Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the verifybyte expected function in JcaContentVerifierProviderBuilder. An attacker can forge a protected CMP/PKI message by supplying an empty composite signature sequence that...

Vault 7 disclosure document follow-up: Cisco for an impact to the 300 switches of the vulnerability early warning-vulnerability warning-the black bar safety net

The CIA Vault 7 leaked event the rest temperature is not over, Cisco experts will find its IOS and IOS XE software the Cluster Management Protocol remote code execution vulnerability exists in. Recently Wikileaks has just announced plans with some IT companies to share some information about thei...

Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing "Vault 7" — a roughly 8,761 documents and files leaked by Wikileaks last week, claiming...