325 matches found
Cisco Secure Email and Web Manager External Authentication Bypass (cisco-sa-sma-esa-auth-bypass-66kEcxQD)
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks...
PT-2022-6309 · Ibm · Ibm Sterling Secure Proxy +1
Name of the Vulnerable Software and Affected Versions: IBM Sterling External Authentication Server version 6.1.0 IBM Sterling Secure Proxy version 6.0.3 Description: The issue is related to the use of weaker than expected cryptographic algorithms during installation, which could allow a local...
The vulnerability of the implementation of the Lightweight Directory Access Protocol (LDAP) in the Cisco Secure Email and Web Manager content protection device, as well as the Cisco Email Security Appliance (ESA) email security system, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Lightweight Directory Access Protocol LDAP implementation of the Cisco Secure Email and Web Manager security device, as well as the Cisco Email Security Appliance ESA email security system, is related to the lack of proper input sanitization during requests to the externa...
Cisco Secure Email and Web Manager (SMA) Information Disclosure (cisco-sa-esasma-info-dsc-Q9tLuOvM)
According to its self-reported version, Cisco Secure Email and Web Manager SMA is affected by an information disclosure vulnerability in the web management interface. This could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol...
The vulnerability of the external authentication function of the Cisco Secure Email and Web Manager (formerly known as Cisco Security Management Appliance and Cisco Email Security Appliance) relates to access control errors, allowing attackers to gain full access to the device’s web interface.
The vulnerability of the external authentication function of Cisco Secure Email and Web Manager formerly known as Cisco Security Management Appliance and Cisco Email Security Appliance is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to...
Vulnerabilities fixed in Cisco Email Security Appliance, Secure Email and Web Manager
Vulnerabilities have been fixed in Cisco Email Security Appliance and Cisco Secure Email and Web Manager. The vulnerability with reference CVE-2022-20798 allows an unauthenticated remote malicious person able to bypass authentication bypass authentication and thereby log into the Web management...
CVE-2022-20798
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass authentication and log in to the web...
CVE-2022-20664
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access...
CVE-2022-20798
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass authentication and log in to the web...
CVE-2022-20798 Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass authentication and log in to the web...
Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance SMA, and Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass authentication and log in to the web...
Cisco多款产品 信息泄露漏洞
Cisco Email Security Appliance ESA and Cisco Secure Email are both products of Cisco USA. cisco Email Security Appliance is an email security appliance. cisco Secure Email is a Cisco Secure Email formerly Email Security provides the best protection for your email from cyber threats.Cisco Email...
CVE-2021-29726
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104...
Input validation
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104...
CVE-2021-29726
CVE-2021-29726 affects IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3. The issue is improper validation leading to a certificate not being properly associated with the host (trust management/certificate validation bypass). Reported base CVSS v3.1/3.0 scores ar...
GHSA-V2RP-9CPJ-PFW2 Salt Insecure configuration of PAM external authentication service
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...
IBM Sterling Secure Proxy 信任管理问题漏洞
IBM Sterling Secure Proxy is an application proxy used by International Business Machines Corporation IBM to secure the transfer of files in an organization's unprotected zone DMZ.IBM Sterling Secure Proxy version 6.0.3 and IBM Secure External Authentication Server version 6.0.3 contain a trust...
PT-2022-9929 · Ibm · Ibm Secure External Authentication Server +1
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy version 6.0.3 IBM Secure External Authentication Server version 6.0.3 Description: The issue arises from improper validation of certificates, which fails to ensure that a certificate is actually associated with the...
Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple vulnerabilities due to IBM Java Runtime
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. IBM Sterling External Authentication Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35578 DESCRIPTION: An unspecified...
Security Bulletin: IBM Sterling External Authentication Server is vulnerable to improper validation of certificates
Summary IBM Sterling External Authentication Server does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. Vulnerability Details CVEID: CVE-2021-29726 DESCRIPTION: IBM Sterling Secure Proxy does not properly ensure that a...