9 matches found
Configure the Default Policies of iptables to DROP Properly
Generally, iptables policies can be configured in allowlist or blocklist mode. You are advised to configure iptables policies in allowlist mode. Connections that do not comply with the rules in the allowlist are prohibited. Therefore, you can configure the DROP or REJECT policy for the INPUT,...
Configure the Default Policies of nftables to DROP Properly
For security purposes, the nftables base chains INPUT, OUTPUT, and FORWARD are similar to those of iptables. You need to configure the DROP policy for all packets, and then add the ACCEPT policy to the base chains to open related services and ports. If the base chains are not configured or the ho...
CVE-2024-20279
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service QoS policies, on an affected system. This...
PT-2024-5854 · Cisco · Cisco Application Policy Infrastructure Controller
Name of the Vulnerable Software and Affected Versions: Cisco Application Policy Infrastructure Controller APIC affected versions not specified Description: A vulnerability in the restricted security domain implementation could allow an authenticated, remote attacker to modify the behavior of...
Cisco Application Policy Infrastructure Controller 安全漏洞
Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. The Cisco Application Policy Infrastructure Controller suffers from an Access Control Error vulnerability that stems from improper access control when using...
PT-2023-30523 · Datahub · Datahub
Name of the Vulnerable Software and Affected Versions: DataHub versions prior to 0.12.1 Description: The issue concerns an open-source metadata platform where sign-up through an invite link does not properly restrict users from signing up as privileged accounts. If a user is given an email sign-u...
Feature and Permission Policies. Security issues
Introduction In order to help enhance the user experience of their site, companies may ask to use features of your browser, such as geolocation or notifications to produce a more tailored experience. Web site developers may configure the site or allow third-party content, loaded in frames, to use...
PT-2014-3512 · Openstack +1 · Openstack Compute +1
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions 2013.1 through 2013.2.3 OpenStack Compute Nova icehouse before icehouse-rc2 Description: The issue concerns the Nova EC2 API security group implementation, which fails to enforce Role-Based Access Control RBAC...
Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy
source: https://www.securityfocus.com/bid/9444/info It has been reported that multiple JDBC database implementations include insecure default security policies. This could expose vulnerable databases to denial of service attacks. This could also permit remote attackers to execute arbitrary comman...