8 matches found
CVE-2024-28968
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the executio...
Dell Secure Connect Gateway Access Control Error Vulnerability
Dell Secure Connect Gateway is a secure connectivity gateway from Dell USA. An access control error vulnerability exists in Dell Secure Connect Gateway versions prior to 5.24.00.00, which stems from an improperly access-controlled internal email and collection settings REST API, which could be...
PT-2024-22651 · Dell · Dell Scg
Name of the Vulnerable Software and Affected Versions: Dell SCG versions prior to 5.24.00.00 Description: The issue is related to an Improper Access Control vulnerability in the SCG exposed for internal email and collection settings REST APIs. A remote low privileged attacker could potentially...
Top FBI Official Urges Agents to Use Warrantless Wiretaps on US Soil
An internal email from FBI deputy director Paul Abbate, obtained by WIRED, tells employees to search for “US persons” in a controversial spy program's database that investigators have repeatedly misused...
Shopify: store internal email disclosed through shopify-data-exporter
Summary: Hey Shopify, When a store install shopify-data-exporter app to export various data of the store a link is sent to the store internal email. This internal email is disclosed via the below request to anyone json GET /?shop=yourstore.myshopify.com HTTP/2 Host:...
Security Bulletin: Resilient OnPrem is affected by the use of hard-code credentials in its internal email server
Summary Security Bulletin: Resilient OnPrem is affected by the use of hard-code credentials in its internal email server Vulnerability Details Summary Resilient OnPrem has removed the use of hard-coded credentials. Vulnerability Details CVEID: CVE-2019-4534 DESCRIPTION: IBM Resilient OnPrem...
Malwarebytes says it was also breached by SolarWinds hackers
By Waqas According to Malwarebytes, SolarWinds hackers accessed its internal email communication. Here's what we know so far. This is a post from HackRead.com Read the original post: Malwarebytes says it was also breached by SolarWinds hackers...
Source: Deloitte Breach Affected All Company Email, Admin Accounts
Deloitte, one of the world's "big four" accounting firms, has acknowledged a breach of its internal email systems, British news outlet The Guardian revealed today. Deloitte has sought to downplay the incident, saying it impacted "very few" clients. But according to a source close to the...