The vulnerability of the Non-Stop Routing (NSR) mechanism in Juniper Networks’ Junos and JunOS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Non-Stop Routing NSR mechanism in Juniper Networks’ Junos and JunOS Evolved operating systems is related to improper handling of exceptional states during the processing of BGP messages with the AS Path attribute. Exploiting this vulnerability can allow a malicious actor ...

CLSA-2023-1697816189 Fix CVE(s): CVE-2023-41360, CVE-2023-41358

SECURITY UPDATE: bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation - debian/patches/CVE-2023-41360.patch: don't read the first byte of ORF header if we are ahead of stream. - CVE-2023-41360 SECURITY UPDATE: bgpd/bgppacket.c processes NLRIs if the attribu...

The vulnerability of the Web UI component of the Oracle Enterprise Communications Broker session manager and the Oracle Enterprise Session Border Controller application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web UI component of the Oracle Enterprise Communications Broker session manager and the Oracle Enterprise Session Border Controller application is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to...

CVE-2023-22083

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

Design/Logic Flaw

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

CVE-2023-22083

CVE-2023-22083 pertains to Oracle’s Enterprise Session Border Controller (ESBC) Web UI. The issue, affecting ESBC versions 9.0–9.2, arises from insufficient input validation in the Web UI. An unauthenticated attacker who can reach the ESBC over HTTPS can trigger a read access to a subset of data,...

The benefits of using the new Data Privacy Framework

After the Schrems II ruling by the Court of Justice of the European Union, legal cross-border transfers of personal data from the EU to the U.S. became a key issue for U.S. businesses. After years of negotiations with the EU, the EU and U.S. have developed and agreed upon an adequate system for...

USN-6432-1 quagga vulnerabilities

It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of...

Oracle Communications Security Vulnerability

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation. A security vulnerability exists in Oracle Communications' Oracle Enterprise Session Border...

PT-2023-6205 · Oracle · Oracle Enterprise Session Border Controller

Name of the Vulnerable Software and Affected Versions: Oracle Enterprise Session Border Controller versions 9.0 through 9.2 Description: The issue is related to insufficient input validation in the Web UI component. It allows an unauthenticated attacker with network access via HTTPS to compromise...

CVE-2023-44185

An Improper Input Validation vulnerability in the routing protocol daemon rpd of Juniper Networks allows an attacker to cause a Denial of Service DoS to the device upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet. Continued receipt of this packet will cause a sustained...

Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved

Vulnerabilities have been fixed in Juniper Junos OS and Junos OS Evolved. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Accessing system data Junipe...

CVE-2023-44186

An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service DoS. Continued receipt and...

frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

CVE-2023-36619

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...

CVE-2023-36618

Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users...