34 matches found
Winning the cyber marathon with Tony Giandomenico
In the high-speed world of cybersecurity, the difference between a breach and a breakthrough often comes down to endurance. Tony Giandomenico, Senior Director of Product Management with Cisco Talos, joins me to discuss how he balances the intensity of leading major product launches with the...
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
EUVD-2022-48091
Malicious code in bioql PyPI...
EUVD-2023-53216
Malicious code in bioql PyPI...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
Ironman PowerShell Universal 安全漏洞
Ironman PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman. A security vulnerability exists in Ironman PowerShell Universal version 5.x prior to 5.0.12, which originates from a vulnerability that allows an authenticated attacker to...
PT-2024-34362 · Unknown · Ironman Powershell Universal
Name of the Vulnerable Software and Affected Versions: Ironman PowerShell Universal versions prior to 5.0.12 Description: The issue allows an authenticated attacker to elevate their privileges and view job information. Recommendations: For versions prior to 5.0.12, update to version 5.0.12 or lat...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 is affected. An authenticated attacker can elevate privileges and view job information. The issue originates from Ironman PowerShell Universal prior to version 5.0.12, with documented vulnerability across multiple sources (NVD/Red Hat/CVE lists). The...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
Design/Logic Flaw
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
CVE-2023-49213
The CVE-2023-49213 issue affects Ironman PowerShell Universal versions 3.0.0 through 4.2.0. The vulnerability arises from invalid sanitization of input strings in API endpoints, allowing remote attackers to execute arbitrary commands via crafted HTTP requests when a param block is used. Fixed ver...
CVE-2022-45183
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...
CVE-2022-45183
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...