CVE-2023-2737

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation...

Privilege escalation

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation...

CVE-2023-2737 Improper securing of log directory may allow a denial of service

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation...

CVE-2023-2737 Improper securing of log directory may allow a denial of service

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation...

CVE-2023-2737

CVE-2023-2737 involves Thales SafeNet Authentication Service 3.4.0 on Windows with an improper log permissions flaw due to misconfigured logging privileges. An authenticated attacker can trigger a Denial of Service via local privilege escalation. The available connected sources confirm the vulner...

Thales Group SafeNet Authentication Service 安全漏洞

Thales Group SafeNet Authentication Service is an authentication service from Thales Group, a French company. A security vulnerability exists in SafeNet Authentication Service version 3.4.0, which stems from a misconfiguration of logging privileges. An attacker could use this vulnerability to cau...

Debian dla-3486 : ocsinventory-reports - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3486 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3486-1 [email protected] https://www.debian.org/lts/security/...

SonicWALL Analytics和GMS 授权问题漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

CVE-2023-20108

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the...

CVE-2023-20108

CVE-2023-20108 affects Cisco Unified Communications Manager IM&P, specifically the XCP Authentication Service. The vulnerability stems from improper validation of user-supplied input in the authentication process, and a remote, unauthenticated attacker can trigger a crafted login message to cause...

CVE-2023-20108

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the...

The vulnerability of the XCP Authentication service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) allows a perpetrator to cause a service failure.

The vulnerability of the XCP Authentication service in the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P system is related to insufficient validation of user input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a...

CVE-2023-20108

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the...

PT-2023-3120 · Cisco · Cisco Unified Communications Manager Im & Presence Service

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P affected versions not specified Description: The issue is related to insufficient validation of user-supplied input in the XCP Authentication Service, which could allo...

Ellucian 跨站脚本漏洞

Ellucian is Ellucian's open and flexible technology ecosystem supporting SaaS. A cross-site scripting vulnerability exists in Ellucian Ethos Identity versions prior to 5.10.5, which stems from the presence of an unknown function in the file /cas/logout that leads to cross-site scripting via the...

SUSE CVE-2022-2385

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

ProFTPd 安全漏洞

ProFTPd is a highly configurable open source FTP server software. A security vulnerability exists in ProFTPd versions prior to 1.3.7c, which stems from modradius copying a 16-character block that allows memory leaks to a RADIUS server...

GHSA-W8FP-3GWQ-GXPW Concrete CMS vulnerable to Cross-site Request Forgery

Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth...

Cross site request forgery (csrf)

Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth...