Security Advisory Description In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client ...
More info:
https://my.f5.com/manage/s/article/K42531048?utm_source=f5support&utm_medium=RSS
Security Advisory Description An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client.
More info:
https://my.f5.com/manage/s/article/K21350967?utm_source=f5support&utm_medium=RSS
Security Advisory Description An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ ...
More info:
https://my.f5.com/manage/s/article/K12252011?utm_source=f5support&utm_medium=RSS
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-priv-esc-D8Bky5eg?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Unified%20Communications%20Products%20Privilege%20Escalation%20Vulnerability&vs_k=1
Security Advisory Description URL Redirection to Untrusted Site (Open Redirect) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 ...
More info:
https://my.f5.com/manage/s/article/K000136011?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2023-32002 The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This ...
More info:
https://my.f5.com/manage/s/article/K000135997?utm_source=f5support&utm_medium=RSS
Security Advisory Description URL Redirection to Untrusted Site (Open Redirect) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 ...
More info:
https://my.f5.com/manage/s/article/K000136011?utm_source=f5support&utm_medium=RSS
Security Advisory Description Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable ...
More info:
https://my.f5.com/manage/s/article/K000135996?utm_source=f5support&utm_medium=RSS
Security Advisory Description Over the past few weeks, the world has watched as tensions have risen between Russia and Ukraine, and most recently, those tensions have escalated into a military ...
More info:
https://my.f5.com/manage/s/article/K42406850?utm_source=f5support&utm_medium=RSS
Publication Date: 2023/08/23 10:00 AM PDT AWS is aware of three security issues (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) in Kubernetes that affect Amazon EKS customers with Windows EC2 nodes in their clusters. These issues do not affect any Kubernetes control plane or the service itself, nor do these issues permit cross-customer impact. Updated Amazon EKS Windows AMIs are now available for Kubernetes versions 1.23 through 1.27 that include patched builds of kubelet and csi-proxy. We
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2023-008/
