Lucene search
K

94 matches found

Microsoft KB
Microsoft KB
added 2020/04/23 12:0 a.m.52 views

Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass

Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass INTRODUCTION Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, g...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/17 12:0 a.m.27 views

OpenVPN < 2.0.1 Multiple Vulnerabilities (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.0.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in OpenVPN due to its OpenSSL error queue not being flushed properly...

5CVSS5.6AI score0.02738EPSS
Exploits0References5
CNVD
CNVD
added 2018/10/08 12:0 a.m.10 views

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) SAML Authentication Bypass Vulnerability

VMware Workspace ONE Unified Endpoint Management Console is a console product from VMware. A SAML authentication bypass vulnerability exists in the VMware Workspace ONE Unified Endpoint Management Console AirWatch Console, which could allow an attacker to emulate an authorized SAML session if...

7.4CVSS7.5AI score0.01089EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/10/05 1:0 p.m.22 views

CVE-2018-6979

The VMware Workspace ONE Unified Endpoint Management Console A/W Console 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerabili...

7.4AI score0.01089EPSS
Exploits0References2
Prion
Prion
added 2018/10/05 12:29 p.m.14 views

Authentication flaw

The VMware Workspace ONE Unified Endpoint Management Console A/W Console 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerabili...

5.8CVSS7.3AI score0.01089EPSS
Exploits0References2Affected Software1
VMware
VMware
added 2018/10/04 12:0 a.m.548 views

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) updates resolve SAML authentication bypass vulnerability

The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...

5.8CVSS7.2AI score0.01089EPSS
Exploits0
VMware
VMware
added 2018/10/04 12:0 a.m.25 views

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability

The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...

5.8CVSS2AI score0.01089EPSS
Exploits0References2Affected Software1
Citrix
Citrix
added 2018/07/26 12:0 a.m.11 views

"Attach a Smart Card Reader and Insert Your Smart Card to Log On" When Using Certificate Based Authentication in Native Receiver

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. "Attach a Smart Card Reader and Insert Your Smart Card to Log On" when using certificate based...

7.2AI score
Exploits0
Veeam
Veeam
added 2018/07/02 12:0 a.m.58 views

Granular sudo Permissions for Management of Veeam Agent for Linux Deployments

More Secure Alternative Starting in Veeam Backup & Replication v12.1, it is now possible to deploy Veeam Agent for Linux using pre-installed Veeam Deployer Service and add that machine to a Protection Group using certificate-based authentication instead of credentials. Using this method, no...

7.1AI score
Exploits0Affected Software2
Citrix
Citrix
added 2018/06/19 12:0 a.m.9 views

XenMobile: How to migrate the Cert Based Auth from existing CA to a new PKI-Infrastructure (With a new Root CA and Issuing CA)?

Existing working two-factor-authentication for XenMobile using cert based auth as the second factor are XenMobile-certificates that are issued by a Windows Enterprise Root CA. This Root CA will be decommissioned and replaced by a new Windows Enterprise Issuing CA that is signed by a new Root CA...

7AI score
Exploits0
Prion
Prion
added 2018/06/12 2:29 p.m.16 views

Design/Logic Flaw

Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...

5CVSS9.4AI score0.00352EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/12 2:0 p.m.22 views

CVE-2017-3962 McAfee Network Security Management (NSM) - Password recovery exploitation vulnerability

Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes...

5.6CVSS9.5AI score0.00352EPSS
Exploits0References1
n0where
n0where
added 2018/05/02 10:27 p.m.23 views

Binary Whitelisting Blacklisting System for macOS: Santa

Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a...

0.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/09/28 12:0 a.m.49 views

McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)

The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.599.3. It is, therefore, affected by a flaw in the non-certificate-based authentication mechanism that is triggered during the handling of HTTP backend-responses. This may allow a man-in-the-middle...

9.8CVSS6.9AI score0.11679EPSS
Exploits4References4
Cvelist
Cvelist
added 2017/09/01 1:0 p.m.29 views

CVE-2017-3898

A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...

6AI score0.03176EPSS
Exploits2References1
Citrix
Citrix
added 2017/08/30 12:0 a.m.8 views

Cert Based Authentication + LDAP Enrollment failing for Cloud connector- XenMobile Setup

Under PKI entities, the test connectivity is failing for the CA server XenMobile Debug Logs : 2017-02-06T15:30:57.847+0000 | 200B97A4C77E1C34 | ERROR | http-nio-14443-exec-61 | com.sparus.nps.pki.connector.MsCertSrvConnector |TestConnection to pki url certnew.cer failed with response Headers:...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2017/05/30 2:0 p.m.24 views

CVE-2017-2309

On Juniper Networks Junos Space versions prior to 16.1R1 when certificate based authentication is enabled for the Junos Space cluster, some restricted web services are accessible over the network. This represents an information leak risk...

6.7AI score0.00792EPSS
Exploits0References2
CVE
CVE
added 2017/05/30 2:0 p.m.52 views

CVE-2017-2309

Affected product: Juniper Networks Junos Space (versions prior to 16.1R1). Vulnerability: Information disclosure due to certificate-based authentication enabling access to restricted web services over the network. Impact: Confidentiality impact is high; information leak risk reported. Status/reme...

5.9CVSS6.6AI score0.00792EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/03/09 7:59 p.m.5 views

UBUNTU-CVE-2017-6590

An issue was discovered in network-manager-applet aka network-manager-gnome in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation...

6.3CVSS6.8AI score0.00269EPSS
Exploits1References5
Citrix
Citrix
added 2017/02/06 12:0 a.m.10 views

How to Configure Certificate Based Authentication for Citrix Endpoint Management

The primary intent of this article is to provide steps on how an admin can enable certificate based authentication for Citrix Endpoint Management...

7.3AI score
Exploits0
Rows per page
Query Builder