Day: 11 marzo, 2021

With thousands of customers adopting the VMware Carbon Black Cloud to secure their endpoints and workloads, our ecosystem continues to grow, developing integrations to deliver enhanced workflows and security to our customers. We are proud to announce the interoperability between the VMware Carbon Black Cloud and Proofpoint Targeted Attack Protection (TAP). Using these solutions together provides coordinated detections and automated response workflows across end user devices and inboxes to More info: https://blogs.vmware.com/security/2021/03/announcing-coordinated-detection-response-from-vmware-carbon-black-and-proofpoint.html?utm_source=rss&utm_medium=rss&utm_campaign=announcing-coordinated-detection-response-from-vmware-carbon-black-and-proofpoint

Linux kernel ext3/ext4 file system vulnerability CVE-2020-14314 Security Advisory Security Advisory Description A memory out-of-bounds read flaw was found in the Linux kernels ext3/ext4 file ... More info: https://support.f5.com/csp/article/K67830124?utm_source=f5support&utm_medium=RSS

glibc vulnerability CVE-2019-25013 Security Advisory Security Advisory Description The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte ... More info: https://support.f5.com/csp/article/K68251873?utm_source=f5support&utm_medium=RSS

Apache mod_proxy_ftp vulnerability CVE-2020-1934 Security Advisory Security Advisory Description In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to ... More info: https://support.f5.com/csp/article/K59333944?utm_source=f5support&utm_medium=RSS

BIG-IQ HA vulnerability CVE-2021-23005 Security Advisory Security Advisory Description When using a Quorum device for BIG-IQ high availability (HA) for automatic failover, BIG-IQ does not make use ... More info: https://support.f5.com/csp/article/K01243064?utm_source=f5support&utm_medium=RSS

BIG-IQ XSS vulnerability CVE-2021-23006 Security Advisory Security Advisory Description Undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. (CVE-2021-23006) Impact An ... More info: https://support.f5.com/csp/article/K30585021?utm_source=f5support&utm_medium=RSS

BIG-IP MPTCP vulnerability CVE-2021-23004 Security Advisory Security Advisory Description Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers without MPTCP enabled in ... More info: https://support.f5.com/csp/article/K31025212?utm_source=f5support&utm_medium=RSS

BIG-IP SNAT vulnerability CVE-2021-22998 Security Advisory Security Advisory Description SYN flood protection thresholds are not enforced in secure network address translation (SNAT) listeners. ( ... More info: https://support.f5.com/csp/article/K31934524?utm_source=f5support&utm_medium=RSS

BIG-IP TMM vulnerability CVE-2021-23000 Security Advisory Security Advisory Description If the tmm.http.rfc.enforcement with invalid host detection is enabled, a specific sequence of malicious ... More info: https://support.f5.com/csp/article/K34441555?utm_source=f5support&utm_medium=RSS

F5 TMUI XSS vulnerability CVE-2021-22994 Security Advisory Security Advisory Description Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete ... More info: https://support.f5.com/csp/article/K66851119?utm_source=f5support&utm_medium=RSS