Citrix Federated Authentication Service (FAS) Security Update

An issue has been identified in Citrix Federated Authentication Service FAS which causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider...

CVE-2021-39070

IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service enabled could allow an attacker to authenticate as any user on the system. IBM X-Force ID: 215353...

CVE-2021-44524

A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...

Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers are impersonating the Iranian government in a widespread SMS phishing campaign that is defrauding thousands of Android users by installing malware on their devices that can steal their credit card data and siphon money from financial accounts. Researchers from Check Point Research...

CVE-2021-41826

PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessionscontroller.rb open redirect...

CVE-2021-41826

PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessionscontroller.rb open redirect...

Open redirect

PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessionscontroller.rb open redirect...

CVE-2021-41826

PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessionscontroller.rb open redirect...

PlaceOs Authentication Service 输入验证错误漏洞

PlaceOs Authentication Service is a PlaceOs authentication service and Api gatekeeper. PlaceOs Authentication Service is vulnerable to an input validation error, which can be exploited by attackers to open redirects...

Zope 跨站脚本漏洞

Zope is a set of object-oriented, open source web application servers written in the Python language from the Zope ZOPE community. A cross-site scripting vulnerability exists in Zope Products.CMFCore before 2.5.1 and PluggableAuthService before 2.6.2, which stems from allowing reflection of XSS...

Authentication flaw

On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD Active Directory authentication can be bypassed via a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC...

Error: Unable to Create Authentication Service for Receiver StoreFront

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information During the initial setup of Receiver StoreFront server on either deployment option, Single or...

CVE-2021-21336

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

The vulnerability of the Dovecot mail server, related to incorrect validation of input data, allows a hacker to cause malfunctions in the authentication service.

The vulnerability of the Dovecot mail server is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to cause malfunctions in the authentication service by sending a specially formatted NTLM request...

CVE-2020-27121

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...

Race condition

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...

CVE-2020-27121 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...

CVE-2020-27121 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...

Vulnerabilities fixed in Cisco Unified Communications Manager

Due to a vulnerability in Cisco Unified Communications Manager -software, an authenticated remote malicious party could cause the Cisco XCP Authentication Service on an affected device to be restarted, resulting in a Denial-of-Service DoS. Cisco has released an update to fix the vulnerability. Mo...

CVE-2020-27121

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...