PT-2023-8484 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14 Description: An authentication issue was addressed with improved state management, allowing photos in the Hidden Photos Album to be viewed without authentication. The issue is related to a lack of authentication for...

Ubuntu 16.04 ESM / 18.04 ESM : CUPS vulnerability (USN-6361-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6361-2 advisory. USN-6361-1 fixed a vulnerability in CUPS. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable has...

Medium: cups

Issue Overview: An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents. CVE-2023-32360 Affected Packages: cups Issue...

Amazon Linux AMI : cups (ALAS-2023-1828)

The version of cups installed on the remote host is prior to 1.4.2-67.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1828 advisory. An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey...

CVE-2023-42261

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...

SUSE SLES12 Security Update : cups (SUSE-SU-2023:3706-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3706-1 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups (SUSE-SU-2023:3707-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3707-1 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in...

CVE-2023-31015

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service...

CVE-2023-31015

NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service...

PT-2023-27709 · Aurea · Arconte Áurea

Name of the Vulnerable Software and Affected Versions: ARCONTE Aurea version 1.5.0.0 Description: The authentication system could allow an attacker to make incorrect access requests, blocking each legitimate account and causing a denial of service. A resource has been identified that could allow...

PT-2023-5420 · Atos · Atos Unify Openscape Branch +2

Name of the Vulnerable Software and Affected Versions: Atos Unify OpenScape Session Border Controller versions through V10 R3.01.03 Atos Unify OpenScape Branch affected versions not specified Atos Unify OpenScape BCF affected versions not specified Description: The issue allows execution of OS...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : CUPS vulnerability (USN-6361-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6361-1 advisory. It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain...

Resetting RPC node password Timesout in HA

Under HA sync failed with error: "Unable to Authenticate with Primary, rpcnode password might have changed please reset it and try" When resetting it on Primary it times out...

PT-2023-22927 · Gallery · Gallery

Name of the Vulnerable Software and Affected Versions: Gallery versions prior to 14.5.01.2 Description: The issue is related to improper authentication in the LocalProvider of Gallery, allowing an attacker to access data in the content provider. Recommendations: For versions prior to 14.5.01.2,...

PT-2023-22912 · Unknown · Phone/Messaging Storage Smr Sep-2023 Release 1

Name of the Vulnerable Software and Affected Versions: Phone and Messaging Storage SMR SEP-2023 Release 1 Description: The issue is related to improper authentication, allowing an attacker to insert arbitrary data into the provider. Recommendations: For Phone and Messaging Storage SMR SEP-2023...

PT-2023-8553 · Sudo +7 · Sudo +7

Name of the Vulnerable Software and Affected Versions: Sudo versions prior to 1.9.15 Description: The issue is related to the authentication procedure in Sudo, which might allow row hammer attacks for authentication bypass or privilege escalation. This is because the application logic sometimes...

Cannot complete your request error when using Azure AD saml authentication

SAML authentication policy for AG has been configured. The IDP is Azure AD. However, "Can not complete your request error" appeared when using AG SSO Storefront...

PT-2023-18341 · WordPress · Badgeos

Name of the Vulnerable Software and Affected Versions: BadgeOS plugin for WordPress versions up to, and including, 3.7.1.6 Description: The issue is due to improper validation and authorization checks within the badgeos delete step ajax handler, badgeos delete award step ajax handler, badgeos...

Rocky Linux 9 : cups (RLSA-2023:4838)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4838 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. A...

AlmaLinux 8 : cups (ALSA-2023:4864)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4864 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...