AlmaLinux 8 : cups (ALSA-2023:4864)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4864 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...

AlmaLinux 9 : cups (ALSA-2023:4838)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4838 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An...

Oracle Linux 9 : cups (ELSA-2023-4838)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4838 advisory. 1:2.3.3op2-16.1 - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation Tenable has extracted the preceding description block directly from...

RDP Error from ICA Session: "An authentication error has occurred (Code: 0x800706be)"

When we try to RDP inside an ICA session we get below error : Faulting application name: CredentialUIBroker.exe, version: 10.0.14393.4169, time stamp: 0x5ff78e7f Faulting module name: CtxWinlogonProv.dll, version: 0.0.0.0, time stamp: 0x5faeeb2d Exception code: 0xc0000005 Fault offset:...

PT-2023-26939 · Proself · Proself Mail Sanitize Edition +2

Name of the Vulnerable Software and Affected Versions: Proself Enterprise/Standard Edition versions 5.61 and earlier Proself Gateway Edition versions 1.62 and earlier Proself Mail Sanitize Edition versions 1.07 and earlier Description: The issue allows a remote unauthenticated attacker to log in ...

PT-2023-23799 · Dell · Dell Bios

Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: Dell BIOS contains an improper authentication issue. A malicious user with physical access to the system may potentially exploit this to modify a security-critical UEFI variable without...

SUSE CVE-2023-32360

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents...

External Users Unable to Authenticate via Workspace App

External users unable to authenticate the workspace app after upgrading the firmware to 13.0 build 33.52 but they can login through the web browser. Error : While logging through the workspace by giving the credentials it will again loop back to the same login page by throwing an error : "Incorre...

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

Authentication flaw

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

CVE-2023-34196

Affected software: Keyfactor EJBCA prior to 8.0.0. Vulnerable component: RA web certificate distribution servlet at /ejbca/ra/cert. Root cause: authentication issue enabling partial denial of service. In OAuth configurations, CA certificates (attributes and public keys) may be disclosed to unauth...

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

Moxa NPort Improper Authentication (CVE-2016-9361)

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPor...

PT-2023-12748 · Tetra · Tetra

Name of the Vulnerable Software and Affected Versions: TETRA affected versions not specified Description: A flaw in the TETRA authentication procedure allows a Man-In-The-Middle MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero. This issue does not specify the...

SUSE CVE-2023-2975

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misl...

Unable to login to Citrix Cloud - Error: "incorrect username, password or token"

Unable to login to Citrix Cloud to access virtualized app. The error message "incorrect username, password or token" is displayed. The process of setting up MFA works perfectly, but once Authenticator App is paired and actual login attempted, it always fails...

PT-2023-26024 · Elecom +1 · Elecom Wrc-1167Febk-A +8

Name of the Vulnerable Software and Affected Versions: ELECOM WRC-1167GHBK3-A versions 1.24 and earlier ELECOM WRC-1167FEBK-A versions 1.18 and earlier ELECOM WRC-F1167ACF2 all versions ELECOM WRC-600GHBK-A all versions ELECOM WRC-733FEBK2-A all versions ELECOM WRC-1467GHBK-A all versions ELECOM...

PT-2023-24259 · Unknown · Powershield Snmp Web Pro

Name of the Vulnerable Software and Affected Versions: PowerShield SNMP Web Pro version 1.1 Description: The authentication mechanism contains an issue that allows unauthenticated users to directly access Common Gateway Interface CGI scripts without proper identification or authorization. This...

PT-2023-4071 · Sap · Sap Netweaver Process Integration

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Process Integration version SAP XIAF 7.50 Description: The issue is related to the Message Display Tool MDT component of SAP NetWeaver Process Integration, which lacks proper authentication checks for certain functionalities. Th...