For a decade, cyber security threats have continued to grow at alarming rates. Attackers have devised new strategies to analyze and take advantage of any vulnerability in the IT infrastructure of a company. Network administrators around the world have understood that traditional IT security is far from optimal. From WannaCry and Notpetya ransomware attacks to massive hack of Yahoo’s email system, the world has seen the consequences of the flaws in the security systems. Therefore, you don’t have to wait for an attack before deciding to adopt new standards in the IT infrastructure of your organization. A security vulnerability assessment and penetration test (VAPT) can help you to identify any security loophole in your hardware and software assets so that the threats can be prevented in the first place.
To help you out in evaluating the possible flaws in your network security, we have compiled top 10 vulnerabilities in 2018 that you should address before any disruption renders your services useless. The data is aggregated from the National Vulnerability Database (NVD), which is the largest public collection of technical vulnerabilities in the world. It deploys common vulnerability scoring (CVS) system which contains security flaws recorded by numerous organizations for analysis and possible remedy. Below are the top 10 security vulnerabilities that affected servers and web applications in 2018 that may also exist in your IT infrastructure:
1. Node-mac address: Vulnerability Score- Critical (10)
Node-mac address is an open source module that fetches MAC addresses (hardware addresses) in Linux, OS X, and Windows operating systems. It locates the MAC addresses of the host network interfaces but it is now vulnerable to command injection attacks.
2. Spring Data Commons: Vulnerability Score- Critical (9.8)
The Spring Data project works for simplifying database access and supporting cloud services. Spring Data Commons is part of the Spring Data project that provides shared infrastructure across its projects. It removes the boilerplate code and abstract data store interactions into a shared repository API.
The vulnerability allowed remote code execution attack where someone can take control of entire systems for malicious operations.
3. glibc: Vulnerability Score- Critical (9.8)
The GNU C library commonly known as glibc is the GNU Project’s implementation of the C standard library which also provides direct support for C++. The integer overflow vulnerability could allow hackers to gain unauthorized exposure to information, which could be modified for disrupting the services built upon glibc.
4. Electron: Vulnerability Score- Critical (9.6)
5. Base64-URL: Vulnerability Score- High (8.6)
Base64-URL enables Base64 encoding, decoding, escape and unescape for URL applications. It was discovered that the versions before 2.0.0 were vulnerable to out of bounds because it allocated uninitialized buffers when a number is passed as an input. This allowed attackers to extract sensitive data and perform DoS attacks by consuming a large amount of memory.
6. Apache Ant: Vulnerability Score- High (8.5)
Apache Ant is a Java library and command-line tool. It is designed to automate the software build process. It originated in early 2000 from Apache Tomcat project. It was recently hit by an archive extraction issue which affected its versions prior to 1.9.12. It allowed path traversal in archive extraction which could be used to execute arbitrary code by making a custom archive with traversal filenames.
7. Zend Framework: Vulnerability Score- High (8)
Zend framework is the engine behind PHP, the most widely used server-side scripting language for developing web applications. A URL rewrite issue was discovered in several projects of Zend framework that allowed unauthorized clients to emulate the headers for requesting arbitrary content.
8. URL-parse: Vulnerability Score- High (8)
9. Red Hat DHCP: Vulnerability Score- High (7.5)
Red hat is the world’s leading provider of enterprise open source solutions that delivers high-performing Linux, cloud, and Kubernetes technologies. A command line injection flaw was detected in a script included in DHCP client packages in Red Hat Enterprise Linux 6 and 7. An attacker on the local network can fool the DHCP responses to employ this vulnerability for executing arbitrary commands.
10. Linux Kernel: Vulnerability Score- High (7.3)
The Linux kernel is an open-source Unix-like computer operating system kernel. The kernel connects the system hardware to the application software. The Linux family of operating systems including Fedora, Ubuntu, CentOS etc. are all built upon this kernel.
A local security bypass flaw in versions prior to 4.11-rc8 allowed attackers to bypass certain security parameters to perform malicious actions on the system.
Network security is about how we can defend against any attack or much better, how we can devise new architectures that are immune to such attacks at the first place. One way to do so is to identify vulnerabilities in an environment and to respond quickly to prevent any potential threat through vulnerability assessments. A well-functioning vulnerability management system can help in the identification of security loopholes that attackers use to breach your network.