oq�X� endstream endobj 534 0 obj <>stream x�\]��n�0E�� /�E�yF�R!�Ģ���=�H�X�Y��534�b ���\_fT��ֽ���e�w�V��f%�\\{��^���-�ְ���yr0ԺY����'gg�yV��X�f�^\_��\\5���1�0�v\\��� :\_�5��<@ٶV>޻y�5��!�dF� &�J���˅\_�O~�z���d�N~��c�.D$ �Q��DG��(^)AJB�QB�'ʈ\*�=R,�Dtz\*���\*��x��8���4Bm�:��I��Bu�?�$OK�v$/)�\\�D"�Vk��Tf���ot��r �Ó7k������Q���ɌfQ-�Q�� endstream endobj 535 0 obj <>stream H����n�8�� ��RZ��H�D�(���m4���^4{!ۊ#�be%�i߾3tz�ZTRc��)��7��?����ǣ��x�n<��73��-<{���z2~�N\_���(!�� �?S��)ƣO�f<:�%�?����x$qRtQ���a~�k��>��>{3���>����i�S����k\_{���h�������ko�̚�2'&�&��|��k .�NE��c�\]��'�D"tƊ����FI("�� �LIt&~tJ����e��c��|Ě3=Nl���R|o/΃�\_�R{S"�w�5ŉ����f�sI�'ӗL�F���� �Z<4b�p��2">d�����Ij���K�E�D1��\\�.I2���\[�\]L�rWL�) {�{�7���rd��Ez�>�rS�%��.\_�UI������eR���k?E ��ys׌#��f���m��G�f�a�B�,�{��\_ҩ��v��تE�s��R�r�%�H�˾�XA�aK5�bKm�vȶ�Qf\[�|�� ����˭���Y��͒B\]�M�-�+�M��Y;zشe�-�L�q\*"�2QrQ=@���N��»꺛�ϼi@�:�����eC/�מFI(�qYQ7���Zˡ�ڵ�uu�r�qҖ��3�K������Hh���Q2�#e�-W\_':��}���ߔ��a�Չ3��n���87�0 �N�HG�T'�B��:����25�A) �to�H��$ Ev����tK���I���r\[A�-�\]?�\]pޑH՗�\]���ݶ���J�ݢ�Y|3P���m�2�oUA=�K+�j�7@���f�w^�K�l �uY�f�W�dxQ���9׵�- ��P|)�V�v��͢��4h.W����&{.���Gl�?��+��q������<� ?��V���)�݌$C��8\`j� endstream endobj 536 0 obj <>stream H��W�k�H~��G����{�\`���gȁ��>�Xn��vNv���+�v��I@������fv曌×A��� �;��\\&o����fQ����0�}���ٟ��\_\\�x��B���Kh�A��X�1.^h�y�� ���!4�H�0\[�=v\[�U�Y�����׻-!�Ş��)�O'�+�����HU�0>��k-���8�W���Gس ,�|״��� @�<| >\_��^���#\[�r��=kTP�3+SP���V߂�mS��R��݆�)0�>e���2)���P� ��IiO�l�B�Ѧ9.��� \`2�\`��M<o�6G�N��q>Vui�l\]\*���x3.\\�� >�Ļ�-���EI�d2gK"򕬘Lƹ&�Y)���w<^��Ky@��K�ez�I�$���;^Y�O$��S���3�yr�T<�{e�ť}�j�����q�&,2&l�K7���sO��ӊ�sl��2�Bh�oVT��J&���=UkA1!�Na���yhm�M�sl���^NU>���O�.�THְ\*B2�\`�(<\*�J1�����O�

CVE-2023-23560

OpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities.

Tag

#ssrf