Juniper Junos CVE-2019-0050 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1X49 Juniper Junos 15.1X49-D10 Juniper Junos 15.1X49-D100 Juniper Junos 15.1X49-D101 Juniper Junos 15.1X49-D110...

Microsoft Windows NTLM CVE-2019-1338 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...

Palo Alto Networks Zingbox Inspector CVE-2019-15023 Information Disclosure Vulnerability

Description Palo Alto Networks Zingbox Inspector is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Versions prior to Zingbox Inspector 1.295 are vulnerable. Technologies Affected Paloaltonetworks...

NetApp ONTAP Select Deploy Remote Command Execution Vulnerability

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. A remote command execution vulnerability exists in ONTAP Select Deploy 2.12, 2.12.1. An attacker could exploit this vulnerability to perform administrative operations...

NetApp ONTAP Select Deploy Information Disclosure Vulnerability (CNVD-2019-43849)

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. An information disclosure vulnerability exists in ONTAP Select Deploy. The vulnerability stems from the product transmitting credentials in plain text. An attacker could exploit this vulnerability to...

CVE-2019-5504

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

Design/Logic Flaw

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

Open redirect

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

CVE-2019-5505

The CVE-2019-5505 issue affects NetApp ONTAP Select Deploy admin utility versions 2.2–2.12.1, where credentials are transmitted in plaintext. The combined documents identify the root cause as unencrypted credential handling in the deploy utility, leading to potential credential disclosure. The vu...

CVE-2019-5504

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

CVE-2019-5504

The CVE-2019-5504 entry concerns ONTAP Select Deploy administration utility versions 2.12 and 2.12.1. The vulnerability arises because an HTTP service is bound to the network, allowing unauthenticated remote attackers to perform administrative actions. Documents confirm the affected product (ONTA...

Security Bulletin: Secure values are recoverable via REST API (CVE-2019-4232)

Summary IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive values from the REST API that could be used in further attacks against the system. Vulnerability Details CVEID: CVE-2019-4232 DESCRIPTION: IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive...

Security Bulletin: Secure Properties In Processes Can Be Revealed (CVE-2019-4168)

Summary IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. Vulnerability Details CVEID: CVE-2019-4168 DESCRIPTION: IBM UrbanCode Deploy could allow an authenticated user to obtain sensitive information...

CVE-2019-15698

In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10...

CVE-2019-15698

In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10...

Design/Logic Flaw

In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10...

CVE-2019-15698

In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10...