#patchupdate — Public Fediverse posts

Critical Zero-Day in Oracle E-Business Suite Prompts Urgent Security Updates https://thecyberexpress.com/oracle-ebs-critical-flaw-cve-2025-61882/ #OracleEBusinessSuite #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202561882 #PatchUpdate #CyberNews

Elden Ring: Nightreign’s Newest Patch Makes Solo Runs Viable https://eip.gg/nightreign/news/patch-1-01-1/?utm_source=dlvr.it&utm_medium=mastodon #EldenRing #GamingNews #PatchUpdate #SoloRuns #Nightreign

Dead by Daylight April Developer Update Reveals Improvements to Dailies & Archives https://eip.gg/dbd/news/april-25-developer-update/?utm_source=dlvr.it&utm_medium=mastodon #DeadbyDaylight #gamingnews #patchupdate #Dailies #Archives

Dead by Daylight April Developer Update Reveals Improvements to Dailies & Archives https://eip.gg/dbd/news/april-25-developer-update/?utm_source=dlvr.it&utm_medium=mastodon #DeadbyDaylight #gamingnews #patchupdate #Dailies #Archives

Dead by Daylight April Developer Update Reveals Improvements to Dailies & Archives https://eip.gg/dbd/news/april-25-developer-update/?utm_source=dlvr.it&utm_medium=mastodon #DeadbyDaylight #gamingnews #patchupdate #Dailies #Archives

Dead by Daylight April Developer Update Reveals Improvements to Dailies & Archives https://eip.gg/dbd/news/april-25-developer-update/?utm_source=dlvr.it&utm_medium=mastodon #DeadbyDaylight #gamingnews #patchupdate #Dailies #Archives

Dead by Daylight April Developer Update Reveals Improvements to Dailies & Archives https://eip.gg/dbd/news/april-25-developer-update/?utm_source=dlvr.it&utm_medium=mastodon #DeadbyDaylight #gamingnews #patchupdate #Dailies #Archives

#ActuLibre Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root -> http://feedproxy.google.com/~r/TheHackersNews/~3/M7ZGsctUY0w/sudo-linux-vulnerability.html #privilegeescalation #LinuxVulnerability #Vulnerability #patchupdate #ApplemacOS #LinuxSudo #Sudo

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary

🐉 Dragon's Dogma 2 svela nuova patch con sorprese epiche! Scopri tutte le novità! #Gaming #PatchUpdate

🔗 https://www.spaziogames.it/notizie/dragons-dogma-2-non-ha-ancora-finito-e-annuncia-la-nuova-patch-ecco-le-novita

Microsoft Urges Windows Admins to Patch Microsoft Message Queuing RCE flaw https://gbhackers.com/microsoft-message-queuing-rce-flaw/ #CybersecurityVulnerabilities #Remotecodeexecution #CVE/vulnerability #CyberSecurityNews #Microsoftsecurity #SecurityUpdates #PatchUpdate #Microsoft

VMware SD-WAN Multiple Security Vulnerabilities Addressed

Date: 2024-04-02
CVE: CVE-2024-22246, CVE-2024-22247, CVE-2024-22248
Vulnerability Type: [[Command Injection]], [[CWE-306|Missing Authentication]], [[CWE-601|Open Redirect]]
CWE: [[CWE-77]], [[CWE-306]], [[CWE-601]]
Sources: VMware Security Advisories

Issue Summary

VMware has issued an advisory for multiple vulnerabilities affecting its SD-WAN Edge and Orchestrator products. The issues were reported privately and concern unauthenticated command injection, missing authentication, and open redirect vulnerabilities, with patches now available.

Technical Key findings

The command injection vulnerability (CVE-2024-22246) allows for remote code execution without authentication, particularly dangerous during the router's activation. CVSSv3 base score of 7.4.

CVE-2024-22247 involves missing authentication mechanisms, potentially enabling unauthorized BIOS configuration access.  CVSSv3 base score of 4.8.

CVE-2024-22248 is an open redirect vulnerability in the SD-WAN Orchestrator, leading to possible sensitive information disclosure. CVSSv3 base score of 7.1.

Vulnerable products

• VMware SD-WAN Edge versions prior to 5.0.1 and 4.5.1
• VMware SD-WAN Orchestrator version prior to 5.0.1

Response Matrix

| | | | | | | | | |
|---|---|---|---|---|---|---|---|---|
|Product|Version|Running On|CVE Identifier|CVSSv3|Severity|Fixed Version|Workarounds|Additional Documentation|
|VMware SD-WAN (Edge)|5.x|Any|CVE-2024-22246|7.4|Important|5.0.1+|N/A|N/A|
|VMware SD-WAN (Edge)|4.5.x|Any|CVE-2024-22246|7.4|Important|4.5.1+|N/A|N/A|
|VMware SD-WAN (Edge)|4.5.x/5.x|Any|CVE-2024-22247|4.8|Moderate|KB97391|N/A|N/A|
|VMware SD-WAN (Edge)|Any|Any|CVE-2024-22248|N/A|N/A|Unaffected|N/A|N/A|
|VMware SD-WAN (Orchestrator)|Any|Any|CVE-2024-22246, CVE-2024-22247|N/A|N/A|Unaffected|N/A|N/A|
|VMware SD-WAN (Orchestrator)|5.x|Any|CVE-2024-22248|7.1|Important|5.0.1+|N/A|N/A|

Impact assessment

Exploitation of these vulnerabilities can lead to unauthorized command execution, BIOS configuration access without authentication, and redirection of users to attacker-controlled domains, potentially resulting in significant security breaches.

Patches or workaround

VMware has released patches for the affected versions. No workarounds available.

Tags

#VMware #SD-WAN #SecurityVulnerability #CVE-2024-22246 #CVE-2024-22247 #CVE-2024-22248 #PatchUpdate

20240321 - Atlassian Confluence Security Bulletin Analysis March 2024 Vulnerability with a focus on CVE-2024-1597

Date: March 19, 2024
CVE: CVE-2024-1597
Sources: Atlassian Documentation, SecurityWeek, CISA

Issue Summary

A recent security bulletin released by Atlassian on March 19, 2024, addresses a significant vulnerability in Confluence, a widely used collaboration tool. This issue poses a potential risk for unauthorized access and control by attackers, leading to data breaches and system compromise.

Most notable is CVE-2024-1597, a critical vulnerability in a non-Atlassian Bamboo dependency. Here the PostgreSQL JDBC Driver, also known as PgJDBC, faces a critical SQL Injection vulnerability, particularly when configured in PreferQueryMode=SIMPLE. This configuration is not the default setting, but if used, it opens up potential for SQL injection attacks. This vulnerability exists due to the manipulation of numeric and string placeholders in SQL queries, allowing attackers to modify the SQL execution logic and inject malicious SQL code.

|Product & Release Notes|Affected Versions|Fixed Versions|Vulnerability Summary|CVE ID|CVSS Severity|
|---|---|---|---|---|---|
|Bamboo Data Center and Server|- 9.5.0 to 9.5.1
- 9.4.0 to 9.4.3
- 9.3.0 to 9.3.6
- 9.2.0 to 9.2.11 (LTS)
- 9.1.0 to 9.1.3

- 9.0.0 to 9.0.4

- 8.2.0 to 8.2.9

- Any earlier versions|- 9.6.0 (LTS) or 9.5.2 recommended Data Center Only
- 9.4.4
- 9.2.12 (LTS)|SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server


NOTE: CVE-2024-1597 is a critical vulnerability in a non-Atlassian Bamboo dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory.|CVE-2024-1597|10.0 Critical|

Technical Key findings

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Vulnerable products

All versions of PgJDBC before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are vulnerable to this SQL injection attack. For Bamboo Data Center and Server this dependicy is used in;

• 9.5.0 to 9.5.1
• 9.4.0 to 9.4.3
• 9.3.0 to 9.3.6
• 9.2.0 to 9.2.11 (LTS)
• 9.1.0 to 9.1.3
• 9.0.0 to 9.0.4
• 8.2.0 to 8.2.9
• Any earlier versions

However, Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the PreferQueryMode=SIMPLE in their SQL database connection settings.

Impact assessment

The impact of exploiting CVE-2024-1597 is severe and includes:

• Unauthorized data exposure, including sensitive customer information and business secrets.
• Data manipulation, potentially leading to disrupted operations and diminished trust.
• In extreme cases, attackers could gain complete control over the affected database.

Patches or workaround

Atlassian has released updates for Confluence Server and Data Center that address this vulnerability. Users are advised to update their installations to the fixed version (9.6.0 (LTS) or 9.5.2 recommended Data Center Only 9.4.4 9.2.12 (LTS)) as soon as possible.

Tags

#Atlassian #Confluence #Cybersecurity #Vulnerability #PatchUpdate #CVE-2024-1597 #pgjdbc #SQLInjection #PostgreSQL #SecurityVulnerability

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

#ActuLibre Adobe Patches Critical Bugs Affecting Media Encoder and After Effects -> http://feedproxy.google.com/~r/TheHackersNews/~3/svc6cXKl_Z4/adobe-software-updates.html #adobesoftwareupdate #securityupdate #softwareupdate #adobesoftware #patchdownload #patchupdate #Adobe

#ActuLibre Google Offers Financial Support to Open Source Projects for Cybersecurity -> http://feedproxy.google.com/~r/TheHackersNews/~3/353OkO8KIHQ/google-open-source-projects.html #vulnerabilitydisclosure #PatchRewardsProgram #opensourceprojects #BugBountyProgram #cybersecurity #cybersecurity #patchupdate #OpenSource #Google

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

Date: May 21, 2024

CVE: [[CVE-2024-4985]]

Vulnerability Type: Improper Authentication

CWE: [[CWE-287]]

Sources: Cyber Security News, SecurityWeek, The Hacker News

Issue Summary

A critical vulnerability in GitHub Enterprise Server, identified as CVE-2024-4985, was discovered that allows attackers to bypass authentication. This flaw, found in versions 3.9.14, 3.10.11, 3.11.9, and 3.12.3, permits unauthorized access to repositories and sensitive data by exploiting a weakness in the SAML SSO authentication process.

Technical Key Findings

The vulnerability arises from a logic error in the SAML SSO authentication process, where the server fails to verify the validity of digital signatures on SAML responses properly. Attackers can craft SAML assertions with any certificate, which the server incorrectly accepts, allowing the spoofing of user identities, including admin accounts.

Vulnerable Products

• GitHub Enterprise Server versions 3.9.14
• GitHub Enterprise Server versions 3.10.11
• GitHub Enterprise Server versions 3.11.9
• GitHub Enterprise Server versions 3.12.3

Impact Assessment

Exploitation of this vulnerability could lead to unauthorized access to private repositories, sensitive data, and administrative controls. This can result in data breaches, code tampering, and potential intellectual property theft.

Patches or Workaround

GitHub has released patched versions (3.9.15, 3.10.12, 3.11.10, and 3.12.4) to address this issue. As an interim measure, enabling SAML certificate pinning can mitigate the risk. Additionally, auditing access logs for suspicious activity and rotating credentials is advised.

Tags

#GitHub #CVE20244985 #SAML #AuthenticationBypass #SecurityFlaw #EnterpriseSecurity #DataBreach #PatchUpdate #CyberSecurity

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

"🔐 #GitLabSecurityAlert - Multiple Critical Vulnerabilities Patched in GitLab 🚨"

📰 GitLab has released critical updates (16.7.2, 16.6.4, 16.5.6) addressing several security vulnerabilities, including a critical account takeover flaw and a Slack/Mattermost integration exploit. Users are urged to update immediately.

1️⃣ The most severe, CVE-2023-7028, allowed password reset emails to be sent to unverified addresses (CVSS 10.0).
2️⃣ CVE-2023-5356 permitted unauthorized execution of slash commands in Slack/Mattermost integrations (CVSS 9.6).
3️⃣ CVE-2023-4812 involved bypassing CODEOWNERS approval in merge requests (CVSS 7.6).
4️⃣ CVE-2023-6955, a medium severity issue, related to improper access control in GitLab Remote Development (CVSS 6.6).
5️⃣ The least critical, CVE-2023-2030, allowed alteration of metadata in signed commits (CVSS 3.5).

Kudos to the security researchers (@asterion04, @yvvdwf, @ali_shehab, @lotsofloops on HackerOne) and GitLab's @j.seto for identifying these issues. Stay secure, folks!

Source: GitLab Release Notes
Author: Greg Myers

Tags: #Cybersecurity #Vulnerability #GitLab #CVE2023 #PatchUpdate #InfoSec #HackerOne #DevSecOps 🛡️💻🔧

20240321 - Atlassian Confluence Security Bulletin Analysis March 2024 Vulnerability with a focus on CVE-2024-1597

Date: March 19, 2024
CVE: CVE-2024-1597
Sources: Atlassian Documentation, SecurityWeek, CISA

Issue Summary

A recent security bulletin released by Atlassian on March 19, 2024, addresses a significant vulnerability in Confluence, a widely used collaboration tool. This issue poses a potential risk for unauthorized access and control by attackers, leading to data breaches and system compromise.

Most notable is CVE-2024-1597, a critical vulnerability in a non-Atlassian Bamboo dependency. Here the PostgreSQL JDBC Driver, also known as PgJDBC, faces a critical SQL Injection vulnerability, particularly when configured in PreferQueryMode=SIMPLE. This configuration is not the default setting, but if used, it opens up potential for SQL injection attacks. This vulnerability exists due to the manipulation of numeric and string placeholders in SQL queries, allowing attackers to modify the SQL execution logic and inject malicious SQL code.

|Product & Release Notes|Affected Versions|Fixed Versions|Vulnerability Summary|CVE ID|CVSS Severity|
|---|---|---|---|---|---|
|Bamboo Data Center and Server|- 9.5.0 to 9.5.1
- 9.4.0 to 9.4.3
- 9.3.0 to 9.3.6
- 9.2.0 to 9.2.11 (LTS)
- 9.1.0 to 9.1.3

- 9.0.0 to 9.0.4

- 8.2.0 to 8.2.9

- Any earlier versions|- 9.6.0 (LTS) or 9.5.2 recommended Data Center Only
- 9.4.4
- 9.2.12 (LTS)|SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server


NOTE: CVE-2024-1597 is a critical vulnerability in a non-Atlassian Bamboo dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory.|CVE-2024-1597|10.0 Critical|

Technical Key findings

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Vulnerable products

All versions of PgJDBC before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are vulnerable to this SQL injection attack. For Bamboo Data Center and Server this dependicy is used in;

• 9.5.0 to 9.5.1
• 9.4.0 to 9.4.3
• 9.3.0 to 9.3.6
• 9.2.0 to 9.2.11 (LTS)
• 9.1.0 to 9.1.3
• 9.0.0 to 9.0.4
• 8.2.0 to 8.2.9
• Any earlier versions

However, Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the PreferQueryMode=SIMPLE in their SQL database connection settings.

Impact assessment

The impact of exploiting CVE-2024-1597 is severe and includes:

• Unauthorized data exposure, including sensitive customer information and business secrets.
• Data manipulation, potentially leading to disrupted operations and diminished trust.
• In extreme cases, attackers could gain complete control over the affected database.

Patches or workaround

Atlassian has released updates for Confluence Server and Data Center that address this vulnerability. Users are advised to update their installations to the fixed version (9.6.0 (LTS) or 9.5.2 recommended Data Center Only 9.4.4 9.2.12 (LTS)) as soon as possible.

Tags

#Atlassian #Confluence #Cybersecurity #Vulnerability #PatchUpdate #CVE-2024-1597 #pgjdbc #SQLInjection #PostgreSQL #SecurityVulnerability

20240321 - Atlassian Confluence Security Bulletin Analysis March 2024 Vulnerability with a focus on CVE-2024-1597

Date: March 19, 2024
CVE: CVE-2024-1597
Sources: Atlassian Documentation, SecurityWeek, CISA

Issue Summary

A recent security bulletin released by Atlassian on March 19, 2024, addresses a significant vulnerability in Confluence, a widely used collaboration tool. This issue poses a potential risk for unauthorized access and control by attackers, leading to data breaches and system compromise.

Most notable is CVE-2024-1597, a critical vulnerability in a non-Atlassian Bamboo dependency. Here the PostgreSQL JDBC Driver, also known as PgJDBC, faces a critical SQL Injection vulnerability, particularly when configured in PreferQueryMode=SIMPLE. This configuration is not the default setting, but if used, it opens up potential for SQL injection attacks. This vulnerability exists due to the manipulation of numeric and string placeholders in SQL queries, allowing attackers to modify the SQL execution logic and inject malicious SQL code.

|Product & Release Notes|Affected Versions|Fixed Versions|Vulnerability Summary|CVE ID|CVSS Severity|
|---|---|---|---|---|---|
|Bamboo Data Center and Server|- 9.5.0 to 9.5.1
- 9.4.0 to 9.4.3
- 9.3.0 to 9.3.6
- 9.2.0 to 9.2.11 (LTS)
- 9.1.0 to 9.1.3

- 9.0.0 to 9.0.4

- 8.2.0 to 8.2.9

- Any earlier versions|- 9.6.0 (LTS) or 9.5.2 recommended Data Center Only
- 9.4.4
- 9.2.12 (LTS)|SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server


NOTE: CVE-2024-1597 is a critical vulnerability in a non-Atlassian Bamboo dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory.|CVE-2024-1597|10.0 Critical|

Technical Key findings

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Vulnerable products

All versions of PgJDBC before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are vulnerable to this SQL injection attack. For Bamboo Data Center and Server this dependicy is used in;

• 9.5.0 to 9.5.1
• 9.4.0 to 9.4.3
• 9.3.0 to 9.3.6
• 9.2.0 to 9.2.11 (LTS)
• 9.1.0 to 9.1.3
• 9.0.0 to 9.0.4
• 8.2.0 to 8.2.9
• Any earlier versions

However, Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the PreferQueryMode=SIMPLE in their SQL database connection settings.

Impact assessment

The impact of exploiting CVE-2024-1597 is severe and includes:

• Unauthorized data exposure, including sensitive customer information and business secrets.
• Data manipulation, potentially leading to disrupted operations and diminished trust.
• In extreme cases, attackers could gain complete control over the affected database.

Patches or workaround

Atlassian has released updates for Confluence Server and Data Center that address this vulnerability. Users are advised to update their installations to the fixed version (9.6.0 (LTS) or 9.5.2 recommended Data Center Only 9.4.4 9.2.12 (LTS)) as soon as possible.

Tags

#Atlassian #Confluence #Cybersecurity #Vulnerability #PatchUpdate #CVE-2024-1597 #pgjdbc #SQLInjection #PostgreSQL #SecurityVulnerability

20240321 - Atlassian Confluence Security Bulletin Analysis March 2024 Vulnerability with a focus on CVE-2024-1597

Date: March 19, 2024
CVE: CVE-2024-1597
Sources: Atlassian Documentation, SecurityWeek, CISA

Issue Summary

A recent security bulletin released by Atlassian on March 19, 2024, addresses a significant vulnerability in Confluence, a widely used collaboration tool. This issue poses a potential risk for unauthorized access and control by attackers, leading to data breaches and system compromise.

Most notable is CVE-2024-1597, a critical vulnerability in a non-Atlassian Bamboo dependency. Here the PostgreSQL JDBC Driver, also known as PgJDBC, faces a critical SQL Injection vulnerability, particularly when configured in PreferQueryMode=SIMPLE. This configuration is not the default setting, but if used, it opens up potential for SQL injection attacks. This vulnerability exists due to the manipulation of numeric and string placeholders in SQL queries, allowing attackers to modify the SQL execution logic and inject malicious SQL code.

|Product & Release Notes|Affected Versions|Fixed Versions|Vulnerability Summary|CVE ID|CVSS Severity|
|---|---|---|---|---|---|
|Bamboo Data Center and Server|- 9.5.0 to 9.5.1
- 9.4.0 to 9.4.3
- 9.3.0 to 9.3.6
- 9.2.0 to 9.2.11 (LTS)
- 9.1.0 to 9.1.3

- 9.0.0 to 9.0.4

- 8.2.0 to 8.2.9

- Any earlier versions|- 9.6.0 (LTS) or 9.5.2 recommended Data Center Only
- 9.4.4
- 9.2.12 (LTS)|SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server


NOTE: CVE-2024-1597 is a critical vulnerability in a non-Atlassian Bamboo dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory.|CVE-2024-1597|10.0 Critical|

Technical Key findings

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Vulnerable products

All versions of PgJDBC before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are vulnerable to this SQL injection attack. For Bamboo Data Center and Server this dependicy is used in;

• 9.5.0 to 9.5.1
• 9.4.0 to 9.4.3
• 9.3.0 to 9.3.6
• 9.2.0 to 9.2.11 (LTS)
• 9.1.0 to 9.1.3
• 9.0.0 to 9.0.4
• 8.2.0 to 8.2.9
• Any earlier versions

However, Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the PreferQueryMode=SIMPLE in their SQL database connection settings.

Impact assessment

The impact of exploiting CVE-2024-1597 is severe and includes:

• Unauthorized data exposure, including sensitive customer information and business secrets.
• Data manipulation, potentially leading to disrupted operations and diminished trust.
• In extreme cases, attackers could gain complete control over the affected database.

Patches or workaround

Atlassian has released updates for Confluence Server and Data Center that address this vulnerability. Users are advised to update their installations to the fixed version (9.6.0 (LTS) or 9.5.2 recommended Data Center Only 9.4.4 9.2.12 (LTS)) as soon as possible.

Tags

#Atlassian #Confluence #Cybersecurity #Vulnerability #PatchUpdate #CVE-2024-1597 #pgjdbc #SQLInjection #PostgreSQL #SecurityVulnerability

20240321 - Atlassian Confluence Security Bulletin Analysis March 2024 Vulnerability with a focus on CVE-2024-1597

Date: March 19, 2024
CVE: CVE-2024-1597
Sources: Atlassian Documentation, SecurityWeek, CISA

Issue Summary

A recent security bulletin released by Atlassian on March 19, 2024, addresses a significant vulnerability in Confluence, a widely used collaboration tool. This issue poses a potential risk for unauthorized access and control by attackers, leading to data breaches and system compromise.

Most notable is CVE-2024-1597, a critical vulnerability in a non-Atlassian Bamboo dependency. Here the PostgreSQL JDBC Driver, also known as PgJDBC, faces a critical SQL Injection vulnerability, particularly when configured in PreferQueryMode=SIMPLE. This configuration is not the default setting, but if used, it opens up potential for SQL injection attacks. This vulnerability exists due to the manipulation of numeric and string placeholders in SQL queries, allowing attackers to modify the SQL execution logic and inject malicious SQL code.

|Product & Release Notes|Affected Versions|Fixed Versions|Vulnerability Summary|CVE ID|CVSS Severity|
|---|---|---|---|---|---|
|Bamboo Data Center and Server|- 9.5.0 to 9.5.1
- 9.4.0 to 9.4.3
- 9.3.0 to 9.3.6
- 9.2.0 to 9.2.11 (LTS)
- 9.1.0 to 9.1.3

- 9.0.0 to 9.0.4

- 8.2.0 to 8.2.9

- Any earlier versions|- 9.6.0 (LTS) or 9.5.2 recommended Data Center Only
- 9.4.4
- 9.2.12 (LTS)|SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server


NOTE: CVE-2024-1597 is a critical vulnerability in a non-Atlassian Bamboo dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory.|CVE-2024-1597|10.0 Critical|

Technical Key findings

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.

Vulnerable products

All versions of PgJDBC before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.8 are vulnerable to this SQL injection attack. For Bamboo Data Center and Server this dependicy is used in;

• 9.5.0 to 9.5.1
• 9.4.0 to 9.4.3
• 9.3.0 to 9.3.6
• 9.2.0 to 9.2.11 (LTS)
• 9.1.0 to 9.1.3
• 9.0.0 to 9.0.4
• 8.2.0 to 8.2.9
• Any earlier versions

However, Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the PreferQueryMode=SIMPLE in their SQL database connection settings.

Impact assessment

The impact of exploiting CVE-2024-1597 is severe and includes:

• Unauthorized data exposure, including sensitive customer information and business secrets.
• Data manipulation, potentially leading to disrupted operations and diminished trust.
• In extreme cases, attackers could gain complete control over the affected database.

Patches or workaround

Atlassian has released updates for Confluence Server and Data Center that address this vulnerability. Users are advised to update their installations to the fixed version (9.6.0 (LTS) or 9.5.2 recommended Data Center Only 9.4.4 9.2.12 (LTS)) as soon as possible.

Tags

#Atlassian #Confluence #Cybersecurity #Vulnerability #PatchUpdate #CVE-2024-1597 #pgjdbc #SQLInjection #PostgreSQL #SecurityVulnerability

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

"🚨 Multiple Vulnerabilities Unveiled in SAP® Enable Now Manager 🚨"

SEC Consult has disclosed multiple vulnerabilities in SAP® Enable Now Manager, which could potentially allow a remote, unauthenticated attacker to create new administrative user accounts by exploiting a chain of vulnerabilities. The vulnerabilities include Open Redirect, Reflected Cross Site Scripting (XSS), and Insufficient Cross-Site Request Forgery (CSRF) Protection. The vendor has pushed a fix in the May 2023 Release for the Cloud Edition.

🔗 Source: Full Disclosure Mailing List

🔗 Advisory URL: SEC Consult

Tags: #SAP #Vulnerability #CyberSecurity #InfoSec #XSS #CSRF #OpenRedirect #SECConsult #CyberAttack #PatchUpdate 🌐🔐🔍

👥 Researchers: Paul Serban, Fabian Hagg from SEC Consult Vulnerability Lab (SEC Consult)

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary

🚨 Mastodon Vulnerability Patched! CVE-2024-25618 🛡️

A security flaw - CVE-2024-25618 - was fixed, in Mastodon's software to prevent potential account takeovers. This vulnerability allowed attackers to bypass authentication mechanisms via a crafted request, posing a significant risk to the platform's integrity.

It enabled new logins from certain authentication providers (like CAS, SAML, OIDC) to merge with existing local accounts sharing the same email. This could lead to someone taking over your account if the provider allows changing emails or if there are multiple providers set up.

Here's how it works: When someone logs in using an external provider for the first time, Mastodon checks for an existing account with the same email. However, relying only on the email could result in hijacking your Mastodon account if the provider allows changing it. The Mastodon team swiftly deployed a patch, reinforcing the security of user accounts and the broader ecosystem. Remember, keeping software up-to-date is crucial for safeguarding against such vulnerabilities. 🔄🔐

The commit "b31af34c9716338e4a32a62cc812d1ca59e88d15" signifies this update. For further details, check out their advisory.

A big thanks to the discoverers Dominik George and Pingu from Teckids, and the Mastodon team for their rapid response in improving our digital defenses. Stay secure, everyone! ✨🐘

Tags: #CVE2024_25618 #Mastodon #Cybersecurity #PatchUpdate #AccountSecurity #AuthenticationBypass #DigitalDefense #CommunityVigilance 🌍🔒

MITRE CVE-2024-25618 Summary