Preface: CMDB is a repository that should contain only business critical items that you want to track. It should contain a record of information that allows you to answer business critical questions and helps you to connect business processes. CMDB should contain all the items that are important for your business or a service.

About SAP solution manager: SAP solution manager explicitly assists enterprise to fulfill above objectives. If you are planning to use SAP PI module then you should install Java Stack. Java Stack is currently being on Web based front ends and Stand-alone java portal. SAP NetWeaver Process Integration (SAP PI) is SAP enterprise application integration (EAI) software, a component of the NetWeaver product group used to facilitate the exchange of information among a company’s internal software and systems and those of external parties.

SAP Solution Manager – Multiple vulnerabilities due to lack of authentication check: For vulnerability details, please refer to link below. Apart from this, attached diagram can provide a quick way to understand the whole matters.

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571

Changes related to SAP Solution Manager – Because of the SAP update a new version of SAP Solution Manager will be required starting January 1st 2020. The enhancement shown as below:

SAP solution Manager 7.2 SPS05/SPS06 – Partial connectivity to SAP, manual effort required.

Preface: Our daily life is relies on Cloud computing system. Smart City, GPRS, mapping & spatial analytics technology their backend system are located on cloud. Apart of cloud system operation and architecture. The inter network empower its life.

Background: In our digital world , networks packet processing functions are dynamically injected into the network. Each packet may carry the processing code that routers apply to the network when they perform forwarding functions. Furthermore, Ingress packets are temporarily stored in the internal dispatcher packet buffer until processed. When a feature is not supported in the CEF switching path, the punt adjacency allows a packet to be switched using the next slower switching mechanism configured on the router. Once packet processing is complete and the packet has been modified.The packet is copied from the internal packet buffer to the deep output packet buffer, where it awaits scheduling for output.

Technical highlights: The ingress processing gets executed for each packet that is received on the ingress interface (MAC). The processing should decode the packet headers and determine where the packet shall be sent. When a feature is not supported in the CEF switching path, the punt adjacency allows a packet to be switched using the next slower switching mechanism configured on the router.

Current known factors: A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more details. please refer to url – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY

Preface: Have you heard a terms, so called take Ownership of his Registry key?

Background: CapaSystems helps businesses achieve greater efficiency through Device Management and Monitoring by using CapaInstaller and PerformanceGuard. The purpose for the CapaInstaller Agent Health Check is to maintain a healthy and up to date agent on every computer/server.

Vulnerability details: A security flaw has been found in CapaInstaller, where a user with standard user privileges logged on to a computer with the CapaInstaller Agent installed could escalate their local user rights. For details, please refer to the link below.

https://capawiki.capasystems.com/display/ci/CapaInstaller+6.0+-+Build+101

How to prevent similar matters happen? The efficient way to block users from opening and editing the Registry on Windows 10 is by using the Local Group Policy editor. You can enable Prevent access to registry editing tools policy.

Preface: This vulnerability disclosed one year ago. Perhaps the details of defect you require to know.

Background: Shibboleth is a web-based Single Sign-On infrastructure. It is based on SAML. Shibboleth does not carry out authentication itself. SAML (Security Assertion Mark-up Language) is an umbrella standard that covers federation, identity management and single sign-on (SSO).

Vulnerability details:

The Shibboleth Identity Provider supports a number of login flows that rely on servlets or JSP pages to operate, including External, RemoteUser, X509, and SPNEGO. These flows are vulnerable to a denial of service attack by a remote, unauthenticated attacker, via Java heap exhaustion due to the creation of objects in the Java Servlet container session.

Causes: The use of expressions like “new someclass()” in the webflows, e.g. in the ExternalAuthentication flows, is a denial of service vector for remote attackers because of memory exhaustion if the objects are stored anywhere that isn’t associated with the webflow conversations. The conversations are capped at 5 apparently, and get swapped out for new ones, but storing anything the container session would not be freed and would accumulate.

Remark: Java Heap space is used by java runtime to allocate memory to Objects and JRE classes. Whenever we create an object, it’s always created in the Heap space.

Official announcement: https://shibboleth.net/community/advisories/secadv_20191002.txt

Preface: Sometimes vulnerability causes by misconfiguration.

Vulnerability details: MinGW (http://www.mingw.org/) provides a complete Open Source programming tool set which is suitable for the development of native MS-Windows applications, and which do not depend on any 3rd-party C-Runtime DLLs. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment. Therefore the default prefix for program installation as well as for OPENSSLDIR should be ‘/usr/local’.
Unfortunately when similar concept implement to MS Windows environment. The /use/local will be world writable.
In additional, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own –prefix.
OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue.

By default, the OpenSSL directory is /usr/local/ssl. If you perform a config without –prefix and without –openssldir, that’s what you get by default.

Above vulnerability has been recorded on CVE database (CVE-2019-1552). One years more later software vendor (Macrium) encountered similar of design defect (CVE-2020-10143). Please refer to link – https://kb.cert.org/vuls/id/760767

Workaround: Ensure that the OPENSSLDIR path is set to a location that is only writable by the system itself.

Preface: Integrating Oracle BI Presentation Services into Corporate Environments Using HTTP and JavaScript. Java made business operation perfect. Meanwhile, it make people headache!

Background: When called from within an Oracle BI Presentation Services screen, such as a dashboard or an HTML result view, the URL should begin with the following characters: saw.dll?Go

When called from another screen on the same Web server, the URL should begin with the following characters: /analytics/saw.dll?Go

Vulnerability details: Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation) – The ‘getPreviewImage’ function is used to get a preview image of a previously uploaded theme logo. By manipulating the ‘previewFilePath’ URL parameter an attacker with access to the administration interface is able to read arbitrary system files.

Official announcement: https://www.oracle.com/security-alerts/cpuoct2020.html

Preface: Cloud computing build civilization chain. The strongest of AI, Smart City technology will be according to the foundation of cloud.

Technical background: Google Container Registry (GCR) is a service in Google Cloud Platform (GCP) to manage your own docker container repository. This is fully managed service and you can store your custom container images as well as common images from other image repositories.

Vulnerability details: If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (foreign layer), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers.

Highlights: The manifest supports an optional field for an external URL from which content may be fetched, and it can be any registry or domain.

Remedy: This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected.

Workaround: Ensure that only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected.