Cisco Application Policy Infrastructure Controller Cross-Site Scripting Vulnerability (CNVD-2021-68730)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA. Controller's web UI contains a stored cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary script code or access...

Cloud Misconfig Mistakes Show Need For DevSecOps

Developers have become accustomed to deploying apps in data centers with what could be described as a “crunchy hard outer layer,” to keep their data center secure. But when it comes to the public cloud, “it just doesn’t exist that way,” said Ryan Olson, vice president of threat intelligence with...

Moderate: Red Hat Security Advisory: openstack-heat security, bug fix, and enhancement update

An update for openstack-heat is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...