CVE-2023-34471 Missing Cryptographic Step

AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code HMAC. A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication...

CVE-2023-34471 Missing Cryptographic Step

AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code HMAC. A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication...

CVE-2023-34471

CVE-2023-34471 involves AMI SPx’s BMC where a vulnerability can cause a missing cryptographic step during HMAC generation. This may lead to loss of confidentiality, integrity, and authentication as described in multiple sources. Exploitation details are not provided in the connected documents. Af...

CVE-2023-34337 Inadequate Encryption Strength

AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code HMAC. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

CVE-2023-34337

AMI SPx (AMI MegaRAC BMC) contains a vulnerability where the hash-based message authentication code (HMAC) has inadequate cryptographic strength. The vulnerability could lead to loss of confidentiality, integrity, and availability. The provided documents do not specify exact affected versions, ex...

Timing Attack

saleor is vulnerable to a Timing Attack. The vulnerability exists due the validatehmacsignature function which has a non constant time that can allow an attacker to infer the secret key or forge fake events...

EulerOS Virtualization 2.11.0 : samba (EulerOS-SA-2023-2128)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being...

Important: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

CVE-2023-32694 Non-constant time HMAC comparison in Adyen plugin in Saleor

Saleor Core is a composable, headless commerce API. Saleor's validatehmacsignature function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could...

CVE-2023-32694 Non-constant time HMAC comparison in Adyen plugin in Saleor

Saleor Core is a composable, headless commerce API. Saleor's validatehmacsignature function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-1791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-1791)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed...

RLSA-2023:2127 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and...

samba security update

An update is available for samba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between...

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 9 : samba (RHSA-2023:2137)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2137 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and...

RHEL 9 : samba (RHSA-2023:2127)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2127 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...