CVE-2019-1672

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672 Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

CVE-2019-1672

CVE-2019-1672 describes a vulnerability in the Cisco Web Security Appliance (WSA) where the Decryption Policy Default Action handling allows an unauthenticated, remote attacker to bypass a configured drop policy and permit SSL traffic that should have been denied. The root cause is the incorrect ...

Security Bulletin: IBM QRadar SIEM uses outdated hash algorithms. (CVE-2017-1695)

Summary The software uses an outdated or insecure cryptographic library or it is using a proprietary crypto standard which is likely to be vulnerable. Vulnerability Details CVEID: CVE-2017-1695 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker...

Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorre...

Security Bulletin: Vulnerability with RSA Export Keys affects IBM Systems Director (CVE-2015-0138)

Summary The FREAK: Factoring Attack on RSA-EXPORT keys TLS/SSL client and server vulnerability affects IBM Systems Director. Vulnerability Details Abstract The FREAK: Factoring Attack on RSA-EXPORT keys TLS/SSL client and server vulnerability affects IBM Systems Director. Content Vulnerability...

Security Bulletin: Vulnerabilities in OpenSSL affect System x Integrated Management Module (IMM) (CVE-2015-0204)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by System x Integrated Management Module IMM. IMM hasaddressed the applicable CVEs...

CVE-2019-6690

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...

Improper Input Validation

python-gnupg is susceptible to improper input validation. The passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt methods are not properly validated, allowing the attacker to get control of the passphrase being encrypted or decrypted by supplying a newline as input to it when...

IBM Security Key Lifecycle Manager Weak Encryption Algorithm Vulnerability

IBM Security Key Lifecycle Manager centralizes, simplifies and automates the encryption key management process, helping to minimize the risks and operational costs of encryption key management. A weak cryptographic algorithm vulnerability exists in IBM Security Key Lifecycle Manager 3.0 - 3.0.0.2...

CVE-2018-1751

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512...

Code injection

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512...

Collection 1 data breach: what you need to know

Yesterday, news broke that the largest data dump in history had been discovered, with more than 770 million people's Personally Identifiable Information PII decrypted, catalogued, and up for grabs on the Internet. The files, which are being dubbed Collection 1, were originally found on cloud...

Cisco Email Security Appliance Multiple DoS Vulnerabilities (cisco-sa-20190109-esa-dos / cisco-sa-20190109-esa-url-dos)

According to its self-reported version, the Cisco Email Security Appliance ESA is affected by the following vulnerabilities: - A denial of service DoS vulnerability exists in Secure/Multipurpose Internet Mail Extensions S/MIME Decryption and Verification and S/MIME Public Key Harvesting features...

Schneider Electric IIoT Monitor Hard-coded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows the decryption of the administrator password on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists within encryption of the administrator password in the AESEncryption class....

Spoofable Output

gnupg2 is vulnerable to spoofable output attacks. The vulnerability exists as mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs tha...

Side-channel Attack

GnuPG is vulnerable to side-channel attacks. An attacker in close physical range to the target system is able to decrypt ciphertexts using acoustic cryptanalysis to recover the RSA secret key belonging to the system...

Denial Of Service

Network Security Services NSS is vulnerable to denial of service. It exists due to the regression introduced by the fix for CVE-2013-1620 which does not properly check the data reading are initialized data, leading to a decryption failure and a TLS/SSL server crash...