MidnightBSD

Advisories for synopsys

CVE-2019-3800 LOW

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

CVSS 2.0

Severity: LOW

Problem Type: CWE-522,CWE-200,

Products Affected

Vendor Product Version
sumologic nozzle *
dynatrace service_broker *
pivotal on_demand_service_broker *
yugabyte db_enterprise *
pivotal single_sign-on *
pagerduty service_broker *
solace pubsub+ *
anynines mongodb *
pivotal cloud_foundry_routing_release *
ibm websphere_liberty_ *
appdynamics application_analytics *
pivotal cloud_foundry_event_alerts *
signalsciences service_broker *
pivotal credhub_service_broker_for_pcf *
microsoft azure_service_broker *
newrelic nozzle *
synopsys seeker_iast_service_broker *
pivotal cloud_foundry_notifications *
snyk service_broker *
wavefront wavefront_by_vmware_nozzle *
pivotal cloud_foundry_autoscaling_release *
anynines mysql *
apigee edge_service_broker *
anynines postgresql *
contrastsecurity service_broker *
newrelic service_broker *
tibco businessworks_buildpack *
splunk nozzle *
anynines logme *
pivotal pivotal_cloud_foundry_service_broker *
samba volume_service *
datastax enterprise_service_broker *
pivotal cloud_foundry_deployment *
pivotal cloud_foundry_networking_release *
anynines redis *
anynines rabbitmq *
anynines elasticsearch *
bluemedora nozzle *
riverbed steelcentral_appinternals *
pivotal cloud_foundry_command_line_interface_release *
pivotal application_service *
microsoft azure_log_analytics_nozzle *
pivotal cloud_foundry_log_cache_release *
forgerock service_broker *
newrelic dotnet_extension_buildpack *
appdynamics application_performance_monitoring *
pivotal cloud_foundry_deployment_concourse_tasks *
pivotal cloud_foundry_command_line_interface *
cyberark conjur_service_broker *
pivotal cloud_foundry_healthwatch *
datadoghq application_monitoring *
appdynamics platform_montioring *
pivotal metric_registrar_release *
google google_cloud_platform_service_broker *
pivotal cloud_foundry_smoke_test *
CVE-2020-27589 MEDIUM

Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
synopsys hub-rest-api-python *
CVE-2022-30278 MEDIUM

A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare's framework embedded within Black Duck Hub's Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
synopsys black_duck_hub *
CVE-2023-1663

Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads directory and its contents are accessible. 5.9 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
disclosure@synopsys.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 3.9 2.5
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
synopsys coverity *
CVE-2023-2158

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious actor is able to gain access to another user's account by crafting a custom "Remember Me" token. This is possible due to the use of a hard-coded cipher which was used when generating the token. A malicious actor who creates this token can supply it to a separate Code Dx system, provided they know the username they want to impersonate, and impersonate the user.  Score 6.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C

Products Affected

Vendor Product Version
synopsys code_dx *
CVE-2023-23849

Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an unauthenticated Cross-Site Scripting vulnerability. Any web service hosted on the same sub domain can set a cookie for the whole subdomain which can be used to bypass other mitigations in place for malicious purposes. CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
synopsys coverity *
CVE-2024-0226

Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
disclosure@synopsys.com 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
synopsys seeker *