5 matches found
EUVD-2020-4001
Malware in sbrugna...
CVE-2020-11658
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization...
CVE-2020-11658
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization...
CVE-2020-11658
CVE-2020-11658 affects the Broadcom/CA API Developer Portal (versions 4.3.1 and earlier). The root cause is insecure handling of shared secret keys, which can let an attacker bypass authorization. The issue is classified with high to critical impact (CVSS scores: CVSS v3.1 base 9.8, HIGH confiden...
PT-2001-1707 · Isc · Bind
Name of the Vulnerable Software and Affected Versions: BIND versions 8.2.4 and earlier BIND versions 9.1.2 and earlier Description: The issue allows attackers to obtain HMAC-MD5 shared secret keys used for DNS Transactional Signatures TSIG due to insecure permissions set by dnskeygen in BIND 8 an...