The vulnerability of Huawei’s mobile phone software, related to authentication errors, allows attackers to bypass the digital balance limit.

The vulnerability of Huawei’s mobile phone software relates to authentication errors. Exploiting this vulnerability could allow a hacker to bypass the digital balance limit...

The vulnerability of the Azure Network Watcher Agent’s performance monitoring service, related to authentication errors, allows a perpetrator to circumvent existing security restrictions.

The vulnerability of the Azure Network Watcher Agent’s performance monitoring service is related to authentication errors. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

The vulnerability of the Linux operating system’s Bluetooth Low Energy driver allows attackers to gain increased privileges.

The vulnerability of the Linux operating system’s Bluetooth Low Energy driver is related to errors during authentication processes. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

The vulnerability of the Controller File System Handler component in the Jenkins OpenShift Deployer Plugin allows a hacker to bypass established security restrictions and escalate their privileges.

The vulnerability of the Controller File System Handler component in the Jenkins OpenShift Deployer Plugin is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass established security restrictions and escalate their privileges...

The vulnerability in the web interface for managing the Cisco AsyncOS operating system of the Cisco Email Security Appliance (ESA) security email system, the Cisco Secure Email and Web Manager content protection device, and the Cisco Secure Web Appliance (formerly Cisco Web Security Appliance (WSA)) web gateway allows a perpetrator to expose protected information.

The vulnerability in the web interface for controlling the Cisco AsyncOS operating system of the Cisco Email Security Appliance ESA, the Cisco Secure Email and Web Manager, and the Cisco Secure Web Appliance formerly Cisco Web Security Appliance WSA relates to authentication errors. Exploiting th...

The vulnerability of the Jenkins OpenShift Deployer Plugin, related to authentication errors, allows attackers to circumvent existing security restrictions and increase their privileges.

The vulnerability of the Jenkins OpenShift Deployer Plugin is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions and gain increased privileges...

The vulnerability of the Node.js software platform, related to errors in the implementation of authentication procedures, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Node.js software platform is related to errors in the implementation of authentication procedures. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by the system...

The vulnerability of the MIFF component of the cross-platform library for working with GraphicsMagick allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the MIFF component in the cross-platform library for working with GraphicsMagick is related to authentication errors. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Microsoft Endpoint Configuration Manager software for managing network devices allows a hacker to execute a spear-phishing attack and gain access to sensitive information, due to errors during the authentication process using Kerberos with NTLM.

The vulnerability of the Microsoft Endpoint Configuration Manager software for managing network devices is related to errors that occur during the authentication process using Kerberos and NTLM. Exploiting this vulnerability allows an attacker to execute a spear-phishing attack and gain access to...

The vulnerability of the busybox wget component in the UNIX command-line utilities of BusyBox allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the busybox wget component in the UNIX command-line utilities package is related to authentication process errors. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Application Business Partner Extension component of the SAP S/4HANA software platform allows attackers to enhance their privileges.

The vulnerability of the Application Business Partner Extension component of the SAP S/4HANA software platform is related to authentication errors. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability of the Build Handler component of the Jenkins Git plugin, related to authentication errors, allows a hacker to circumvent established security restrictions and gain increased privileges.

The vulnerability of the Build Handler component in the Jenkins Git plugin is related to authentication errors. Exploiting this vulnerability allows a malicious actor to bypass established security restrictions and gain increased privileges...

The vulnerability of SAP Enterprise Extension Defense Forces & Public Security software, related to authentication errors, allows a perpetrator to increase their privileges.

The vulnerability of SAP Enterprise Extension Defense Forces & Public Security software is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Rsync file transfer and synchronization utility, related to authentication errors, allows a perpetrator to write arbitrary files.

The vulnerability of the Rsync file transfer and synchronization utility is related to authentication errors. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

The vulnerability of the HPE OneView IT infrastructure management system, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the HPE OneView IT infrastructure management system is related to authentication errors. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

The vulnerability of the monitoring tool for VMware vRealize Operations, related to authentication errors, allows a perpetrator to create a user with administrative privileges.

The vulnerability of the monitoring tool for VMware vRealize Operations is related to authentication errors. Exploiting this vulnerability could allow a malicious actor to create a user with administrative privileges...

The vulnerability of the client’s HTTP library, OKHttp Square, related to authentication process errors allows attackers to circumvent existing security restrictions and execute “man-in-the-middle” attacks.

The vulnerability of the client’s HTTP library, OKHttp Square, is related to errors in the certificate authentication process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute a type of “man-in-the-middle” attack...

The vulnerability of the Samba network file system, related to errors during authentication procedures, allows a perpetrator to change the password of an arbitrary user and gain full access to that user’s account.

The vulnerability of the Samba network file system is related to errors during authentication procedures. Exploiting this vulnerability allows a malicious actor, operating remotely, to alter the password of an arbitrary user and gain full access to the account...

The vulnerability of the web server of the cross-platform solution for managing mobile devices by FileWave, related to errors during authentication procedures, allows a hacker to gain full access to the platform.

The vulnerability of the FileWave cross-platform server for managing mobile devices is related to errors during the authentication process. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full access to the platform...

PT-2022-3853 · Filewave · Filewave

Name of the Vulnerable Software and Affected Versions: FileWave versions prior to 14.6.3 FileWave versions 14.7.x prior to 14.7.2 Description: The issue is related to errors during the authentication procedure in the FileWave platform, which is a cross-platform solution for mobile device...