A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Packet%20Data%20Network%20Gateway%20IPsec%20ICMP%20Denial%20of%20Service%20Vulnerability&vs_k=1
Project: Drupal coreDate: 2023-April-19Security risk: Moderately critical 13∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassDescription: The file download facility doesnt sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to.Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you
More info:
https://www.drupal.org/sa-core-2023-005
Project: Drupal coreDate: 2023-April-19Security risk: Moderately critical 13∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassDescription: The file download facility doesnt sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to.Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you
More info:
https://www.drupal.org/sa-core-2023-005
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges. This vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server. An attacker could exploit this vulnerability by logging in to the web interface of an affected server. Under certain conditions, the authentication mechanism would be
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cml-auth-bypass-4fUCCeG5?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Modeling%20Labs%20External%20Authentication%20Bypass%20Vulnerability&vs_k=1
Multiple vulnerabilities in Cisco Industrial Network Director (IND) could allow an authenticated attacker to inject arbitrary operating system commands or access sensitive data. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-CAeLFk6V?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Industrial%20Network%20Director%20Vulnerabilities&vs_k=1
A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory traversal character sequences within system commands. An attacker with administrative privileges could exploit this vulnerability by running a system command containing directory traversal character sequences to target an arbitrary file. A successful exploit could allow the attacker to delete arbitrary
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmanage-wfnqmYhN?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20vManage%20Software%20Arbitrary%20File%20Deletion%20Vulnerability&vs_k=1
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS could allow an attacker to elevate privileges, overwrite arbitrary files, or view sensitive data on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-file-write-rHKwegKf?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Collaboration%20Endpoint%20and%20RoomOS%20Arbitrary%20File%20Write%20Vulnerabilities&vs_k=1
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. A successful exploit could allow the attacker to cause TCP connection resources to grow rapidly
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-tcp-dos-KEdJCxLs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20BroadWorks%20Network%20Server%20TCP%20Denial%20of%20Service%20Vulnerability&vs_k=1
A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20StarOS%20Software%20Key-Based%20SSH%20Authentication%20Privilege%20Escalation%20Vulnerability&vs_k=1
Endpoint security is recognizably an essential part of modern cybersecurity, and endpoint security tools are in many cases a first and last line of defense. Endpoint security is focused on securing servers, workloads, end-user workstations, laptops, and any other devices that are used to access corporate networks and SaaS applications. Generally, endpoint security is regarded … ContinuedThe post XDR: Identity Matters – Who You Know is As Important as What You Know appeared first on
More info:
https://blogs.vmware.com/security/2023/04/xdr-identity-matters-who-you-know-is-as-important-as-what-you-know.html?utm_source=rss&utm_medium=rss&utm_campaign=xdr-identity-matters-who-you-know-is-as-important-as-what-you-know
