844 matches found
Build-Your-Own Data Masking. Yes or No?
A lot of organizations are taking great strides to protect their sensitive data with a multi-layered strategy—one that includes data masking. We’ve even seen many tackling this critical data security component in DIY fashion, often tasking one resource with developing and implementing scripts to...
Cisco HyperFlex System system logging information disclosure vulnerability
Cisco HyperFlex System is the United States Cisco Cisco a data platform equipment. system logging is one of the system logger. An information disclosure vulnerability exists in system logging on the Cisco HyperFlex System, which arises from the program's failure to properly mask sensitive...
CVE-2017-12315
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
CVE-2017-12315
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
Cisco HyperFlex System Authenticated Information Disclosure Vulnerability
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...
Apache Hive Information Disclosure Vulnerability
Apache Hive is a set of Hadoop Distributed Systems Infrastructure based data warehouse software from the Apache Apache Software Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...
Code injection
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...
CVE-2017-12625
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...
CVE-2017-12625
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...
CVE-2017-12625
The CVE-2017-12625 issue affects Apache Hive: versions 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface for defining masking policies on tables/views (e.g., via Apache Ranger). Root cause: when a view is created over a table, policy enforcement is not correctly a...
Information Disclosure
Apache Hive Query Language is vulnerable to information disclosure. The vulnerability is possible because it does not enforce the policy to restrict users from creating views on tables with column masking rules defined...
Password Masking
Slashdot asks if password masking -- replacing password characters with asterisks as you type them -- is on the way out. I don't know if that's true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in...
Static Versus Dynamic Data Masking
Most participants in the trench warfare of IT security agree that the best way to protect data is to apply a layered approach to security. Data masking is a security and privacy enhancing technology recommended by industry analysts as a must-have data protection layer. While terminology varies...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software is related to the use of memory after it is freed, caused by multiple masking of screen objects. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Data Anonymization: Motivation and Mechanics
Data is one of the most valuable assets a company has in its possession. And while it may not be listed as a line item on the balance sheet, when a company’s data is breached it can have a very negative impact on the bottom line—in a company’s stock price, reputation and brand. One approach to...
flash-plugin: multiple code execution issues fixed in APSB17-15
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
[ASA-201705-8] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201705-8 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : flashplugin Type : arbitrary code execution Remote : Yes Li...