GHSA-F4R5-Q63F-GCWW Keylime registrar and (untrusted) Agent can be bypassed by an attacker

Impact A security issue was found in the Keylime registrar code which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK which in indeed related to the EK. When an agent starts up, it will contact a registrar and provi...

Error "Try again after some time or contact your help desk" after authentication passed

After inputting your username and password to "https://x.x.x.x/manageotp" page, you are encountering an error message that says, "Try again after some time or contact your help desk " "Rejecting with error code 4009 “， ”receiveldapusersearchevent:ldapfirstentryreturned null, user XXX not found “...

OTP device test error "Failed to verify OTP from. Please ensure Citrix ADC is synced to NTP time"

OTP registered device test error "Failed to verify OTP. Please make sure Citrix ADC is synced to NTP time. "...

Jenkins Plugin AWS CodeCommit Trigger Cross-Site Scripting Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A denial of service vulnerability exists in the Tenda AC6. The vulnerability stems from a failure to properly handle incoming error messages and can be exploited to cause a denial of service device crash via a long string in the...

-pattern parameter in the rewrite action was removed in 13.1

When user configure rewrite action with pattern param in GUI or CLI in NS 13.1, below error may prompt:"ERRO: No such argument -pattern" e.g add rewrite action rwainsertintracaptchaag insertbeforeall "HTTP.RES.BODY8000.SETTEXTMODEIGNORECASE" q" " + "" -pattern "" ERROR: No such argument -pattern...

Prompt Error "Feature is not implemented" after Read-Only users login GUI

Read-only user login GUI and get an error "Feature is not implemented"...

"Not authorized to execute this command" error for External Authentication System User

After login ADC management GUI using local AD user, belowError message prompt: "2 errors encountered. Not authorized to execute this command show ns license Not authorized to execute this command show ns feature"...

"This Apple ID can't be used to make purchases" error when installing Secure Hub on DEP devices

When attempting to download and install the Citrix Secure Hub app on devices enrolled through the Device Enrollment Program DEP using a Managed Apple ID in Apple Business Manager ABM, users may encounter the error message: "This Apple ID can't be used to make purchases."...

CVE-2023-26272

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

Information disclosure

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

CVE-2023-26272 IBM Security Guardium Data Encryption information disclosure

IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM 1.10.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

"Unable to process your request" error while registering for two-factor authentication

Registerfor two-factor authentication by using the following steps: ------- 1. Open a browser, navigate to the Workspace sign-in page, and select Don’t have a token? 2. Enter their user name in the domain\username format or their company email address and select Next. Citrix Cloud then sends the...

Azure Hosting Test connection shows invalid user name / password / Credentials

Unable to create new machine catalog Running the Test Connection fails with error "Invalid Credentials"...

CVE-2023-32755

e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...

Command injection

e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...

CVE-2023-32755 e-Excellence U-Office Force - Error Message Leakage

e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...

CVE-2023-32755 e-Excellence U-Office Force - Error Message Leakage

e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command...

CVE-2023-32755

CVE-2023-32755 affects e-Excellence U-Office Force. The web service may reveal partial sensitive system information via crafted commands in error messages; no concrete patch/version is provided in the sources. Monitor for updates and advisories from multiple vendors.

e-Excellence U-Office Force 安全漏洞

e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. A security vulnerability exists in e-Excellence U-Office Force, which can be exploited to obtain part of the system information from an error message returned by the web service by sending specif...