140 matches found
CVE-2022-39366 DataHub missing JWT signature check
DataHub is an open-source metadata platform. Prior to version 0.8.45, the StatelessTokenService of the DataHub metadata service GMS does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This...
CVE-2022-39366
DataHub (GMS) prior to 0.8.45 uses StatelessTokenService that calls JwtParser.parse without cryptographic signature verification, enabling potential authentication bypass by accepting JWTs regardless of signature. A patch exists in 0.8.45; no public workarounds are noted. Affected component: Data...
CVE-2022-39366 DataHub missing JWT signature check
DataHub is an open-source metadata platform. Prior to version 0.8.45, the StatelessTokenService of the DataHub metadata service GMS does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This...
PT-2022-15997 · Openstack +3 · Openstack-Barbican +3
Name of the Vulnerable Software and Affected Versions: openstack-barbican affected versions not specified Description: An authorization flaw was found in the default policy rules for the secret metadata API, allowing any authenticated user to add, modify, or delete metadata from any secret...
Virtuozzo Hybrid Infrastructure 4.7 Update 1.2
This update provides a stability fix for the metadata service. Vulnerability id: VSTOR-49572 A stability fix for the metadata service...
Palo Alto Networks GlobalProtect 安全漏洞
Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect that allows an attacker with authenticated access to the...
CVE-2021-29954
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud mozillareality/reticulum/1.0.1/20210428201255...
Design/Logic Flaw
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud mozillareality/reticulum/1.0.1/20210428201255...
Microsoft Azure Virtual Machine信息泄露漏洞(CVE-2021-27075)
CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data Written by Paul Litvak - 11 May 2021 In this post I will explain how the Microsoft Azure Virtual Machine VM extension works and how we found a fatal vulnerability in the extension mechanism affectin...
Insecure Proxy Configuration in Hubs Cloud Reticulum — Mozilla
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service...
The vulnerability of Microsoft Azure Kubernetes operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of Microsoft Azure Kubernetes operating system-related to Windows is related to information disclosure. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through a specially crafted IMDS request...
PT-2021-1676 · Microsoft · Azure Active Directory
Name of the Vulnerable Software and Affected Versions: Azure Active Directory affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Azure Active Directory Pod Identity service. It may allow an attacker to gain unauthorized access to...
Vulnerability fixed in Microsoft Azure Active Directory Pod Identity
There is a vulnerability in Azure Active Directory AAD Pod Identity. The vulnerability allows a malicious person to impersonate another user. The AAD pod identity allows users to assign identities to pods in Kubernetes clusters by querying them with regular Azure Instance Metadata Services IMDS...
August 30, 2018—KB4343884 (OS Build 14393.2457)
August 30, 2018—KB4343884 OS Build 14393.2457 Windows 10, version 1607, reached end of service on April 10, 2018. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats.To continue...
Kubernetes: Man in the middle leading to root privilege escalation using hostNetwork=true (CAP_NET_RAW considered harmful)
Summary: CAPNETRAW capability is still included by default in K8S, leading to yet another attack. An attacker gaining access to a hostNetwork=true container with CAPNETRAW capability can listen to all the traffic going through the host and inject arbitrary traffic, allowing to tamper with most...
Product release: Virtuozzo Infrastructure Platform 3.5 Update 3 Hotfix 2 (3.5.3-25)
This update provides a stability fix for the metadata service. Vulnerability id: VSTOR-32856 Unreadable files may be created when using erasure coding during the upgrade from version 3.0 to 3.5...
Product release: Virtuozzo Infrastructure Platform 3.5 Update 2 Hotfix 2 (3.5.2-39)
This update provides a stability fix for the metadata service. Vulnerability id: VSTOR-32856 Unreadable files may be created when using erasure coding during the upgrade from version 3.0 to 3.5...
Product release: Virtuozzo Infrastructure Platform 3.5 Update 2 Hotfix 1 (3.5.2-35)
This update provides a stability fix for the metadata service. Vulnerability id: VSTOR-30452 The metadata service may restart after the upgrade from version 3.0 to 3.5...
The AWS metadata service SSRF vulnerability analysis-vulnerability warning-the black bar safety net
One, Foreword Recently I was busy with a small project, to study how the Docker container executing untrusted Python code. According to the project requirements, I need to test more online code execution engine, research them on the various attacks of the reaction. In the research process, I foun...
Gather AWS EC2 Instance Metadata
This module will attempt to connect to the AWS EC2 instance metadata service and crawl and collect all metadata known about the session'd host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...