The vulnerability of the REST API implementation of Cisco Managed Services Accelerator allows a perpetrator to trigger a service failure.

The vulnerability of the REST API interface implementation of Cisco Managed Services Accelerator is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

CVE-2020-8355

An internal product security audit of Lenovo XClarity Administrator LXCA prior to version 3.1.0 discovered the Windows OS credentials provided by the LXCA user to perform driver updates of managed systems may be captured in the First Failure Data Capture FFDC service log if the service log is...

CVE-2020-8355

An internal product security audit of Lenovo XClarity Administrator LXCA prior to version 3.1.0 discovered the Windows OS credentials provided by the LXCA user to perform driver updates of managed systems may be captured in the First Failure Data Capture FFDC service log if the service log is...

CVE-2021-1266

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

CVE-2021-1266 Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

CVE-2021-1266 Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

Cisco Managed Services Accelerator Denial of Service Vulnerability

Cisco Managed Services Accelerator MSX is a multi-tenant, multi-service, cloud-native service creation and delivery platform that enables service providers to quickly, easily, and cost-effectively develop and deliver hosted services to enterprise customers. A denial of service vulnerability exist...

Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

Guide: How Security Consolidation Helps Small Cybersecurity Teams

The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions—from different vendors—creating a layered security infrastructure that introduces new challenges to any team, with a much more...

Cisco Managed Services Accelerator 资源管理错误漏洞

Cisco Managed Services Accelerator MSX is a multi-tenant, multi-service, cloud-native service creation and delivery platform that enables service providers to quickly, easily, and cost-effectively develop and deliver hosted services to enterprise customers. A denial of service vulnerability exist...

Enhanced Security at the Edge with Imperva DNS Protection

Your website is the gateway to your business and the potential for disruption of your site or damage to your web infrastructure makes DNS security a serious consideration for organizations. The criticality of DNS Services for ensuring network connectivity and website availability make them a hot...

Oracle Business Process Management Suite (Jan 2021 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by the following vulnerabilities as referenced in the January 2021 CPU advisory: - An XML External Entity XXE vulnerability exists in the dom4j library which allows DTDs and external entities by...

CVE-2021-1303

A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remote attacker to execute unauthorized commands on an affected device. The vulnerability is due to improper enforcement of actions for assigned user roles. An attacker could exploit this vulnerability ...

Design/Logic Flaw

A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. The vulnerability is due to the configuration archives files being stored in clear...

Cisco DNA Center Information Disclosure Vulnerability

A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. The vulnerability is due to the configuration archives files being stored in clear...

You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace

Purchasing software through AWS Marketplace has to be one of the most under-appreciated perks of being an Amazon Web Services AWS customer. For starters, products you purchase through Marketplace automatically show up on your next AWS bill, which can really simplify your procurement process. In...

Citrix Endpoint Management (aka XenMobile Server) 10.13.0 Rolling Patch 1

Package name:xms10.13.0.10129.bin For: XenMobile Server 10.13.0 Deployment type: On-premises only Replaces:None Replaced by:CTX296934 Date:December, 2020 Languages supported:English US Readme version:1.00 Readme Revision History Version| Date| Change Description ---|---|--- 1.00| December, 2020|...

CVE-2020-36168

An issue was discovered in Veritas Resiliency Platform 3.4 and 3.5. It leverages OpenSSL on Windows systems when using the Managed Host addon. On start-up, it loads the OpenSSL library. This library may attempt to load the openssl.cnf configuration file, which does not exist. By default, on Windo...

Security Bulletin: A security vulnerability in Node.js node-forge module affects IBM Cloud Pak for Multicloud Management Managed Service.

Summary A security vulnerability in Node.js node-forge module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2020-7720 DESCRIPTION: Node.js node-forge module could allow a remote attacker to execute arbitrary code on the system, caused by a...

Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Managed Service.

Summary A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Infrastructure Management Managed Service. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a...