2290 matches found
ForgeRock OpenIDM Admin UI Cross-Site Scripting Vulnerability
ForgeRock OpenIDM is an extensible set of identity management tools for managing the identity lifecycle and provisioning issues from ForgeRock, Inc. The Admin UI is one of the backend management interfaces. orgeRock OpenID Admin UI is vulnerable to a cross-site scripting vulnerability. A remote...
The Wrong Way to Pick a Security Vendor
For a number of years, we've worked with and supported our Managed Service Provider MSP partners at Trend Micro and I've seen and heard a lot in that time. Over time, we’ve noticed a few trends when it comes to MSPs choosing a security vendor to partner with, and in an effort to save you some...
Adding Security to Your Managed Services Offering
Over the years Trend Micro has collaborated with and learned from a variety of MSPs. Today’s threat landscape is continuously evolving, becoming more complex and sophisticated than it was even a year ago. For MSPs to rely on a single solution is not practical or in the best interest of their...
Five Mistakes I Bet You Are Making with your Managed Services business
As a managed service provider, your customers have entrusted you to manage their IT infrastructure and their security so it’s important that you are making the right choices to secure their environments and keep cyber criminals at bay. In my years of working with our Managed Service Provider...
What to Consider When Choosing a Security Vendor
Picking a security vendor for your managed service business should be about business model alignment, not product cost. If you’re a seasoned managed service provider MSP, you are already very familiar with the benefits of the pay-as-you-go business model. In fact, it’s most likely how you sell yo...
What is the hype around Firewall as a Service?
Admit it. Who would not want their firewall maintenance grunt work to go away? For more than 20 years, companies either managed their edge firewall appliances or had service providers rack-and-stack appliances in their data centers and did it for them. This was called a managed firewall — an...
CVE-2017-6036
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination...
CVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
Server side request forgery (ssrf)
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination...
Cross site request forgery (csrf)
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request...
Information disclosure
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
CVE-2017-6038
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request...
CVE-2017-6038
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request...
CVE-2017-6036
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination...
CVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
CVE-2017-6038
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request...
CVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
CVE-2017-6040
CVE-2017-6040 concerns an Information Exposure in Belden Hirschmann GECKO Lite Managed switch (Version 2.0.00 and earlier). The vulnerability arises from saving a copy of the downloaded configuration file (which includes password hashes) in a location accessible without authentication, enabling a...
CVE-2017-6036
CVE-2017-6036 describes a Server-Side Request Forgery (SSRF) in Belden Hirschmann GECKO Lite Managed switch (Web server) affecting v2.0.00 and earlier. The issue arises because the web server does not adequately validate requests to the intended destination, enabling an attacker to obtain sensiti...
CVE-2017-6038
The CVE-2017-6038 CSRF vulnerability affects Belden Hirschmann GECKO Lite Managed switch (version 2.0.00 and prior). The web interface fails to sufficiently verify that requests originate from the submitting user, enabling cross-site request forgery. ICS-CERT/Security advisories note that success...