46 matches found
GHSA-C25H-C27Q-5QPV Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Impact The LDAP testing endpoint allows to change the Connection URL independently of and without having to re-enter the currently configured LDAP bind credentials. An attacker with admin access permission manage-realm can change the LDAP host URL "Connection URL" to a machine they control. The...
PT-2024-7256 · 1с · Bitrix24 +1
Name of the Vulnerable Software and Affected Versions: 1C-Bitrix Bitrix24 version 23.300.100 Description: The issue is related to insufficiently protected credentials in AD/LDAP server settings, allowing remote administrators to send AD/LDAP administrators' account passwords to an arbitrary serve...
GatesAIr Flexiva FM Transmitter Security Vulnerability
GatesAIr Flexiva FM Transmitter is an FM platform from GatesAIr, Inc. A security vulnerability exists in the GatesAIR Flexiva FM Transmitter/Exciter Fax 150W that could allow a remote attacker to gain privileges via LDAP and SMTP credentials...
The vulnerability of the samba-tool utility in the Samba networking communication software package allows a hacker to gain unauthorized access to the device.
The vulnerability of the samba-tool tool in the Samba networking software package is related to the transmission of credentials in an unencrypted form when working with an LDAP server. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the device...
The vulnerability of Fortinet FortiOS operating systems arises from the incorrect assignment of permissions to critical resources, allowing attackers to obtain login credentials for accessing the LDAP server.
The vulnerability of Fortinet FortiOS operating systems is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain login credentials for accessing the LDAP server through a specially crafted...
CVE-2022-42132
The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, whic...
IGEL Universal Management Suite 安全漏洞
The IGEL Universal Management Suite IGEL UMS is a single management solution from IGEL Germany. It can be used for up to tens of thousands of endpoints running IGEL OS. A security vulnerability exists in IGEL Universal Management Suite UMS version 6.07.100, which originates from the transmission ...
CVE-2021-41019
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
CVE-2021-3825
On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP credentials...
Tubitak Ulakbim LiderAhenk Software 访问控制错误漏洞
Tubitak Ulakbim LiderAhenk Software is an open source software system from the Turkish National Center for Academic Networks and Knowledge Tubitak Ulakbim company. It is used for centralized management, monitoring and control of systems and users on corporate networks. A security vulnerability...
PT-2021-22011
Name of the Vulnerable Software and Affected Versions: LiderAhenk software Lider module versions 2.1.15 and below Description: The issue is related to the Lider module in LiderAhenk software, where configurations are leaked via an unsecured API. An attacker with access to the configurations API...
CVE-2021-21558
Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the...
Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...
Unspecified Vulnerability in McAfee Data Loss Prevention
McAfee Data Loss Prevention DLP is a data loss prevention suite from McAfee, Inc. that includes components such as McAfee DLP Monitor, McAfee DLP Endpoint, and other features such as event management and reporting, and synchronization of local and cloud DLP policies. A security vulnerability exis...
CVE-2020-13793
Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key...
Sonatype Nexus Repository Manager Information Disclosure Vulnerability (CNVD-2020-33469)
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype NXRM version 2.x prior to 2.14.17 and version 3.x prior to 3.22.1. An attacker can exploit the...
CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers
The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...
TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...
CVE-2019-3394
There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under /confluence/WEB-INF directory, which may contain configuration...
PT-2019-12182 · Tibco · Tibco Spotfire Statistics Services
Name of the Vulnerable Software and Affected Versions: TIBCO Spotfire Statistics Services versions up to and including 7.11.1 TIBCO Spotfire Statistics Services version 10.0.0 Description: The web interface component of TIBCO Spotfire Statistics Services contains an issue that could allow an...