78 matches found
CVE-2021-26100
CVE-2021-26100 affects Fortinet FortiMail’s Identity-Based Encryption (IBE) service prior to version 7.0.0. The issue is a missing cryptographic step that can allow an unauthenticated attacker who intercepts encrypted messages to tamper with them and recover plaintexts. Fortinet’s PSIRT advisory ...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
PT-2021-3853 · Fortinet · Fortimail
Name of the Vulnerable Software and Affected Versions: FortiMail versions prior to 7.0.0 Description: The issue is related to missing cryptographic steps in the Identity-Based Encryption service of FortiMail, which may allow an attacker to compromise the confidentiality of encrypted master keys b...
PT-2021-3854 · Fortinet · Fortimail
Name of the Vulnerable Software and Affected Versions: FortiMail affected versions not specified Description: The issue is related to errors in the code of the pseudorandom number generator in the FortiMail IBE Identity Based Encryption service. This could allow a remote attacker to gain...
Why threat protection is critical to your Zero Trust security strategy
The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have shifted their focus and identitie...
Why threat protection is critical to your Zero Trust security strategy
The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have shifted their focus and identitie...
Deliver productive and seamless user experiences with Azure Active Directory
Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The...
Prevent and detect more identity-based attacks with Azure Active Directory
Security incidents often start with just one compromised account. Once an attacker gets their foot in the door, they can escalate privileges or gather intelligence that helps them reach their goals. This is why we say that identity is the new security perimeter. To reduce the risk of a data breac...
Modernizing the security operations center to better secure a remote workforce
The response to COVID-19 has required many security operations centers SOCs to rethink how they protect their organizations. With so many employees working remotely, IT groups are routing more traffic directly to cloud apps, rather than through the network. In this model, traditional network...
SUSE-SU-2020:0743-1 Security update for strongswan
This update for strongswan fixes the following issues: Strongswan was updated to version 5.8.2 jscSLE-11370. Security issue fixed: - CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation bsc1079548. Full changelogs:...
CVE-2019-0246
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity...
CVE-2017-16684
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...
Cyberoam Central Console 2.00.2 - File Include Vulnerability
No description provided by source. Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central Console CCC appliances...
CVE-2013-1471
Multiple cross-site scripting XSS vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption IBE appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via 1 the Add field for the Black List under Antispam...
Cyberoam UTM Multiiple Vulnerabilities
Exploit for hardware platform in category web applications Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and...
Cyberoam Central Console 2.00.2 - Remote File Inclusion
Cyberoam Central Console 2.00.2 - Remote File Inclusion Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central...
bluecoat7111.txt
Blue Coat Reporter 7.1.1.1 - multiple remote vulnerabilities ============================================================ Blue Coat Reporter ================== "Blue Coat Reporter 7 provides identity-based reporting on Web communications enabling enterprises to evaluate Web policies and manage...