268 matches found
CVE-2024-23446
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security DLS or Field-level security FLS when querying the .alerts-security.alerts-spaceid indices. Users who are authorized to call this API may obtain unauthorized access to documents if...
Design/Logic Flaw
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security DLS or Field-level security FLS when querying the .alerts-security.alerts-spaceid indices. Users who are authorized to call this API may obtain unauthorized access to documents if...
CVE-2024-23446 Kibana Broken Access Control issue
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security DLS or Field-level security FLS when querying the .alerts-security.alerts-spaceid indices. Users who are authorized to call this API may obtain unauthorized access to documents if...
CVE-2024-23446 Kibana Broken Access Control issue
An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security DLS or Field-level security FLS when querying the .alerts-security.alerts-spaceid indices. Users who are authorized to call this API may obtain unauthorized access to documents if...
CVE-2024-23446
CVE-2024-23446 pertains to Kibana’s Detection Engine Search API failing to enforce Document-level security (DLS) and Field-level security (FLS) on .alerts-security.alerts-{space_id} indices. The issue allows users with API access and DLS/FLS-enabled roles to potentially read unauthorized document...
Kibana 8.12.1 Security Update (ESA-2024-01)
Kibana Broken Access Control issue ESA-2024-01 An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security DLS or Field-level security FLS when querying the .alerts-security.alerts-spaceid indices. Users who are authorized to call this API...
PT-2024-1691 · Elastic · Kibana
Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: The issue is related to insufficient access control in the Kibana data visualization service. It allows a remote attacker to impact the confidentiality of protected information. Specifically...
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker coul...
CVE-2023-20083
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result...
CVE-2023-20031
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs whe...
CVE-2023-20270
A vulnerability in the interaction between the Server Message Block SMB protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service DoS conditi...
CVE-2023-20177
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense FTD Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to...
CVE-2023-20071
Cisco CVE-2023-20071 affects the Snort detection engine’s FTP inspection module across multiple Cisco products (notably FTD/ASA family). An unauthenticated, network-accessible attacker can craft FTP traffic to bypass FTP inspection and potentially deliver a payload, per Cisco’s security advisory ...
CVE-2023-20031
The CVE-2023-20031 issue affects Cisco Firepower Threat Defense (FTD) with Snort 3, where a logic error in SSL/TLS certificate handling during SSL handshake under load can be exploited by a high rate of connection requests to cause the Snort 3 engine to reload. Consequences documented include pot...
CVE-2023-20031
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs whe...
CVE-2023-20177
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense FTD Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to...
Multiple Cisco Products Snort FTP Inspection Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker coul...
PT-2023-8674 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD affected versions not specified Multiple Cisco products affected versions not specified Description: The issue is due to a flaw in the FTP module of the Snort detection engine, which could allow an...
PT-2023-7127 · Cisco · Cisco Ftd
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to a logic error in the TLS 1.3 implementation of the Cisco Firepower Threat Defense FTD Software, specifically in how memory...
Updated snort packages fix security vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...