Blog

Publicado el

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-priv-esc-qTgUZOsQ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20BroadWorks%20Privilege%20Escalation%20Vulnerability&vs_k=1
Publicado el

Cisco Small Business SPA500 Series IP Phones Web UI Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) or HTML injection attacks. For more information about these vulnerabilities, see the Details section of this advisory. There are no workarounds that address these vulnerabilities. This advisory is available at the following More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-web-multi-7kvPmu2F?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Small%20Business%20SPA500%20Series%20IP%20Phones%20Web%20UI%20Vulnerabilities&vs_k=1
Publicado el

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-priv-esc-qTgUZOsQ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20BroadWorks%20Privilege%20Escalation%20Vulnerability&vs_k=1
Publicado el

K000135507 : Java vulnerabilities CVE-2020-14781

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and ... More info: https://my.f5.com/manage/s/article/K000135507?utm_source=f5support&utm_medium=RSS
Publicado el

The Top Sessions and Tutorials at VMware Explore 2023 Las Vegas You Can’t Miss

VMware Explore 2023 is fast approaching and I’m sure you’re wondering what we have in store for you. The sheer breadth of our event content has evolved from last year and if you’re looking for the latest and greatest in networking and security, there are some sessions you must prioritize! At VMware Explore you’ll learn how … ContinuedThe post The Top Sessions and Tutorials at VMware Explore 2023 Las Vegas You Can’t Miss appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2023/07/the-top-sessions-and-tutorials-at-vmware-explore-2023-las-vegas-you-cant-miss.html?utm_source=rss&utm_medium=rss&utm_campaign=the-top-sessions-and-tutorials-at-vmware-explore-2023-las-vegas-you-cant-miss
Publicado el

K35253541 : Java vulnerability CVE-2020-14797

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0. ... More info: https://my.f5.com/manage/s/article/K35253541?utm_source=f5support&utm_medium=RSS
Acceso Administrador
Translate »