آسیبپذیریهای حیاتی هفته اول خردادماه
مهمترین آسیبپذیریهای این هفته مربوط به مرورگر مهم و پرکاربرد گوگلکروم بود. امّا علاوه بر مرورگر کروم، آسیبپذیریهای بسیاری با سطوح خطر «بالا» و «حیاتی» در سایر محصولات شرکتهای مهم از جمله IBM، Cisco، Apache Tomcat ، VMware، Netgear، HPE و ... شناسایی شده است. بعلاوه همچون چند هفته اخیر، کرنل لینوکس نیز چندین آسیبپذیری خطرناک داشت.
لیست این آسیبپذیریها به همراه امتیاز پایه مبتنی بر استاندارد CVSS و لینک وصلهها/ بهروزرسانیهای ارائهشده در جدول زیر آمده است.
|
رفع آسیبپذیری |
نوع آسیبپذیری |
محصول آسیبپذیر |
امتیاز پایه |
شناسه آسیبپذیری |
|
Not Defined |
Code Execution |
AMD MSR atillk64.sys |
۶.۷ |
CVE-2019-7246 |
|
Not Defined |
Code Execution |
AMD OverDrive MSR AODDriver2.sys |
۹.۸ |
CVE-2019-7247 |
|
Privilege Escalation |
AnchorFree VPN SDK VPN SDK Service |
۷.۶ |
CVE-2020-12828 |
|
|
Not Defined |
Privilege Escalation |
Apache Tomcat Deserialization |
۸.۵ |
CVE-2020-9484 |
|
Information Disclosure |
Aviatrix Controller API Brute Force |
۳.۴ |
CVE-2020-13413 |
|
|
Information Disclosure |
Aviatrix Controller Credentials |
۳.۴ |
CVE-2020-13414 |
|
|
Not Defined |
Privilege Escalation |
Aviatrix Controller SAML |
۵.۵ |
CVE-2020-13415 |
|
CSRF |
Aviatrix Controller Web Interface |
۴.۱ |
CVE-2020-13416 |
|
|
CSRF |
Aviatrix Controller Web Interface |
۴.۱ |
CVE-2020-13412 |
|
|
Privilege Escalation |
Aviatrix VPN Client Incomplete Fix CVE-2020-7224 |
۵.۳ |
CVE-2020-13417 |
|
|
Not Defined |
Weak Authentication |
Bluetooth BR EDR Core Legacy Pairing |
۵.۹ |
CVE-2020-10135 |
|
Not Defined |
Weak Authentication |
Bluetooth Core Pairing |
۵.۴ |
CVE-2020-10134 |
|
CSRF |
Cacti Admin Email Change |
۶.۵ |
CVE-2020-13231 |
|
|
Privilege Escalation |
Cacti |
۵.۱ |
CVE-2020-13230 |
|
|
Privilege Escalation |
Centreon displayServiceStatus.php |
۸.۴ |
CVE-2020-13252 |
|
|
Not Defined |
Memory Corruption |
Cherokee handler_cgi.c cherokee_handler_cgi_add_env_pair |
۸.۵ |
CVE-2019-20800 |
|
Not Defined |
XSS |
Cherokee handler_server_info.c |
۵.۴ |
CVE-2019-20798 |
|
Not Defined |
Memory Corruption |
Cherokee |
۷.۴ |
CVE-2019-20799 |
|
Memory Corruption |
Cisco AMP for Endpoints Linux |
۵.۲ |
CVE-2020-3344 |
|
|
Memory Corruption |
Cisco AMP for Endpoints Linux |
۵.۲ |
CVE-2020-3343 |
|
|
DoS |
Cisco AMP for Endpoints Mac Connector Scan Engine Crash |
۴.۲ |
CVE-2020-3314 |
|
|
SQL Injection |
Cisco Prime Collaboration Provisioning Web-based Management Interface |
۶.۲ |
CVE-2020-3184 |
|
|
DoS |
Cisco Prime Network Registrar DHCP Server Restart |
۷.۵ |
CVE-2020-3272 |
|
|
Privilege Escalation |
Cisco Unified Contact Center Express Java Remote Management Interface |
۹.۸ |
CVE-2020-3280 |
|
|
DoS |
CouchDB _up |
۹.۸ |
CVE-2020-1955 |
|
|
Not Defined |
Information Disclosure |
COVIDSafe Advertising |
۶.۴ |
CVE-2020-12858 |
|
Not Defined |
Information Disclosure |
COVIDSafe GATT |
۶.۴ |
CVE-2020-12857 |
|
Not Defined |
Information Disclosure |
COVIDSafe OpenTrace/BlueTrace |
۵.۳ |
CVE-2020-12859 |
|
Not Defined |
Information Disclosure |
COVIDSafe Role |
۵.۳ |
CVE-2020-12860 |
|
Not Defined |
Weak Authentication |
Dell EMC Isilon OneFS Default Credentials |
۶.۳ |
CVE-2020-5365 |
|
Not Defined |
Weak Authentication |
Dell EMC Isilon OneFS SNMPv2 Default Credentials |
۵.۳ |
CVE-2020-5364 |
|
Not Defined |
Information Disclosure |
D-Link DSP-W215 Hash |
۵.۹ |
CVE-2020-13136 |
|
Not Defined |
Information Disclosure |
D-Link DSP-W215 |
۵.۴ |
CVE-2020-13135 |
|
XSS |
Dolibarr |
۵.۴ |
CVE-2020-13094 |
|
|
Not Defined |
XSS |
Dolibarr DMS/ECM |
۴.۴ |
CVE-2020-13240 |
|
Not Defined |
XSS |
Dolibarr DMS/ECM |
۴.۷ |
CVE-2020-13239 |
|
DoS |
Dovecot lmtp/submission Crash |
۵.۱ |
CVE-2020-10967 |
|
|
DoS |
Dovecot Submission-Login NULL Pointer Dereference |
۷.۵ |
CVE-2020-10957 |
|
|
DoS |
Dovecot Submission-Login Use-After-Free |
۵.۱ |
CVE-2020-10958 |
|
|
Not Defined |
DoS |
dpdk File Descriptors |
۳.۸ |
CVE-2020-10726 |
|
Not Defined |
Memory Corruption |
dpdk Integer |
۴.۶ |
CVE-2020-10723 |
|
Not Defined |
Information Disclosure |
dpdk vhost Crypto Library Out-of-Bounds |
۳.۷ |
CVE-2020-10724 |
|
Not Defined |
Memory Corruption |
dpdk vhost_user_set_log_base() |
۴.۶ |
CVE-2020-10722 |
|
Not Defined |
DoS |
dpdk virtio_dev_rx_batch_packed() |
۶.۳ |
CVE-2020-10725 |
|
Not Defined |
Privilege Escalation |
Dragon Center Privileges |
۷.۸ |
CVE-2020-13149 |
|
Not Defined |
Directory Traversal |
Druva inSync Windows Client |
۷.۸ |
CVE-2020-5752 |
|
Information Disclosure |
Element OS/HealthTools |
۳.۴ |
CVE-2020-8572 |
|
|
Privilege Escalation |
Elementor Pro Plugin File Upload |
۹.۹ |
CVE-2020-13126 |
|
|
Memory Corruption |
FreeRDP crypto.c crypto_rsa_common |
۵.۳ |
CVE-2020-13398 |
|
|
Information Disclosure |
FreeRDP ntlm_message.c ntlm_read_ChallengeMessage |
۳.۴ |
CVE-2020-13396 |
|
|
Information Disclosure |
FreeRDP security.c security_fips_decrypt |
۳.۴ |
CVE-2020-13397 |
|
|
XSS |
Gila CMS postcategory |
۶.۱ |
CVE-2019-20803 |
|
|
XSS |
Gila CMS themes |
۸.۸ |
CVE-2019-20804 |
|
|
Not Defined |
DoS |
Gitea Ownership Transfer Deadlock |
۶.۴ |
CVE-2020-13246 |
|
XSS |
Gollem Reflected |
۶.۱ |
CVE-2020-8034 |
|
|
Memory Corruption |
Google Chrome ANGLE Use-After-Free |
۸.۸ |
CVE-2020-6463 |
|
|
Memory Corruption |
Google Chrome Blink Heap-based |
۸.۸ |
CVE-2020-6464 |
|
|
Privilege Escalation |
Google Chrome Blink |
۶.۵ |
CVE-2020-6473 |
|
|
Memory Corruption |
Google Chrome Blink Use-After-Free |
۸.۸ |
CVE-2020-6474 |
|
|
Privilege Escalation |
Google Chrome ChromeDriver |
۶.۵ |
CVE-2020-6484 |
|
|
Privilege Escalation |
Google Chrome Clipboard |
۶.۱ |
CVE-2020-6470 |
|
|
Privilege Escalation |
Google Chrome Developer Tools |
۵.۱ |
CVE-2020-6489 |
|
|
Privilege Escalation |
Google Chrome Developer Tools |
۶.۵ |
CVE-2020-6482 |
|
|
Privilege Escalation |
Google Chrome Developer Tools |
۶.۵ |
CVE-2020-6472 |
|
|
Privilege Escalation |
Google Chrome Developer Tools |
۹.۶ |
CVE-2020-6471 |
|
|
Privilege Escalation |
Google Chrome Developer Tools |
۹.۶ |
CVE-2020-6469 |
|
|
Privilege Escalation |
Google Chrome Download |
۵.۱ |
CVE-2020-6488 |
|
|
Privilege Escalation |
Google Chrome Download |
۶.۵ |
CVE-2020-6487 |
|
|
Privilege Escalation |
Google Chrome Enterprise |
۵.۴ |
CVE-2020-6480 |
|
|
Privilege Escalation |
Google Chrome Full Screen |
۶.۵ |
CVE-2020-6478 |
|
|
Privilege Escalation |
Google Chrome Installer |
۸.۸ |
CVE-2020-6477 |
|
|
Privilege Escalation |
Google Chrome Loader |
۵.۱ |
CVE-2020-6490 |
|
|
Privilege Escalation |
Google Chrome Media Router |
۶.۵ |
CVE-2020-6485 |
|
|
Memory Corruption |
Google Chrome Media Use-After-Free |
۹.۶ |
CVE-2020-6466 |
|
|
Privilege Escalation |
Google Chrome Navigations |
۶.۵ |
CVE-2020-6486 |
|
|
Privilege Escalation |
Google Chrome Payment |
۶.۵ |
CVE-2020-6483 |
|
|
Memory Corruption |
Google Chrome Payments Use-After-Free |
۸.۸ |
CVE-2020-6459 |
|
|
Memory Corruption |
Google Chrome PDFium Out-of-Bounds |
۸.۸ |
CVE-2020-6458 |
|
|
Memory Corruption |
Google Chrome Reader Mode Use-After-Free |
۹.۶ |
CVE-2020-6465 |
|
|
Privilege Escalation |
Google Chrome Sharing |
۶.۵ |
CVE-2020-6479 |
|
|
Privilege Escalation |
Google Chrome Site Information |
۶.۵ |
CVE-2020-6491 |
|
|
Memory Corruption |
Google Chrome Speech Recognizer Use-After-Free |
۹.۶ |
CVE-2020-6457 |
|
|
Memory Corruption |
Google Chrome Storage Use-After-Free |
۹.۶ |
CVE-2020-6461 |
|
|
Privilege Escalation |
Google Chrome Tab Strip |
۶.۵ |
CVE-2020-6476 |
|
|
Memory Corruption |
Google Chrome Task Scheduling Use-After-Free |
۹.۶ |
CVE-2020-6462 |
|
|
Privilege Escalation |
Google Chrome UI |
۶.۵ |
CVE-2020-6475 |
|
|
Spoofing |
Google Chrome URL Formatter |
۶.۵ |
CVE-2020-6460 |
|
|
Privilege Escalation |
Google Chrome URL |
۶.۵ |
CVE-2020-6481 |
|
|
Memory Corruption |
Google Chrome v8 Type Confusion |
۸.۸ |
CVE-2020-6468 |
|
|
Memory Corruption |
Google Chrome WebRTC Use-After-Free |
۸.۸ |
CVE-2020-6467 |
|
|
Privilege Escalation |
HPE Nimble Storage System |
۸.۱ |
CVE-2020-7139 |
|
|
Code Execution |
HPE Nimble Storage System |
۸.۸ |
CVE-2020-7138 |
|
|
Privilege Escalation |
HPE Superdome Flex Server RMC |
۶.۷ |
CVE-2020-7137 |
|
|
Privilege Escalation |
httplib2 httplib2.Http.request() |
۶.۸ |
CVE-2020-11078 |
|
|
Not Defined |
Memory Corruption |
Huawei E6878-370 Use-After-Free |
۶.۹ |
CVE-2020-1799 |
|
Weak Encryption |
Huawei TC5200-16 |
۶.۵ |
CVE-2020-9069 |
|
|
Not Defined |
Information Disclosure |
IBM |
۲.۷ |
CVE-2020-4345 |
|
Not Defined |
CSRF |
IBM InfoSphere Information Server |
۴.۳ |
CVE-2020-4286 |
|
Not Defined |
XSS |
IBM InfoSphere Information Server Web UI |
۴.۷ |
CVE-2020-4298 |
|
Not Defined |
Privilege Escalation |
IBM Security Access Manager Appliance |
۶.۴ |
CVE-2020-4461 |
|
Not Defined |
DoS |
IBM Spectrum Scale File System Component Crash |
۵.۲ |
CVE-2020-4411 |
|
Not Defined |
DoS |
IBM Spectrum Scale mmfsd/mmsdrserv |
۵.۳ |
CVE-2020-4412 |
|
Command Injection |
iFAX AvantFAX/HylaFAX Enterprise Web Interface sendfax.php |
۸.۸ |
CVE-2020-11766 |
|
|
Privilege Escalation |
ISC BIND Fetch |
۸.۶ |
CVE-2020-8616 |
|
|
DoS |
ISC BIND TSIG tsig.c |
۷.۵ |
CVE-2020-8617 |
|
|
Privilege Escalation |
Ivanti Workspace Control Registry pwrgrid.exe |
۷.۸ |
CVE-2019-17066 |
|
|
Privilege Escalation |
Jodd JSON Data Deserialization |
۹.۸ |
CVE-2018-21234 |
|
|
XSS |
jQuery load |
۶.۱ |
CVE-2020-7656 |
|
|
Not Defined |
Code Execution |
Kaoni ezHTTPTrans ActiveX Control Ezhttptrans.ocx |
۷.۵ |
CVE-2020-7813 |
|
Privilege Escalation |
Kata Containers Cloud Hypervisor |
۸.۸ |
CVE-2020-2025 |
|
|
DoS |
Kata Containers Mount |
۶.۵ |
CVE-2020-2024 |
|
|
Not Defined |
Code Execution |
Kerberos Package DLL LoadLibrary() |
۶.۵ |
CVE-2020-13110 |
|
Not Defined |
Privilege Escalation |
Kylin REST API OS |
۵.۵ |
CVE-2020-1956 |
|
DoS |
libexif Canon EXIF MakerNote |
۶.۵ |
CVE-2020-13114 |
|
|
Memory Corruption |
libexif Canon EXIF MakerNote |
۹.۱ |
CVE-2020-13112 |
|
|
Memory Corruption |
libexif Canon EXIF MakerNote Use-After-Free |
۷.۵ |
CVE-2020-13113 |
|
|
Not Defined |
Information Disclosure |
Linux Kernel configfs.c kstrdup |
۵.۴ |
CVE-2020-13143 |
|
DoS |
Linux Kernel SELinux Subsystem ebitmap_netlbl_import |
۴.۶ |
CVE-2020-10711 |
|
|
unknown vulnerability |
MariaDB Connector mariadb_lib.c |
۹.۸ |
CVE-2020-13249 |
|
|
XSS |
Micro Focus Enterprise Server/Enterprise Developer Reflected |
۵.۴ |
CVE-2020-9524 |
|
|
Not Defined |
XSS |
Micro Focus Service Manager |
۵.۷ |
CVE-2020-11845 |
|
Privilege Escalation |
Microsoft Edge Feedback Extension |
۳.۹ |
CVE-2020-1195 |
|
|
Not Defined |
Privilege Escalation |
Microweber File Upload load_module:users#edit-user=1 |
۶.۵ |
CVE-2020-13241 |
|
Not Defined |
SQL Injection |
Mikrotik-Router-Monitoring-System check_community.php |
۸.۵ |
CVE-2020-13118 |
|
XSS |
MISP resolved_attributes.ctp |
۶.۱ |
CVE-2020-13153 |
|
|
Memory Corruption |
Morita Shogi 64 Modem Stack-based |
۹.۶ |
CVE-2020-13109 |
|
|
Spoofing |
Mozilla Thunderbird Unicode Encoding |
۶.۰ |
CVE-2020-12397 |
|
|
Not Defined |
Privilege Escalation |
MyLittleAdmin Management Tool |
۸.۵ |
CVE-2020-13166 |
|
Not Defined |
Privilege Escalation |
Netgear AC3000/SRS60/SRR60/RBS50Y Administration SOAP Interface |
۸.۳ |
CVE-2020-11551 |
|
Not Defined |
Code Execution |
Netgear AC3000/SRS60/SRR60/RBS50Y Linux System |
۸.۳ |
CVE-2020-11549 |
|
Not Defined |
Information Disclosure |
Netgear AC3000/SRS60/SRR60/RBS50Y SOAP Interface Key |
۶.۰ |
CVE-2020-11550 |
|
Not Defined |
Code Execution |
Netsweeper Referer unixlogin.php |
۸.۵ |
CVE-2020-13167 |
|
Not Defined |
Memory Corruption |
Nitro Pro Object Parser Integer Overflow |
۶.۵ |
CVE-2020-6092 |
|
Not Defined |
Memory Corruption |
Nitro Pro PDF Parser Use-After-Free |
۷.۵ |
CVE-2020-6074 |
|
Not Defined |
Information Disclosure |
Nitro Pro XML Error Uninitialized Memory |
۴.۴ |
CVE-2020-6093 |
|
Information Disclosure |
Open Build Service OBS Package |
۵.۱ |
CVE-2020-8021 |
|
|
Not Defined |
XSS |
Open edX Ironwood File Upload Stored |
۴.۴ |
CVE-2020-13145 |
|
Not Defined |
Privilege Escalation |
Open edX Ironwood Studio CSV Injection |
۷.۵ |
CVE-2020-13146 |
|
Not Defined |
Code Execution |
Open edX Ironwood Studio |
۷.۵ |
CVE-2020-13144 |
|
Not Defined |
Information Disclosure |
OpenTrace Bluetooth |
۶.۷ |
CVE-2020-12856 |
|
Privilege Escalation |
Panasonic P110/Eluga Z1 Pro/Eluga X1/Eluga X1 Pro Permission |
۸.۵ |
CVE-2020-11716 |
|
|
Privilege Escalation |
Panasonic P99 Access Control |
۸.۵ |
CVE-2020-11715 |
|
|
DoS |
PHP HTTP File Upload |
۵.۳ |
CVE-2019-11048 |
|
|
Not Defined |
XSS |
phpipam User Instructions Widget Stored |
۳.۶ |
CVE-2020-13225 |
|
Not Defined |
Memory Corruption |
PowerDNS Recursor gethostname() |
۷.۵ |
CVE-2020-10030 |
|
Privilege Escalation |
PowerDNS Recursor Recursive Query Amplification |
۷.۵ |
CVE-2020-10995 |
|
|
Not Defined |
Weak Authentication |
PowerDNS Recursor SOA processAnswer |
۷.۴ |
CVE-2020-12244 |
|
Memory Corruption |
Proxygen Lifetime Management Use-After-Free |
۹.۸ |
CVE-2020-1897 |
|
|
Privilege Escalation |
Puma Gem HTTP Smuggling |
۷.۵ |
CVE-2020-11076 |
|
|
Privilege Escalation |
Puma Gem |
۶.۸ |
CVE-2020-11077 |
|
|
Not Defined |
XSS |
rConfig configDevice.php |
۴.۷ |
CVE-2020-12259 |
|
Not Defined |
CSRF |
rConfig |
۶.۵ |
CVE-2020-12257 |
|
Not Defined |
XSS |
rConfig devicemgmnt.php |
۴.۷ |
CVE-2020-12256 |
|
Not Defined |
Privilege Escalation |
rConfig File Upload vendor.crud.php |
۷.۵ |
CVE-2020-12255 |
|
Not Defined |
Weak Authentication |
rConfig Session Session Fixation |
۸.۲ |
CVE-2020-12258 |
|
XSS |
Readdle Documents App Stored |
۶.۱ |
CVE-2019-20802 |
|
|
Privilege Escalation |
Readdle Documents App WebSocket Server Cross-Origin |
۶.۱ |
CVE-2019-20801 |
|
|
Privilege Escalation |
RESTEasy Header |
۷.۵ |
CVE-2020-1695 |
|
|
Not Defined |
DoS |
Rockwell FactoryTalk Linx Software EDS Subsystem Crash |
۴.۴ |
CVE-2020-12038 |
|
Not Defined |
SQL Injection |
Rockwell FactoryTalk Linx Software EDS Subsystem |
۷.۷ |
CVE-2020-12034 |
|
Not Defined |
Code Execution |
Smartbear ReadyAPI SoapUI Pro Java RMI |
۸.۵ |
CVE-2020-12835 |
|
Not Defined |
Information Disclosure |
Software House CURE 9000 Installation Credentials |
۷.۴ |
CVE-2020-9045 |
|
Not Defined |
Privilege Escalation |
Sourcefabric Newscoop File Upload |
۶.۵ |
CVE-2020-11807 |
|
Privilege Escalation |
Splashtop Updater Permission |
۷.۵ |
CVE-2020-12431 |
|
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd addressNat |
۵.۳ |
CVE-2020-13390 |
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd openSchedWifi |
۵.۳ |
CVE-2020-13389 |
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd saveParentControlInfo |
۵.۳ |
CVE-2020-13393 |
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd setcfm |
۵.۳ |
CVE-2020-13392 |
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd SetNetControlList |
۵.۳ |
CVE-2020-13394 |
|
Not Defined |
Memory Corruption |
Tenda AC6/AC9/AC15/AC118 httpd SetSpeedWan |
۵.۳ |
CVE-2020-13391 |
|
Not Defined |
Privilege Escalation |
TIBCO JasperReports Server Administrative UI |
۸.۵ |
CVE-2020-9409 |
|
Not Defined |
XSS |
TIBCO JasperReports Server Report Generator HTML Injection |
۵.۴ |
CVE-2020-9410 |
|
Privilege Escalation |
Ultimate Addons for Elementor Plugin |
۷.۴ |
CVE-2020-13125 |
|
|
DoS |
Unbound DNS Answer Loop |
۷.۵ |
CVE-2020-12663 |
|
|
DoS |
Unbound Network Message Volume |
۷.۵ |
CVE-2020-12662 |
|
|
Not Defined |
Privilege Escalation |
Video Insight VMS Code Injection |
۸.۵ |
CVE-2019-5997 |
|
Code Execution |
VMware Cloud Director |
۸.۸ |
CVE-2020-3956 |
|
|
Weak Authentication |
Whale Browser Installer |
۹.۱ |
CVE-2020-9753 |
|
|
Not Defined |
DoS |
Wireshark NFS Dissector packet-nfs.c |
۶.۴ |
CVE-2020-13164 |
|
Not Defined |
Information Disclosure |
Wowza Streaming Engine File Download |
۶.۴ |
CVE-2019-19454 |
|
Not Defined |
XSS |
Wowza Streaming Engine Login Page loginfailed.html |
۵.۲ |
CVE-2019-19456 |
|
Not Defined |
Server-Side Request Forgery |
WSO2 API Manager Publisher Node |
۸.۵ |
CVE-2020-13226 |
|
Information Disclosure |
Zoho ManageEngine Service Plus Password |
۶.۵ |
CVE-2020-13154 |
سطح خطر حدود ۴۰% آسیبپذیریهای هفته، «پرخطر» و «حیاتی» برآورد شده است که آمار بسیار قابلتوجّهی است.
خوشبختانه برای ۵۵% آسیبپذیریهای هفته، بهروزرسانیها و یا وصلههایی رسماً ارائه شده که برای جلوگیری از سوءاستفاده از آسیبپذیریها بهتر است سریعاً اعمال شوند.
همچنین با ۵۸ مورد، اکثر آسیبپذیریهای هفته (۳۱%) از نوع «ارتقا امتیاز» بودند.
