SurrealDB is Vulnerable to Unauthorized Data Exposure via LIVE Query Subscriptions

LIVE SELECT statements are used to capture changes to data within a table in real time. Documents included in WHERE conditions and DELETE notifications were not properly reduced to respect the querying user's security context. Instead the leaked documents reflect the context of the user triggerin...

PT-2025-39636

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A flaw exists in the live query subscription mechanism of the database engine. This allows record or guest users to observe unauthorized records within the same table, bypassing access controls. This is achiev...

PT-2022-20537 · Unknown · Parse Server

Name of the Vulnerable Software and Affected Versions: Parse Server affected versions not specified Description: The issue concerns Parse Server LiveQuery, which in affected versions does not remove protected fields in classes, passing them to the client. This has been addressed by the...

Querying Windows Event Logs for Faster Investigation and Response

With this week’s release on the VMware Carbon Black Cloud, users can now remotely inspect Windows devices’ event logs to pull back information that could be helpful during an investigation or response scenario. This new capability comes as part of an update to the Live Query functionality provide...

GHSA-2XM2-XJ2Q-QGPJ receiving subscription objects with deleted session

Original Message: Hi, I create objects with one client with an ACL of all users with a specific column value. Thats working so far. Then I deleted the session object from one user to look if he can receive subscription objects and he can receive them. The client with the deleted session cant crea...

receiving subscription objects with deleted session

Original Message: Hi, I create objects with one client with an ACL of all users with a specific column value. Thats working so far. Then I deleted the session object from one user to look if he can receive subscription objects and he can receive them. The client with the deleted session cant crea...

PT-2020-14328 · Parse · Parse Server

Name of the Vulnerable Software and Affected Versions: Parse Server versions 4.3.0 Description: The issue allows clients with expired sessions to still receive subscription objects because Parse Server broadcasts events to all clients without checking if the session token is valid. It is not...

Carbon Black EDR’s All-New Live Query Capability and Enhanced Fileless Visibility

VMware Carbon Black is excited to announce that VMware Carbon Black EDR formerly CB Response, recently named by Gartner as a 2020 Customers’ Choice for Endpoint Detection and Response solutions, now features enhanced insight into fileless activity via Microsoft’s AMSI and a brand new Live Query...

Using Live Query to Audit Your Environment for the Windows CryptoAPI Spoofing Vulnerability

This week, as part of its monthly patch Tuesday release, Microsoft disclosed an important security vulnerability CVE-2020-0601 affecting millions of Windows 10 and Windows Server 2016 & 2019 systems. More specifically, this vulnerability is a result of the way Windows CryptoAPI validates Elliptic...

How CB LiveOps Enhances Your Security

If you’re using Carbon Black products, you are already familiar with the actionable insights they provide. Whether you’re doing root cause analysis or setting up policies around what applications are allowed to run on your machines, Carbon Black gives you the tools you need to understand and take...

Register for #CBConnect19 in San Diego Using Code SOCIAL50 to Receive 50% Off

In two months, hundreds of security professionals will gather in San Diego for two days of discussion around the future of endpoint security at CB Connect 2019. The event will take place at Hotel Del Coronado June 4-5 with sweeping views of Coronado beach where attendees will hear from robust...

How Live Query Will Change The Way You Do Vulnerability Management

It’s no secret that, without the right set of tools, vulnerability management can be tedious and exhausting. With slow, manual processes it can take weeks to identify and remediate issues. And the work itself is often dull, sifting and searching without yielding real results. Live Query...