8 matches found
Access Fabric: A modern approach to identity and network access
Today, most organizations use multiple identity systems and multiple network access solutions from multiple vendors. This happens, either intentionally or organically, when different areas of a company choose different tools, creating a fragmented environment that leaves weaknesses that...
ZTE ZXCDN Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in ZTE ZXCDN, a unified network management platform from ZTE Corporation China. The vulnerability stems from the program's lack of data validation filtering of user-supplied data and output. An attacker can exploit the vulnerability to execute JavaScrip...
Rockwell Automation Patches Wireless Access Point against Krack
Rockwell Automation has patched its Stratix wireless access point against the KRACK vulnerability, joining a growing list of vendors in the commercial and industrial controls spaces moving quickly to reduce their exposure. Most major vendors have similarly patched their products, some prior to th...
CVE-2011-1653
Multiple SQL injection vulnerabilities in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the 1 UnAssignFunctionalRoles, 2 UnassignAdminRoles, 3 DeleteFilter, 4 NonAssignedUserList, 5...
CVE-2011-1655
The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...
Code injection
The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...
CVE-2011-1655
The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...
CVE-2011-1655
CA Total Defense Suite UNCWS getDBConfigSettings vulnerability (CVE-2011-1655) affects UNC Server before SE2; management.asmx responds to SOAP requests and transmits database credentials in plaintext, enabling unauthenticated remote access to credentials and potential arbitrary code execution. Im...