βΌ CVE-2022-31678 βΌ
π Read
via "National Vulnerability Database".
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-37913 βΌ
π Read
via "National Vulnerability Database".
Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a complete compromise of the Aruba EdgeConnect Enterprise Orchestrator with versions 9.1.2.40051 and below, 9.0.7.40108 and below, 8.10.23.40009 and below, and any older branches of Orchestrator not specifically mentioned.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33859 βΌ
π Read
via "National Vulnerability Database".
A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operationΓ’β¬β’s vast array of devices to assist in the reduction of energy consumption and avoid unplanned downtime caused by the failures of critical systems. A threat actor may upload arbitrary files using the file upload feature. This vulnerability is present in versions 4.x, 5.x, 6.x & 7.0 to 7.5. A new version (v7.6) containing the remediation has been made available by Eaton and a mitigation has been provided for the affected versions that are currently supported. Customers are advised to update the software to the latest version (v7.6). Foreseer EPMS versions 4.x, 5.x, 6.x are no longer supported by Eaton. Please refer to the End-of-Support notification https://www.eaton.com/in/en-us/catalog/services/foreseer/foreseer-legacy.html .π Read
via "National Vulnerability Database".
βΌ CVE-2021-38397 βΌ
π Read
via "National Vulnerability Database".
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37915 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to a complete system compromise of Aruba EdgeConnect Enterprise Orchestration with versions 9.1.x branch only, Any 9.1.x Orchestrator instantiated as a new machine with a release prior to 9.1.3.40197, Orchestrators upgraded to 9.1.x were not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36206 βΌ
π Read
via "National Vulnerability Database".
All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.π Read
via "National Vulnerability Database".
β S3 Ep106: Facial recognition without consent β should it be banned? β
π Read
via "Naked Security".
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!π Read
via "Naked Security".
Naked Security
S3 Ep106: Facial recognition without consent β should it be banned?
Latest episode β listen (or read) now. Teachable moments for X-Ops professionals!
π1
ποΈ VMWare patches RCE exploit in NSX Manager ποΈ
π Read
via "The Daily Swig".
Bug fixed despite product reaching end of lifeπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
VMWare patches RCE exploit in NSX Manager
End-of-life product is βback from the deadβ as vendor makes exception for critical bug
β Updates to Appleβs zero-day update story β iPhone and iPad users read this! β
π Read
via "Naked Security".
Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-3322 βΌ
π Read
via "National Vulnerability Database".
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3320 βΌ
π Read
via "National Vulnerability Database".
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3321 βΌ
π Read
via "National Vulnerability Database".
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in the application settings. Such configuration caused the WARP client to disconnect and allowed the user to bypass restrictions and policies enforced by the Zero Trust platform.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3512 βΌ
π Read
via "National Vulnerability Database".
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3337 βΌ
π Read
via "National Vulnerability Database".
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature being enabled on Zero Trust Platform. This led to bypassing policies and restrictions enforced for enrolled devices by the Zero Trust platform.π Read
via "National Vulnerability Database".
π Zed Attack Proxy 2.12.0 Cross Platform Package π
π Read
via "Packet Storm Security".
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.π Read
via "Packet Storm Security".
Packetstormsecurity
Zed Attack Proxy 2.12.0 Cross Platform Package β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2022-3741 βΌ
π Read
via "National Vulnerability Database".
Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the server. These accounts still need to be activated; however, it is possible to identify the output Status Code to separate accounts that are generated and waiting for email verification. \n\nFor the sign in directories, it is possible to brute force login attempts to either login portal, which could lead to account compromise.π Read
via "National Vulnerability Database".
ποΈ Upcoming βcriticalβ OpenSSL update prompts feverish speculation ποΈ
π Read
via "The Daily Swig".
Is the new Heartbleed or just a bleeding distraction?π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Upcoming βcriticalβ OpenSSL update prompts feverish speculation
Is it the new Heartbleed or just a bleeding distraction?
π1
βΌ CVE-2021-38737 βΌ
π Read
via "National Vulnerability Database".
SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3018 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35388 βΌ
π Read
via "National Vulnerability Database".
Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37781 βΌ
π Read
via "National Vulnerability Database".
Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php.π Read
via "National Vulnerability Database".