News aggregator

CVE-2017-16855

National Vulnerability Database - Thu, 11/16/2017 - 13:29
Ipsilon before 2.1.0 has a "SAML2 multi-session vulnerability."
Categories: Security News

CVE-2017-16846

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter.
Categories: Security News

CVE-2017-16847

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action.
Categories: Security News

CVE-2017-16848

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter.
Categories: Security News

CVE-2017-16849

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter.
Categories: Security News

CVE-2017-16850

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action.
Categories: Security News

CVE-2017-16851

National Vulnerability Database - Thu, 11/16/2017 - 12:29
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /MyPage.do widgetid parameter.
Categories: Security News

CVE-2017-16852

National Vulnerability Database - Thu, 11/16/2017 - 12:29
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka SSPCPP-763.
Categories: Security News

CVE-2017-16853

National Vulnerability Database - Thu, 11/16/2017 - 12:29
The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka CPPOST-105.
Categories: Security News

CVE-2017-15864

National Vulnerability Database - Thu, 11/16/2017 - 10:29
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.
Categories: Security News

CVE-2017-16560

National Vulnerability Database - Thu, 11/16/2017 - 10:29
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes.
Categories: Security News

CVE-2017-16777

National Vulnerability Database - Thu, 11/16/2017 - 10:29
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root.
Categories: Security News

CVE-2017-16844

National Vulnerability Database - Thu, 11/16/2017 - 10:29
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618.
Categories: Security News

CVE-2017-5738

National Vulnerability Database - Thu, 11/16/2017 - 09:29
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network access to cause a denial of service and/or information disclosure.
Categories: Security News

CVE-2017-12337

National Vulnerability Database - Thu, 11/16/2017 - 02:29
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797.
Categories: Security News

CVE-2017-12350

National Vulnerability Database - Thu, 11/16/2017 - 02:29
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220.
Categories: Security News

CVE-2017-12290

National Vulnerability Database - Thu, 11/16/2017 - 02:29
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit these vulnerabilities by persuading a user to click a malicious link or by sending an HTTP request that could cause the affected service to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface of the affected system or allow the attacker to access sensitive browser-based information on the affected system. These types of exploits could also be used in phishing attacks that send users to malicious websites without their knowledge. Cisco Bug IDs: CSCve77195, CSCve90978, CSCvf42310, CSCvf42703, CSCvf42723, CSCvf46169, CSCvf49999.
Categories: Security News

CVE-2017-12291

National Vulnerability Database - Thu, 11/16/2017 - 02:29
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit these vulnerabilities by persuading a user to click a malicious link or by sending an HTTP request that could cause the affected service to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface of the affected system or allow the attacker to access sensitive browser-based information on the affected system. These types of exploits could also be used in phishing attacks that send users to malicious websites without their knowledge. Cisco Bug IDs: CSCve77195, CSCve90978, CSCvf42310, CSCvf42703, CSCvf42723, CSCvf46169, CSCvf49999.
Categories: Security News

CVE-2017-12292

National Vulnerability Database - Thu, 11/16/2017 - 02:29
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit these vulnerabilities by persuading a user to click a malicious link or by sending an HTTP request that could cause the affected service to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface of the affected system or allow the attacker to access sensitive browser-based information on the affected system. These types of exploits could also be used in phishing attacks that send users to malicious websites without their knowledge. Cisco Bug IDs: CSCve77195, CSCve90978, CSCvf42310, CSCvf42703, CSCvf42723, CSCvf46169, CSCvf49999.
Categories: Security News

CVE-2017-12299

National Vulnerability Database - Thu, 11/16/2017 - 02:29
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to deny local IP management traffic. The vulnerability is due to an implementation error that exists in the process of creating default IP blocks when the device is initialized, and the way in which those IP blocks interact with user-configured filters for local IP management traffic (for example, SSH to the device). An attacker could exploit this vulnerability by sending traffic to the local IP address of the targeted device. A successful exploit could allow the attacker to connect to the local IP address of the device even when there are filters configured to deny the traffic. Cisco Bug IDs: CSCvd97962.
Categories: Security News

Pages