111 matches found
IBM Security Verify Bridge 安全漏洞
IBM Security Verify Bridge is an IBM application component from International Business Machines IBM, Inc. provides IBM Cloud access to user attributes and authentication that are controlled by the client's local LDAP or Active Directory. A security vulnerability exists in IBM Security Verify Brid...
Teradici PCOIP Software Agent 安全漏洞
The Teradici PCoIP Software Agent is part of the Teradici Cloud Access Software from Teradici Canada. A PCoIP client can be used to connect to virtual desktops either directly or through a connection agent. A security vulnerability exists in the Teradici PCOIP Software Agent that could be exploit...
A Quick Look Into Cloud Security Posture Management (CSPM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...
A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security
Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers CASB. The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security...
CVE-2020-13185
Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials...
CVE-2020-13186
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...
CVE-2020-13186
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...
Cross site request forgery (csrf)
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...
CVE-2020-13186
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...
CVE-2020-13186
CVE-2020-13186 affects Teradici Cloud Access Connector v31 and earlier. The root cause is a missing Anti‑CSRF protection in a specific web form, enabling data modification if a user clicks a crafted link and the attacker knows both a machineID and a user GUID. Connected sources confirm the vulner...
CVE-2020-13185
Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials...
CVE-2020-13185
CVE-2020-13185 affects the Teradici Cloud Access Connector prior to v18, where certain pages in the authenticated area could be accessed without authentication tokens. This is due to insufficient access control on those pages, enabling an attacker to perform sensitive functions without credential...
Teradici Cloud Access Connector Security Vulnerability
A security vulnerability exists in Teradici Cloud Access Connector prior to v18, which stems from the fact that certain web application pages can be accessed without specifying an authentication token, which can be exploited by an attacker to execute sensitive functions without credentials...
Loxone Miniserver Authorization Issues Vulnerability
Loxone Miniserver is a server that provides energy management and monitoring functions for automation of equipment and homes in buildings and houses by Loxone Corporation. Loxone Miniserver version 11.1.9.3 previously had an authorization issue vulnerability that arose from the inability of devic...
Loxone Miniserver 授权问题漏洞
Loxone Miniserver is a server that provides energy management and monitoring functions for automation of equipment and homes in buildings and houses by Loxone Corporation. Loxone Miniserver version 11.1.9.3 previously had an authorization issue vulnerability that arose from the inability of devic...
Gartner names Microsoft a Leader in the 2020 Magic Quadrant for Cloud Access Security Brokers
The past few months have changed the way we work in many ways, working from home, social distancing, and remote operations have all had impacts on our previously known ways of life. At Microsoft, we have been working hard to assist our customers adjust to this rapidly changing and evolving work...
CVE-2020-13176
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...
CVE-2020-13176
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...
CVE-2020-13175
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 v15 and earlier for Cloud Access Connector contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials...
Cross site scripting
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 v16 and earlier for the Cloud Access Connector contains a stored cross-site scripting XSS vulnerability which allows a remote unauthenticated attacker to poison l...