A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to how an affected device processes certain IKEv2 packets. An attacker could exploit this vulnerability by sending specific IKEv2 packets to an affected device to be
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-ike?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20and%20IOS%20XE%20Software%20Internet%20Key%20Exchange%20Denial%20of%20Service%20Vulnerability&vs_k=1
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20and%20Firepower%20Threat%20Defense%20Software%20VPN%20Authorization%20Bypass%20Vulnerability&vs_k=1
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a misclassification of Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to an affected device. A successful exploit could allow the
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-rbip-dos?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20for%20Cisco%20Integrated%20Services%20Routers%20Generation%202%20Denial%20of%20Service%20Vulnerability&vs_k=1
Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. These vulnerabilities are due to insufficient validation of user-supplied parameters for certain API endpoints. An attacker could exploit these vulnerabilities by sending crafted input to an affected API endpoint. A successful exploit could allow an attacker to execute
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-Z3B5MY35?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20Software%20Command%20Injection%20Vulnerabilities&vs_k=1
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20and%20Firepower%20Threat%20Defense%20Software%20SNMP%20Denial%20of%20Service%20Vulnerability&vs_k=1
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Management%20Center%20and%20Firepower%20Threat%20Defense%20Software%20SSH%20Denial%20of%20Service%20Vulnerability&vs_k=1
Attackers are always looking for a single fundamental technique they can use to fully defeat a given security approach. With endpoint security solutions, this would involve dislodging an agent or sensor from its connections to the operating system. One possible approach would be to disable or disrupt “user mode hooking,” since that is, or was, … ContinuedThe post VMware Carbon Black Products and “User-Mode Hooking” Evasion Techniques appeared first on VMware
More info:
https://blogs.vmware.com/security/2022/12/vmware-carbon-black-products-and-user-mode-hooking-evasion-techniques.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-carbon-black-products-and-user-mode-hooking-evasion-techniques
Initial Publication Date: 12/13/2022 9:00AM EST On November 14, 2022, a security researcher reported an issue in Amazon Elastic Container Registry (ECR) Public Gallery, a public website for finding and sharing public container images. The researcher identified an ECR API action that, if called, could have enabled modification or removal of images available on ECR Public Gallery. As of November 15, 2022, the identified issue was remediated. We have conducted exhaustive analysis of all logs, we
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2022-010/
NodeJS vulnerability CVE-2022-35256 Security Advisory Security Advisory Description The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not ...
More info:
https://support.f5.com/csp/article/K17011311?utm_source=f5support&utm_medium=RSS
libTIFF vulnerability CVE-2022-3970 Security Advisory Security Advisory Description A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function ...
More info:
https://support.f5.com/csp/article/K37923932?utm_source=f5support&utm_medium=RSS
