CVE-2020-1770

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

DEBIAN-CVE-2020-1770

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

CVE-2020-1770

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

Design/Logic Flaw

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

CVE-2020-1770

CVE-2020-1770 is an information-disclosure issue in the OTRS/Open Source Ticket Request System where generated support bundle files could contain sensitive data. Public advisories list affected products as OTRS Community Edition 5.0.41 and earlier, 6.0.26 and earlier, and OTRS 7.0.15 and earlier,...

CVE-2020-1770 Information disclosure in support bundle files

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

CVE-2020-1770

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: OTRS Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions...

Changes to Citrix Insight Services (CIS) and Customer Uploads

On March 18, 2020 we had a service disruption with Citrix Insight Services CIS platform which hosted the customer portal at cis.citrix.com, along with Call home, CEIP and few other services. Over the last few days, we have been in the process of bringing up most of the affected services and also...

UPDATE: Sysdig Falco v0.14.0

PenTestIT RSS Feed Recently, an updated version - Sysdig Falco v0.14.0 - was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. What is Sysdig Falco? Sysdig Falco is an open source, behavioral activity monitor...

How to take support bundle from CLI on SDWAN

Take support bundle on SD-WAN using CLI and upload it to FTP server...

Information to Keep Handy Before Troubleshooting NetScaler SD-WAN Issues

Expedite the troubleshooting process by having the following information hand: Topology/Flow diagram All traffic passing through NetScaler SD-WAN or not Links with variable bandwidth Bandwidth offered by ISP Bandwidth observed by using Iperf Bandwidth configured on the NetScaler SD-WAN Links Any...

How to Collect Support Bundle from XenMobile Server CLI using FileZilla

This article describes how to collect XenMobile support bundle with FileZilla. FileZilla can be installed locally and act as FTP server...

XenMobile POC Cheat Sheet

The purpose of this cheat sheet is to provide a detailed POC checklist to assist with the implementation of On-Premise POC implementations. This checklist includes a detailed diagram of your XenMobile POC implementation populated from the information included in the filled out checklist. Addition...

Cisco ISE Unprivileged Support Bundle Download Vulnerability

A vulnerability in the role-based access control code of the Cisco Identity Services Engine ISE could allow an authenticated, but unprivileged, remote attacker to access support bundle information. The vulnerability is due to a failure to check the user privileges correctly when downloading the...

Design/Logic Flaw

The RBAC implementation in Cisco Identity Services Engine ISE Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, ak...

CVE-2014-0665

The RBAC implementation in Cisco Identity Services Engine ISE Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, ak...

CVE-2013-6695

The RBAC implementation in Cisco Secure Access Control System ACS does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug...

Cisco Secure Access Control System Unprivileged Support Bundle Download Vulnerability

A vulnerability in the role-based access control code of the Cisco Secure Access Control System ACS could allow an authenticated, remote attacker to access support bundle information. The vulnerability is due to a failure to check the user privileges correctly when downloading the support bundle...