CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

CVE-2017-12315

CVE-2017-12315 affects Cisco HyperFlex System: the vulnerability is in the system logging path during replication configuration, where sensitive information is not properly masked in log files. An authenticated, local attacker (administrative user) could view restricted information in the system ...

Cisco HyperFlex System Authenticated Information Disclosure Vulnerability

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Failed to import Veeam Cloud Connect certificate after Veeam Availability Console server migration

Challenge After migrating your Veeam Availability Console VAC installation to a new server and adding an existing Veeam Cloud Connect VCC server, the following certificate error may be observed: Failed to import certificate from the Veeam Cloud Connect server. See debug logs for more information...

SUSE SLES11 Security Update : mysql (SUSE-SU-2017:2996-1)

This update for mysql to version 5.5.58 fixes the following issues: Fixed security issues : - CVE-2017-10268: issue inside subcomponent Server Replication bsc1064101 - CVE-2017-10378: issue inside subcomponent Server Optimizer bsc1064115 - CVE-2017-10379: issue inside subcomponent Client programs...

How to collect logs for cases involving Oracle

Challenge An issue with backing up of the Oracle database server and/or removal of Oracle archived logs is suspected. Veeam Technical Support would like to gather information from your servers and databases to investigate this issue. Additional logs must be gathered manually from the guest OS on...

Redis-store Design Vulnerability

Redis-store is a Ruby-based application-specific toolkit that supports sharding, master-slave replication, and grouping. A security vulnerability exists in Redis-store 1.3.0 and earlier versions. An attacker can exploit the vulnerability to load insecure objects from redis...

Deserialization of untrusted data

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

Cross site request forgery (csrf)

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

CVE-2017-5635

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

ALPINE-CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

CVE-2017-10165

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

CVE-2017-10313

CVE-2017-10313 affects the MySQL Server component (Group Replication GCS) in Oracle MySQL. MiracleLinux Nessus entry notes affected versions include 5.7.19 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise MySQL Server, potent...

CVE-2017-10268

CVE-2017-10268 affects Oracle MySQL Server (Server: Replication) with affected versions 5.5.57 and earlier, 5.6.37 and earlier, and 5.7.19 and earlier. The vulnerability allows a high-privilege attacker with logon to the infrastructure where MySQL Server executes to compromise the server, potenti...

CVE-2017-10268

Disclaimer: This data contains information about vulnerable...

CVE-2017-10268

Removed by vendor...

Oracle MySQL Server Group Replication GCS Subcomponent Denial of Service Vulnerability

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the Group Replication GCS subcomponent of t...