21 matches found
CVE-2024-10327
A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...
CVE-2024-10327
A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...
Unspecified Vulnerability in Palo Alto Networks PAN-OS (CNVD-2024-20503)
Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from a flaw in the way data received from Cloud Identity Engine CIE agents is processed, which can lead to modification of user ID...
CVE-2024-3383
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...
CVE-2024-3383
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...
CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...
CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...
PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from a flaw in the way data received from Cloud Identity Engine CIE agents is processed, which can lead to modification of user ID...
Palo Alto Networks PAN-OS 10.1.x < 10.1.11 / 10.2.x < 10.2.5 / 11.0.x < 11.0.3 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.11 or 10.2.x prior to 10.2.5 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. - A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identit...
PT-2024-2902 · Palo Alto Networks · Pan-Os
Name of the Vulnerable Software and Affected Versions: PAN-OS affected versions not specified Description: A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to...
BIT-VAULT-2022-40186
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
CVE-2022-40186
A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias names in the Identity Engine. By conducting...
GHSA-7CGV-V83V-RR87 HashiCorp Vault vulnerable to incorrect metadata access
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
HashiCorp Vault vulnerable to incorrect metadata access
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
CVE-2022-40186
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
Design/Logic Flaw
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
CVE-2022-40186
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...
CVE-2022-40186
CVE-2022-40186 affects HashiCorp Vault and Vault Enterprise prior to 1.11.3. A flaw in the Identity Engine’s handling of mount accessors with shared alias names can cause metadata to be overwritten for the wrong alias, potentially allowing an authenticated local attacker to access unintended KV p...
CVE-2022-40186
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...