Aggregator

CVE-2019-15949 | Nagios XI up to 5.6.5 Web Interface profile.php?cmd=download command injection (ID 156676 / EDB-48191)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Nagios XI up to 5.6.5. Affected by this issue is some unknown functionality of the file profile.php?cmd=download of the component Web Interface. The manipulation leads to command injection. This vulnerability is handled as CVE-2019-15949. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-8394 | Zoho ManageEngine ServiceDesk Plus up to 10.0 Login Page unrestricted upload (EDB-46413 / BID-107129)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Zoho ManageEngine ServiceDesk Plus up to 10.0. It has been classified as critical. Affected is an unknown function of the component Login Page. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2019-8394. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

亚马逊 Redshift 推出新默认设置以防止数据泄露

HackerNews
8 months 3 weeks ago
HackerNews 编译,转载请注明出处: 亚马逊宣布了针对 Redshift 的关键安全增强功能,Redshift 是一种受欢迎的数据仓库解决方案,这些增强功能旨在防止因配置错误和不安全的默认设置导致的数据泄露。 Redshift 被企业广泛用于商业智能和大数据分析,与 Google BigQuery、Snowflake 和 Azure Synapse Analytics 竞争。它因其在处理PB级数据时的效率和性能、可扩展性以及成本效益而受到重视。 然而,配置不当和宽松的默认设置导致了大规模数据泄露事件,例如 2022 年 10 月的 Medibank 勒索软件事件,据报道该事件涉及对公司 Redshift 平台的访问。 上周,AWS 宣布将为新创建的预配置集群实施三项安全默认设置,以显著提升平台的数据安全性,并最大限度地减少灾难性数据泄露的可能性。 第一项措施是默认限制新集群的公共访问,将其限制在用户的虚拟私有云(VPC)内,并防止直接外部访问。如果需要公共访问,必须明确启用,并建议用户使用安全组和网络访问控制列表(ACL)来限制访问。 第二项更改是默认为所有集群启用加密,以确保即使未授权访问也不会导致数据泄露。用户现在必须指定一个加密密钥,否则集群将使用 AWS 所有的密钥管理服务(KMS)密钥进行加密。依赖未加密集群进行数据共享的用户必须确保生产和消费集群都已加密。未能调整这些工作流程可能会在更改生效时导致中断。 第三项更改是默认为所有新集群和恢复的集群强制使用安全 SSL(TLS)连接,以防止数据拦截和“中间人”攻击。使用自定义参数组的用户被鼓励手动启用 SSL 以增强安全性。 需要注意的是,这些更改将影响新创建的预配置集群、无服务器工作组和恢复的集群,因此现有设置不会立即受到影响。然而,AWS 建议客户根据需要审查和更新其配置,以符合新的安全默认设置,避免运营中断。 “我们建议所有 Amazon Redshift 客户审查他们当前的配置,并考虑在他们的应用程序中实施新的安全措施,”公告中写道。“这些安全增强功能可能会对依赖公共访问、未加密集群或非 SSL 连接的现有工作流程产生影响。” 寻求指导和支持的客户被要求阅读在线“管理指南”或联系 AWS 支持。   消息来源:Bleeping Computer, 编译:zhongx;  本文由 HackerNews.cc 翻译整理,封面来源于网络;   转载请注明“转自 HackerNews.cc”并附上原文
hackernews

CVE-2019-7238 | Sonatype Nexus Repository Manager up to 3.14.x Access Control access control (ID 13419)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Sonatype Nexus Repository Manager up to 3.14.x. This issue affects some unknown processing of the component Access Control. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2019-7238. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-12991 | Citrix SD-WAN/Netscaler SD-WAN command injection (ID 153638 / EDB-47112)

Vuldb Updates
8 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Citrix SD-WAN and Netscaler SD-WAN. This affects an unknown part. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2019-12991. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-13272 | Linux Kernel up to 5.1.16 kernel/ptrace.c access control (Bug 1140671 / EDB-47163)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 5.1.16. It has been classified as critical. Affected is an unknown function of the file kernel/ptrace.c. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2019-13272. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-15107 | Webmin up to 1.920 password_change.cgi old command injection (ID 154141 / EDB-47230)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Webmin up to 1.920. It has been declared as critical. This vulnerability affects unknown code of the file password_change.cgi. The manipulation of the argument old as part of Parameter leads to command injection. This vulnerability was named CVE-2019-15107. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-15752 | Docker Desktop Community Edition up to 2.1.0.0 docker-credential-wincred.exe access control (ID 157404)

Vuldb Updates
8 months 3 weeks ago
A vulnerability was found in Docker Desktop Community Edition up to 2.1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file docker-credential-wincred.exe. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2019-15752. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

2024 年漏洞利用激增 20% 约 40 万台联网设备面临攻击威胁

HackerNews
8 months 3 weeks ago
HackerNews 编译,转载请注明出处: 网络安全公司VulnCheck最新报告显示,2024年野外被利用的CVE数量攀升至768个,较2023年的639个增长20%,创下年度新高。 约23.6%的KEV在公开披露当日或之前就已被武器化,这一比例虽较2023年的26.8%略有下降,却印证了漏洞在其生命周期内随时可能遭受攻击的行业规律。 VulnCheck安全研究员Patrick Garrity在接受《黑客新闻》采访时透露:”2024年公布的CVE中,有1%在发布时就被确认遭到野外利用。考虑到漏洞利用常存在滞后性,实际数字预计会持续攀升。”这一发现基于该公司持续追踪的漏洞生命周期数据。 值得关注的是,报告发布的两个月前,VulnCheck曾披露2023年度最常被利用的15个高危漏洞中,有15个中国黑客组织(占已命名威胁行为体的四分之一)涉及至少一个漏洞的利用。 其中,Log4j漏洞(CVE-2021-44228)以关联31个威胁组织位居榜首,目前仍有65,245台主机存在潜在风险。 经测算,全球约40万台联网设备因Apache、Atlassian等10家主流厂商产品的15个安全缺陷面临攻击威胁。这些涉及企业包括思科、微软、Fortinet等行业巨头,暴露出广泛的企业级安全风险。 对此,VulnCheck提出五点防护建议:企业需系统评估技术暴露面、建立风险可视化机制、强化威胁情报应用、完善补丁管理体系,并尽可能减少相关设备的互联网暴露面。该建议直指当前企业网络安全建设的核心痛点,为应对日益复杂的漏洞攻击提供了操作性框架。   消息来源:The Hacker News, 编译:zhongx;  本文由 HackerNews.cc 翻译整理,封面来源于网络;   转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Managed ad