A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “userâ€� or “factoryâ€� account, to read the contents of any file on the filesystem utilizing one of a few available binaries. Devamını Oku
The Web application of Brocade Fabric OS before versions Brocade Fabric OS v9.0.1a and v8.2.3a contains debug statements that expose sensitive information to the program’s standard output device. An attacker who has compromised the FOS system may utilize this weakness to capture sensitive information, such as user credentials. Zafiyet ile ilgili Genel Bilgi, Etki ve…
HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could execute script in a victim’s web browser to perform operations as the victim and/or steal the victim’s cookies, session tokens, or other sensitive information. Zafiyet ile ilgili Genel Bilgi, Etki…
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and…
HCL Commerce’s Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages. An attacker could exploit this vulnerability to execute a malicious script to access any cookies, session tokens, or other sensitive information retained by the browser and used with that…