94 matches found
Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass
Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass INTRODUCTION Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, g...
OpenVPN < 2.0.1 Multiple Vulnerabilities (Windows)
According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.0.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in OpenVPN due to its OpenSSL error queue not being flushed properly...
VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) SAML Authentication Bypass Vulnerability
VMware Workspace ONE Unified Endpoint Management Console is a console product from VMware. A SAML authentication bypass vulnerability exists in the VMware Workspace ONE Unified Endpoint Management Console AirWatch Console, which could allow an attacker to emulate an authorized SAML session if...
CVE-2018-6979
The VMware Workspace ONE Unified Endpoint Management Console A/W Console 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerabili...
Authentication flaw
The VMware Workspace ONE Unified Endpoint Management Console A/W Console 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerabili...
VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) updates resolve SAML authentication bypass vulnerability
The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...
VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability
The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...
"Attach a Smart Card Reader and Insert Your Smart Card to Log On" When Using Certificate Based Authentication in Native Receiver
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. "Attach a Smart Card Reader and Insert Your Smart Card to Log On" when using certificate based...
Granular sudo Permissions for Management of Veeam Agent for Linux Deployments
More Secure Alternative Starting in Veeam Backup & Replication v12.1, it is now possible to deploy Veeam Agent for Linux using pre-installed Veeam Deployer Service and add that machine to a Protection Group using certificate-based authentication instead of credentials. Using this method, no...
XenMobile: How to migrate the Cert Based Auth from existing CA to a new PKI-Infrastructure (With a new Root CA and Issuing CA)?
Existing working two-factor-authentication for XenMobile using cert based auth as the second factor are XenMobile-certificates that are issued by a Windows Enterprise Root CA. This Root CA will be decommissioned and replaced by a new Windows Enterprise Issuing CA that is signed by a new Root CA...
Design/Logic Flaw
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...
CVE-2017-3962 McAfee Network Security Management (NSM) - Password recovery exploitation vulnerability
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...
Binary Whitelisting Blacklisting System for macOS: Santa
Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a...
McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)
The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.599.3. It is, therefore, affected by a flaw in the non-certificate-based authentication mechanism that is triggered during the handling of HTTP backend-responses. This may allow a man-in-the-middle...
CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...
Cert Based Authentication + LDAP Enrollment failing for Cloud connector- XenMobile Setup
Under PKI entities, the test connectivity is failing for the CA server XenMobile Debug Logs : 2017-02-06T15:30:57.847+0000 | 200B97A4C77E1C34 | ERROR | http-nio-14443-exec-61 | com.sparus.nps.pki.connector.MsCertSrvConnector |TestConnection to pki url certnew.cer failed with response Headers:...
CVE-2017-2309
On Juniper Networks Junos Space versions prior to 16.1R1 when certificate based authentication is enabled for the Junos Space cluster, some restricted web services are accessible over the network. This represents an information leak risk...
CVE-2017-2309
Affected product: Juniper Networks Junos Space (versions prior to 16.1R1). Vulnerability: Information disclosure due to certificate-based authentication enabling access to restricted web services over the network. Impact: Confidentiality impact is high; information leak risk reported. Status/reme...
UBUNTU-CVE-2017-6590
An issue was discovered in network-manager-applet aka network-manager-gnome in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation...
How to Configure Certificate Based Authentication for Citrix Endpoint Management
The primary intent of this article is to provide steps on how an admin can enable certificate based authentication for Citrix Endpoint Management...