SB2021031533 - RSA Authentication Manager update for third-party components

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021031533

SB2021031533 - RSA Authentication Manager update for third-party components

Published: March 15, 2021 Updated: May 17, 2025

Security Bulletin ID SB2021031533
Severity
High
Patch available
YES
Number of vulnerabilities 20
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 10% Medium 60% Low 30%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 20 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2019-12900)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the BZ2_decompress() function in decompress.c. A remote attacker can create a specially crafted archive, trick the victim into opening it using the affected library, trigger out-of-bounds write and execute arbitrary code on the target system.

2) Link following (CVE-ID: CVE-2021-23240)

The vulnerability allows a local authenticated user to execute arbitrary code.

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.


3) Link following (CVE-ID: CVE-2021-23239)

The vulnerability allows a local authenticated user to gain access to sensitive information.

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.


4) Heap-based buffer overflow (CVE-ID: CVE-2021-3156)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in sudo. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with root privileges.



5) Improper input validation (CVE-ID: CVE-2021-2033)

The vulnerability allows a remote authenticated user to perform service disruption.

The vulnerability exists due to improper input validation within the Core Components component in Oracle WebLogic Server. A remote authenticated user can exploit this vulnerability to perform service disruption.


6) Uncontrolled memory allocation (CVE-ID: CVE-2018-10237)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unbounded memory allocation. A remote attacker can cause the service to crash and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

7) Improper input validation (CVE-ID: CVE-2021-2047)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Core Components component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


8) Input validation error (CVE-ID: CVE-2019-17195)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to Nimbus JOSE+JWT throws various uncaught exceptions while parsing a JWT. A remote attacker can send a specially crafted JWT token and cause the application to crash or potentially bypass authentication.


9) Out-of-bounds read (CVE-ID: CVE-2020-3123)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) with enabled optional DLP feature. A remote attacker can send a specially crafted email to the affected system, trigger an out-of-bounds read error and crash the ClamAV process.


10) NULL pointer dereference (CVE-ID: CVE-2020-3481)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the EGG archive module. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.


11) Use of insufficiently random values (CVE-ID: CVE-2020-25705)

The vulnerability allows a remote attacker to gain access to sensitive information.

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.


12) Input validation error (CVE-ID: CVE-2019-15961)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed via email messages due to overly long parsing of MIME messages. A remote attacker can send a specially crafted email message and perform a denial of service attack.


13) Race condition (CVE-ID: CVE-2020-3350)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the endpoint software. A local user can exploit the race, gain elevated privileges and delete arbitrary files on the system.


14) Out-of-bounds read (CVE-ID: CVE-2020-3327)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when processing ARJ archives. A remote attacker can pass specially crafted ARJ archive to the application, trigger out-of-bounds read error and crash the service.


15) Out-of-bounds read (CVE-ID: CVE-2020-3341)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the AES decryption routines when processing PDF files in ClamAV. A remote attacker can create a specially crafted file, pass it to the application, trigger an out-of-bounds read error and crash the service.


16) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2020-14145)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in openssh client during algorithm negotiation due to observable discrepancy. A remote attacker can perform a Man-in-the-Middle (MitM) attack.


17) NULL pointer dereference (CVE-ID: CVE-2020-1971)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack.


18) Uncontrolled Recursion (CVE-ID: CVE-2020-28196)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion in MIT Kerberos 5 (aka krb5) implementation when processing ASN.1-encoded Kerberos messages in lib/krb5/asn.1/asn1_encode.c. A remote attacker can pass specially crafted data to the application that uses Kerberos and perform a denial of service (DoS) attack.


19) Out-of-bounds read (CVE-ID: CVE-2020-25643)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the HDLC_PPP module of the Linux kernel in the ppp_cp_parse_cr() function. A remote authenticated user can trigger out-of-bounds read error and read contents of memory on the system.


20) Memory leak (CVE-ID: CVE-2019-19063)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "rtl_usb_probe()" function in "drivers/net/wireless/realtek/rtlwifi/usb.c" file. A remote attacker on the local network can cause a denial of service condition (memory consumption).

Remediation

Install update from vendor's website.

References