You are not using a modern browser version. As a result, the website may not be displayed correctly. You can find more information here.

Security vulnerabilities for the month of December

Table of Contents

Here is an overview of the security vulnerabilities for the month of December 2021 (Base Score greater than 8.0):

Log4j

This month there is an urgent and very critical vulnerability (alarm level red!) which you very urgently need to correct.

Please read also:

Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 – Microsoft Security Response Center

In addition, there are affected components of Citrix and OpenText:

Citrix

CVE-2021-44228  – Apache Log4j

Base Score: 10

Affected components: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) / Citrix Endpoint Management (Citrix XenMobile Server)

This vulnerability allows an attacker who is capable of controlling log messages or log message parameters to run any code that is loaded from LDAP servers if lookup substitution is enabled for messages.

Please close this vulnerability immediately!

OpenText

CVE-2021-44228 – Log4j third-party library used by OpenText™ Content Server

Base Score: 10

Affected component: OpenText™ Content Server

The problem is related to the JNDI functions of Apache Log4j which offer no protection against LDAP and other JNDI endpoints controlled by attackers.

Please close this vulnerability immediately!

SAP

CVE-2021-44231 – Code Injection vulnerability in SAP ABAP Server & ABAP Platform (Translation Tools)

Base Score: 9.9

Affected components: SAP ABAP Server & ABAP Platform (Translation Tools)

An attacker with a few privileges can exploit the vulnerability in text extraction reports (translation tools) used internally, thereby allowing any desired commands to be run in the background. In this way an attacker can control the behavior of the application and compromise all data. SNOTE should therefore be implemented.

This vulnerability is very critical and we urgently recommend that you close it using current updates!

CVE-2021-42064 – SQL Injection vulnerability in SAP Commerce

Base Score: 8.8

Affected component: SAP Commerce

An attacker can use an SQL Injection to gain entry in SAP Commerce and execute code. To avoid this, we recommend closing this vulnerability with the appropriate update by SAP.

This vulnerability is critical and we recommend that you close it with current updates!

CVE-2021-42063 – Cross-Site Scripting (XSS) vulnerability in SAP Knowledge Warehouse

Base Score: 8.8

Affected component: SAP Knowledge Warehouse (SAP KW)

A security vulnerability was discovered in the SAP Knowledge Warehouse (SAP KW). The use of the SAP KW component inside a web browser allows unauthorized attackers to carry out XSS attacks, which can lead to the exposure of sensitive data. Therefore patches, or at least workarounds, should be implemented.

This vulnerability is critical. We recommend closing this vulnerability as soon as possible!

CVE-2021-44235 – Code Injection vulnerability in utility class for SAP NetWeaver AS ABAP

Base Score: 8.4

Affected component: SAP NetWeaver AS ABAP

Two methods in the SAP NetWeaver AS ABAP allows an attacker with high privileges and direct access to the SAP system to introduce code when running a transaction (SE24 – Class Builder).

Any potentially executed commands on the operating system make it possible to seriously harm the confidentiality, integrity and availability of the system. Customers should check the authorizations or implement SNOTE.

This vulnerability is critical and we recommend that you close it with current updates!

Microsoft

CVE-2021-41365 / CVE-2021-42310 / CVE-2021-42311 / CVE-2021-42313 / CVE-2021-42314 / CVE-2021-42315 / CVE-2021-43882 – Vulnerability in Microsoft Defender for IoT related to remote code execution

Base Score: 8.1 – 9.0

Affected component: Microsoft Defender for IoT

A vulnerability in Microsoft Defender for IoT allows an attacker to potentially execute code.

An attacker must authenticate itself in the administration console appliance and have access to an integration token that is documented here: https://docs.microsoft.com/de-de/azure/defender-for-iot/references-work-with-defender-for-iot-apis

We recommend downloading the patch when using the components to counter potential attacks.

CVE-2021-42306 – Vulnerability in Azure Active Directory related to information disclosure

Base Score: 8.1

Affected components: Azure Migrate / Azure Site Recovery / Azure Active Directory / Azure Automation

A security vulnerability in the products named allows the compromise of information if a user or an application uploads unprotected, private key data as a part of an authentication certification (key credential) into an Azure AD application or a service principal (which is not recommended). This vulnerability allows the user or service in the read access tenant of the application to read private data or add it to the application.

The security vulnerability in Azure AD was corrected by preventing the disclosure of private key values that were added to the application.

This CVE is provided for informational purposes only, as Microsoft has already decided on this matter.

CVE-2021-42309 – Vulnerability in Microsoft SharePoint Server related to remote code execution

Base Score: 8.8

Affected components: Microsoft SharePoint Foundation 2013 Service Pack1 / 2016 / 2019 / SharePoint Server Subscription Edition

The attacker must be authenticated on the landing page and have privileges to manage lists in SharePoint. Then this vulnerability is useful to them.

We recommend closing this vulnerability right away!

CVE-2021-42320 – Vulnerability in Microsoft SharePoint Server related to spoofing

Base Score: 8.0

Affected components: Microsoft SharePoint Server Subscription Edition / 2016 / 2019

The attacker must be authenticated on the landing page and must have permission to change their display name in SharePoint. Then this vulnerability is useful to them.

This vulnerability should be closed with particular urgency.

CVE-2021-43215 – Vulnerability in iSNS Server Regarding Memory Corruption Could Lead to Remote Code Execution

Base Score: 9.8

Affected components: Windows Server 2008-2019 & Windows 7-10

An attacker can send a specially designed query to the Internet Storage Name Service (iSNS) server, which can allow code to be executed remotely.

The Internet Storage Name Service (iSNS) protocol is used for the interaction between iSNS servers and iSNS clients. iSNS maintains an Internet Storage Name Service (iSNS) server, which fulfills a registration function that allows all entities in a storage area network to register and query the iSNS database.

This vulnerability should urgently be closed if you are using iSNS technology!

CVE-2021-43217 – Vulnerability in Windows Encrypting File System (EFS) related to remote code execution

Base Score: 8.1

Affected components: Windows Server 2008-2022 & Windows 7-11

An attacker could cause a buffer overrun which allows execution of non-authenticated code that is not integrated in the sandbox.

The EFS interfaces execute a start of the EFS service if that has not already been done. For that reason this vulnerability does not presuppose any active use of the EFT technology.

Please update the environment with the current Windows Updates addressing the vulnerability.

CVE-2021-43899 – Vulnerability in Microsoft 4K Wireless Display Adapter related to remote code execution

Base Score: 9.8

Affected component: Microsoft 4k Wireless Display Adapter

An unauthenticated attacker inside the same network as the Microsoft 4K Display Adapter can send specially designed packets to a vulnerable device.

You must install the Microsoft Wireless Display Adapter app from the Microsoft Store on a system that is connected to the Microsoft 4K Wireless Display Adapter. After installation, use the section “Update and Security” of the app to download the latest firmware and install it.

Please update this component as soon as possible if you are using it.

CVE-2021-43905 – Vulnerability in Microsoft Office App related to remote code execution

Base Score: 9.6

Affected component: Microsoft Office App

The vulnerability named above allows attackers to execute code.

The Microsoft Store will automatically apply the update to the affected customers. Customers can also obtain the update immediately. Further information on this is available here.

CVE-2021-43907 – Visual Studio Code WSL Extension Remote Code Execution Vulnerability

Base Score: 9.8

Affected component: Microsoft Visual Studio Code WSL Extension

A potential attacker can execute access code through the network with minimal attack complexity without special privileges and without user interaction.

Please update the environment as soon as possible to close this vulnerability!

IBM

CVE-2021-29678 – IBM® Db2® is vulnerable to an Information Disclosure as a user with DBADM authority is able to access other databases and read or modify files

Base Score: 8.7

Affected component: IBM DB2

IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) could allow a user with DBADM authorization to access other databases and read or modify files.

Customers that execute a vulnerable fixpack level of an affected program (V9.7, V10.1, V10.5, v11.1 and V11.5) can download the special build with the interim fix for this problem from Fix Central. These special builds are available based on the latest fixpack level for each affected version: V9.7 FP11, V10.1 FP6, V10.5 FP11, V11.1.4 FP6 and with the release V11.5.7. They can be used on any affected fixpack level of the relevant version to correct this vulnerability.

We recommend that you update the DB2 environments.

Palo Alto

CVE-2021-3064 – Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces

Base Score: 9.8

Affected component: PAN-OS 8.1.16

A vulnerability in the Palo Alto OS PAN-OS version 8.1.16 allows attackers to exploit a vulnerability in the memory management and gain access.

We recommend that you update the OS of your Palo Alto as soon as possible.

If you have any questions or are not sure how to address the vulnerabilities named above, don’t hesitate to contact us.

We will help you to be more secure!

Contact us!

    I hereby consent to my personal data being collected, processed, and used for the purpose of processing my inquiry. I may revoke my consent anytime without stating my reasons for doing so. More information can be found in our privacy statement.

    E-Book: Was ist SAP S/4HANA?
    Alles über das aktuelle ERP von SAP

    Vor dem ERP-Umstieg stellen sich viele Fragen, etwa nach Deployment-Optionen, Funktionen, Migrationsszenarien oder Vorteilen. Die Antworten gibt unser E-Book.

    • Welche Funktionen bringt SAP S/4HANA mit?
    • Welche Vorteile bietet SAP S/4HANA?
    • Wie ist SAP S/4HANA aufgebaut?
    • Was kostet SAP S/4HANA?
    • Wie erfolgt der Umstieg meines ERPs auf SAP S/4HANA?
    Nagarro ES News Update

    Bleiben Sie auf dem Laufenden und erhalten Sie einmal im Monat unser News Update mit neuen Themen, Downloads und Events direkt in Ihr Postfach.

      Weitere Informationen finden Sie in unserer Datenschutzerklärung.

        Weitere Informationen finden Sie in unserer Datenschutzerklärung.