An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.

The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14753 advisory.

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-2 advisory.

  - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data     Amplification) vulnerability in Servers and clients, unless configured with compression=None that can     result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a     specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5.
    (CVE-2018-1000518)

  - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via     timed processing of valid PKCS#1 v1.5 ciphertext. (CVE-2020-25659)

  - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically     encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the     Fernet class. (CVE-2020-36242)

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

  - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly,     leading to an unchecked call into the proto file's name during generation of the resulting error message.
    Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or     greater. (CVE-2021-22570)

  - A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
    A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a     Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3,     3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions     for 3.16 and 3.17 are no longer updated. (CVE-2022-1941)

  - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6     and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated     embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between     mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend     updating to the versions mentioned above. (CVE-2022-3171)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory.

  - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data     Amplification) vulnerability in Servers and clients, unless configured with compression=None that can     result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a     specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5.
    (CVE-2018-1000518)

  - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via     timed processing of valid PKCS#1 v1.5 ciphertext. (CVE-2020-25659)

  - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically     encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the     Fernet class. (CVE-2020-36242)

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

  - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly,     leading to an unchecked call into the proto file's name during generation of the resulting error message.
    Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or     greater. (CVE-2021-22570)

  - A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
    A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a     Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3,     3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions     for 3.16 and 3.17 are no longer updated. (CVE-2022-1941)

  - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6     and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated     embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between     mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend     updating to the versions mentioned above. (CVE-2022-3171)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of IBM Cognos Analytics installed on the remote host is 11.1.x prior to 11.1.7 Fix Pack 7 or 11.2.x prior to 11.2.4 FP1. It is, therefore, affected by multiple vulnerabilities, including the following:

  - GNOME libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free     flaw in the xmlXIncludeDoProcess() function in xinclude.c. By sending a specially-crafted file, an attacker could     exploit this vulnerability to execute arbitrary code on the system. (CVE-2021-3518)

  - Node.js could allow a local attacker to gain elevated privileges on the system, caused by the DLL search order     hijacking of providers.dll. By placing a specially crafted file, an attacker could exploit this vulnerability     to escalate privileges. (CVE-2022-32223)

  - Node.js marked module is vulnerable to a denial of service, caused by a regular expression denial of service     (ReDoS) flaw in inline.reflinkSearch. By sending a specially-crafted regex input, a remote attacker could exploit     this vulnerability to cause a denial of service condition. (CVE-2022-21681)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the April 2023 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities, including:

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console     (Apache Commons FileUpload)). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and     14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP     to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server.
    (CVE-2023-24998)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples     (XStream)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable     vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic     Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2022-40152)

  - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Third Party     (Apache Commons Compress)). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise     Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2021-36090)

  Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3393 advisory.

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

  - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly,     leading to an unchecked call into the proto file's name during generation of the resulting error message.
    Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or     greater. (CVE-2021-22570)

  - A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
    A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a     Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3,     3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions     for 3.16 and 3.17 are no longer updated. (CVE-2022-1941)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5945-1 advisory.

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

  - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly,     leading to an unchecked call into the proto file's name during generation of the resulting error message.
    Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or     greater. (CVE-2021-22570)

  - A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
    A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a     Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3,     3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions     for 3.16 and 3.17 are no longer updated. (CVE-2022-1941)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3922-1 advisory.

  - An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a     way that would be processed out of order. A small malicious payload can occupy the parser for several     minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We     recommend upgrading libraries beyond the vulnerable versions. (CVE-2021-22569)

  - A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including     3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures.
    A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a     Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3,     3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions     for 3.16 and 3.17 are no longer updated. (CVE-2022-1941)

  - A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6     and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated     embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between     mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend     updating to the versions mentioned above. (CVE-2022-3171)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory.

  - Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server.
    The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged     attacker having Create Any Procedure privilege with network access via Oracle Net to compromise Oracle     Database - Enterprise Edition Sharding. Successful attacks of this vulnerability can result in takeover of     Oracle Database - Enterprise Edition Sharding. (CVE-2022-21410)

  - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are     12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create     Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks     of this vulnerability can result in unauthorized creation, deletion or modification access to critical     data or all Java VM accessible data. (CVE-2022-21498)

  - Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server.
    Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows     low privileged attacker having Create Session privilege with network access via Oracle Net to compromise     RDBMS Gateway / Generic ODBC Connectivity. Successful attacks of this vulnerability can result in     unauthorized update, insert or delete access to some of RDBMS Gateway / Generic ODBC Connectivity     accessible data as well as unauthorized read access to a subset of RDBMS Gateway / Generic ODBC     Connectivity accessible data. (CVE-2022-21411)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
187945	Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.27 / 5.4.x < 5.4.11 (JSDSERVER-14753)	Nessus	Misc.	medium
181751	SUSE SLES15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-2)	Nessus	SuSE Local Security Checks	critical
178008	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-1)	Nessus	SuSE Local Security Checks	critical
175429	IBM Cognos Analytics Multiple Vulnerabilities (6986505)	Nessus	CGI abuses	critical
174464	Oracle WebLogic Server (Apr 2023 CPU)	Nessus	Misc.	high
174436	Debian DLA-3393-1 : protobuf - LTS security update	Nessus	Debian Local Security Checks	high
172495	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Protocol Buffers vulnerabilities (USN-5945-1)	Nessus	Ubuntu Local Security Checks	high
167241	SUSE SLED15 / SLES15 Security Update : protobuf (SUSE-SU-2022:3922-1)	Nessus	SuSE Local Security Checks	high
160079	Oracle Database Server (Apr 2022 CPU)	Nessus	Databases	high

Detections

Analytics

CVE-2021-22569

medium

Tenable Plugins

medium

critical

critical

critical

high

high

high

high

high