‼ CVE-2022-23008 ‼
📖 Read
via "National Vulnerability Database".
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40337 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23031 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14.1.x before 14.1.4.4, an XML External Entity (XXE) vulnerability exists in an undisclosed page of the F5 Advanced Web Application Firewall (Advanced WAF) and BIG-IP ASM Traffic Management User Interface (TMUI), also referred to as the Configuration utility, that allows an authenticated high-privileged attacker to read local files and force BIG-IP to send HTTP requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-4145 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23022 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP version 16.1.x before 16.1.2, when an HTTP profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23010 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23030 ‼
📖 Read
via "National Vulnerability Database".
On version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when the BIG-IP Virtual Edition (VE) uses the ixlv driver (which is used in SR-IOV mode and requires Intel X710/XL710/XXV710 family of network adapters on the Hypervisor) and TCP Segmentation Offload configuration is enabled, undisclosed requests may cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23032 ‼
📖 Read
via "National Vulnerability Database".
In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23015 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23017 ‼
📖 Read
via "National Vulnerability Database".
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled and is configured on a BIG-IP system, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.📖 Read
via "National Vulnerability Database".
🕴 How Does Threat Modeling Work in Software Development? 🕴
📖 Read
via "Dark Reading".
Threat modeling should be a continuous process alongside development, not a one-time project.📖 Read
via "Dark Reading".
Dark Reading
How Does Threat Modeling Work in Software Development?
Threat modeling should be a continuous process alongside development, not a one-time project.
‼ CVE-2021-43799 ‼
📖 Read
via "National Vulnerability Database".
Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit the default ports which RabbitMQ opens; this includes port 25672, the RabbitMQ distribution port, which is used as a management port. RabbitMQ's default "cookie" which protects this port is generated using a weak PRNG, which limits the entropy of the password to at most 36 bits; in practicality, the seed for the randomizer is biased, resulting in approximately 20 bits of entropy. If other firewalls (at the OS or network level) do not protect port 25672, a remote attacker can brute-force the 20 bits of entropy in the "cookie" and leverage it for arbitrary execution of code as the rabbitmq user. They can also read all data which is sent through RabbitMQ, which includes all message traffic sent by users. Version 4.9 contains a patch for this vulnerability. As a workaround, ensure that firewalls prevent access to ports 5672 and 25672 from outside the Zulip server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23258 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge for Android Spoofing Vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign 🕴
📖 Read
via "Dark Reading".
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.📖 Read
via "Dark Reading".
Dark Reading
Threat Actors Use Microsoft OneDrive for Command-and-Control in Attack Campaign
Signs hint at Russia's APT28, aka Fancy Bear, being behind the attacks, according to new research.
‼ CVE-2021-36294 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36347 ‼
📖 Read
via "National Vulnerability Database".
iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36295 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36348 ‼
📖 Read
via "National Vulnerability Database".
iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36296 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36289 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and use it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36346 ‼
📖 Read
via "National Vulnerability Database".
Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserver.📖 Read
via "National Vulnerability Database".