CVE-2017-17302

Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load some specific...

CVE-2017-17302

Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load some specific...

GitLab: Removing a user from a private group doesn't remove him from group's project, if his project's role was changed

Summary: a rogue user is added to a private group with dozen of projects b The role in some projects is changed for the rogue user c rogue is fired, and removed from the group: he still has access to projects where his role was changed Description: the b can happen for a lot of different reasons:...

Debian: Security Advisory (DLA-977-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory leak vulnerability in multiple Huawei products (CNVD-2018-02542)

Huawei DP300, RP200, TE series, etc. are all-in-one desktop SmartZen and all-in-one video conferencing terminal products of Huawei China Company. A memory leak vulnerability exists in several Huawei products due to a failure of the device to properly free allocated memory. A local attacker with...

IBM Curam Social Program Management Privilege Gain Vulnerability

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A security vulnerability exists in IBM Curam SPM. An attacker could exploit the vulnerability to revoke applications...

DEBIAN-CVE-2014-3250

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...

UBUNTU-CVE-2014-3250

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...

Pivotal Cloud Foundry cf-release and UAA denial of service vulnerabilities

Pivotal Cloud Foundry CF is a suite of open source Platform-as-a-Service PaaS cloud computing platforms from Pivotal Software in the United States, which provides features such as container scheduling, continuous delivery, and automated service deployment. cf-release is a release of PCF. uaa is a...

Uber: The Microsoft Store Uber App Does Not Implement Server-side Token Revocation

Summary The Microsoft Store Uber App Windows Phone Architecture does not properly revoke or expire a rider's x-uber-token upon app signout. Security Impact When a user logs out/signs off of the app, the logout process is handled only locally on the application side, and without any type of...

CVE-2017-8031

An issue was discovered in Cloud Foundry Foundation cf-release all versions prior to v279 and UAA 30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1. In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for other...

CVE-2017-8031

An issue was discovered in Cloud Foundry Foundation cf-release all versions prior to v279 and UAA 30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1. In some cases, the UAA allows an authenticated user for a particular client to revoke client tokens for other...

CVE-2017-8031

The CVE-2017-8031 entry concerns Cloud Foundry cf-release and UAA. Affected products: cf-release (all versions before v279) and UAA (30.x before 30.6; 45.x before 45.4; 52.x before 52.1). Issue: an authenticated user for a given client can revoke client tokens belonging to other users on the same...

Denial Of Service (DoS) Through Token Revocation

CloudFoundry User Account and Authentication UAA is vulnerable to denial of service DoS attacks. The checktoken endpoint does not validate the clientId when revoking opaque or JWT client tokens, allowing a malicious user to revoke another user's token...

CVE-2017-8031: UAA Denial of Service through client token revocation endpoint | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions cf-release All versions prior to v279 UAA 30.x versions prior to 30.6 45.x versions prior to 45.4 52.x versions prior to 52.1 Description In some cases, the UAA allows an authenticated user for a particul...

Reusable Refresh Tokens

Keycloak services has resuable refresh tokens. If an attacker using a pre-compromised system creates a refresh token pair, this token can be used indefinitely regardless of permission revocation...

CVE-2017-12160

It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself...

CVE-2017-12160

It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself...

CVE-2017-12160

CVE-2017-12160 affects Keycloak-based Red Hat Single Sign-On (rh-sso7-keycloak). The flaw in the OAuth flow permits an authenticated resource to obtain an access/refresh token pair from the authentication server, enabling indefinite usage if permissions are revoked. An attacker on a already-compr...

CVE-2017-12160

It was found that Keycloak oauth would permit an authenticated resource to obtain an access/refresh token pair from the authentication server, permitting indefinite usage in the case of permission revocation. An attacker on an already compromised resource could use this flaw to grant himself...