Cisco Business Process Automation 信任管理问题漏洞

Cisco Business Process Automation BPA solves customers' configuration change management challenges with an innovative, scalable, microservices-based platform with an embedded workflow engine. An elevation of privilege vulnerability exists in the Web management interface of Cisco Business Process...

PT-2021-3492 · Cisco · Cisco Business Process Automation

Name of the Vulnerable Software and Affected Versions: Cisco Business Process Automation affected versions not specified Description: The issue is related to improper authorization enforcement in the web-based management interface, allowing an authenticated, remote attacker to elevate privileges ...

IBM App Connect Enterprise 日志信息泄露漏洞

IBM App Connect Enterprise is an operating system from IBM Corporation of the U.S.A. IBM App Connect Enterprise combines existing industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technologies to IBM App Connect Enterprise combines existing...

OAUTH: " Failed to login the user due to insufficient claims. Please contact your administrator"

Customer has configured Citrix Gateway as OAuth IDP with Workspace in Cloud and after user authentication is completed, users were getting the error as shown below " Failed to login the user due to insufficient claims. Please contact your administrator" The Attributes sent by Citrix Gateway OAuth...

SUSE-SU-2021:14753-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: golang-github-wrouesnel-postgresexporter: - Add support for aarch64 mgr-cfg: - SPEC: Updated Python definitions for RHEL8 and quoted text comparisons. mgr-custom-info: - Update package version to 4.2.0 mgr-daemon: - Update translation strings - Update the...

CVE-2021-34546

An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...

CVE-2021-3039

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...

Design/Logic Flaw

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...

CVE-2021-3039

CVE-2021-3039 affects Palo Alto Networks Prisma Cloud Compute Console. The issue is an information exposure where a secret used to authorize the authenticated user’s role is logged to a debug log file, enabling an authenticated Operator or Auditor with log access to potentially elevate to Adminis...

CVE-2021-3039 Prisma Cloud Compute: User role authorization secret for Console leaked through log file export

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...

GitLab Information Disclosure Vulnerability (CNVD-2021-40766)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

Prisma Cloud Compute: User role authorization secret for Console leaked through log file export

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...

CVE-2021-31954

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2021-31954

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

Privilege escalation

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2021-31954

CVE-2021-31954 is a Windows CLFS driver elevation-of-privilege vulnerability. The affected component is the Windows Common Log File System Driver, and the CVSS vectors indicate LOCAL attack vector with LOW attack complexity and privileges required (LOW), no user interaction, and total impact on c...

CVE-2021-31954 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2021-31954 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

Windows Common Log File System Driver 权限许可和访问控制问题漏洞

Microsoft Windows is a desktop operating system from the U.S. company Microsoft. A security vulnerability exists in the Windows Common Log File System Driver. The following products and editions are affected: Windows 10 Version 1909 for x64-based Systems,Windows 10 Version 1909 for ARM64-based...