Application Security Posture Management

Accelerating the Remediation of Vulnerabilities From Code To Cloud Written by Eric Sheridan, Chief Innovation Officer, Tromzo In this guest blog post by Eric Sheridan, Chief Innovation Officer at valued Rapid7 partner Tromzo, you’ll learn how Rapid7 customers can utilize ASPM solutions to...

What’s New in Rapid7 Products & Services: 2023 Year in Review

Throughout 2023 Rapid7 has made investments across the Insight Platform to further our mission of providing security teams with the tools to proactively anticipate imminent risk, prevent breaches earlier, and respond faster to threats. In this blog you'll find a review of our top releases from th...

VulnCheck KEV: CVE-2022-31704

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution...

VulnCheck KEV: CVE-2022-31706

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution...

VulnCheck KEV: CVE-2022-31711

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication...

VMware vRealize Network Insight (vRNI) Multiple Vulnerabilities (VMSA-2022-0031)

According to its self-reported version, the instance of VMware vRealize Network Insight running on the remote web server is affected by multiple vulnerabilities: - vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2023-3244)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-22523

This vulnerability, if exploited, allows an attacker to perform privileged RCE Remote Code Execution on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application formerly known as Insight Discovery and the Assets Discovery agent...

ai.tripl:arc-elasticsearch-pipeline-plugin_2.11 (>=1.0.0 <=1.1.1), ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14) +12 more potentially affected by CVE-2023-46674 via org.elasticsearch:elasticsearch-hadoop (>=1.2.0 <=7.0.1)

org.elasticsearch:elasticsearch-hadoop MAVEN version =1.2.0, =1.0.0, =0.0.13, =1.13.3, =0.1.1, =0.1.1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =1.1.0.Beta1, =7.1.0.fuse-047, =7.1.0.fuse-047, =7.2.0.redhat-060 Source cves: CVE-2023-46674 Source advisory: OSV:GHSA-RV74-M283-5J95...

PT-2023-8709 · Zyxel · Zyxel Usg Flex Series +3

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.37 Patch 1 Zyxel USG FLEX series versions 4.50 through 5.37 Patch 1 Zyxel USG FLEX 50W series versions 4.16 through 5.37 Patch 1 Zyxel USG20W-VPN series versions 4.16 through 5.37 Patch 1 Zyxel USG FLE...

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...

Hive Pro and ICS Arabia announce strategic partnership to enhance the reach of Threat Exposure Management to Smart Cities and Digital Infrastructure

HERNDON, VA., Nov. 28, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, announced a strategic partnership with ICS Arabia, a front-runner in the development of Smart Cities and Digital Infrastructure in the Kingdom of Saudi Arabia and the Middle East. This partnership heralds a...

SUSE: Security Advisory (SUSE-SU-2023:4591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Building our Team in Prague: Meet Martin Votruba

From developing driver-assistance software for a luxury car brand to jumping on board an NFT startup, Martin Votruba, Lead Software Engineer, is not one to shy away from a challenge. In September of 2023, joined Rapid7 as the first hire in its new Prague office. Martin is leveraging Rapid7’s...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

aadetools (>=0.0.3 <=0.0.5), adversarial-insight-ml (=0.1.0) +311 more potentially affected by CVE-2023-5752 via pip (>=10.0.0b2 <=23.2.1)

pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =1.8.15, =1.8.17, =0.1.0, =0.2.3, =1.8.14, =2022.7.7, =2.0.3, =1.2.0, =1.3.0 - ak-sw-benchmarker =0.0.9 and more Source cves: CVE-2023-5752 Source advisory: OSV:PYSEC-2023-228...

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

VMWare Aria Operations for Networks vRealize Network Insight versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" root user. Module Options msf...

VMWare Aria Operations For Networks SSH Private Key Exposure Exploit

VMWare Aria Operations for Networks vRealize Network Insight versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" root user. This module requir...

aaronblaser-sdk (>=1.0.0 <=1.0.1), actoolkit (>=2.6.4 <=2.6.10) +300 more potentially affected by CVE-2023-45803 via urllib3 (>=2.0.0 <=2.0.6)

urllib3 PYPI version =2.0.0, =1.0.0, =2.6.4, =0.0.1, =0.1.1, =0.5.0, =0.1.23, =0.4.3, =0.0.1b0, =0.4.1, =0.5.5 - amplitude-data-wrapper =0.4.1 and more Source cves: CVE-2023-45803 Source advisory: OSV:PYSEC-2023-212...

Input validation

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized...