CVE-2024-36066

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication the...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 2, 2024 to September 8, 2024)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024 , r esearchers...

Argument Injection

aws-sam-cli is vulnerable to Argument Injection. The vulnerability is due to the ability for users to specify arguments in the SAM template that are passed to the Docker engine during the build, potentially leading to malicious code execution...

CVE-2024-36066

The CVE-2024-36066 issue affects KeyFactor EJBCA’s CMP CLI client prior to version 8.3.1. The root cause is a salt length of 6 octets for the password-based MAC parameter, which does not meet RFC 4211 Section 4.4 requirements for a salt of at least 8 octets, potentially reducing resistance to dic...

CVE-2024-36066

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication the...

CVE-2024-36066

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication the...

better-lambda-deploy (>=0.0.4 <=0.6.9) potentially affected by unknown CVE via aws-sam-cli (>=0.40.0 <=0.53.0)

aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 Source cves: unknown CVE Source advisory: OSV:GHSA-RJC6-VM4H-85CG...

Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs

Summary The AWS Serverless Application Model SAM CLI is an open source tool that allows customers to build, deploy and test their serverless applications built on AWS. AWS SAM CLI can build container Docker images and customers can specify arguments in the SAM template that are passed to the Dock...

GHSA-RJC6-VM4H-85CG Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs

Summary The AWS Serverless Application Model SAM CLI is an open source tool that allows customers to build, deploy and test their serverless applications built on AWS. AWS SAM CLI can build container Docker images and customers can specify arguments in the SAM template that are passed to the Dock...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.36 security update

Red Hat OpenShift Container Platform release 4.14.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

CVE-2024-8688

An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables authenticated administrators including read-only administrators with access to the CLI to to read arbitrary files on the firewall...

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

CVE-2024-20398

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

CVE-2024-20398 Cisco IOS XR Software Local Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

CVE-2024-20343

Cisco IOS XR Software CLI Arbitrary File Read vulnerability (CVE-2024-20343) allows an authenticated, local attacker to read files from the underlying Linux filesystem due to improper validation of CLI command arguments. Exploitation requires valid credentials on the affected device and uses a lo...

CVE-2024-20343 Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

CVE-2024-20343 Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.31 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.31 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...