Splunk ha rilasciato aggiornamenti di sicurezza per correggere alcune vulnerabilità, di cui 4 con gravità “alta”, nei noti prodotti per l’analisi del traffico di rete Enterprise e Cloud Platform. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Fortinet announces FortiGate-as-a-Service, an innovative solution that combines the power of our proprietary ASIC technology with the flexibility and scalability of cloud services. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
CISA released seven Industrial Control Systems (ICS) advisories on July 2, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-184-01 Johnson Controls Kantech Door Controllers ICSA-24-184-02 mySCADA myPRO ICSA-24-184-03 ICONICS and Mitsubishi Electric Products ICSA-24-179-04 Johnson Controls Illustra…
Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2024-36401 – già sanata dal vendor – presente nel prodotto GeoServer, software open source per l’elaborazione di dati geospaziali. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato l’esecuzione di codice da remoto. Source link…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20399 Cisco NX-OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…
MongoDB Inc. ha rilasciato aggiornamenti di sicurezza per risolvere una vulnerabilità con gravità “alta” che interessa la sandbox del parser ejson di MongoDB Compass, applicazione grafica per l’interazione con il database MongoDB. Tale vulnerabilità potrebbe essere sfruttata per eseguire codice arbitrario nel contesto dell’applicazione. Source…
With PAN-OS 9.0 (quite some time ago), Palo Alto Networks has added Dynamic DNS for a firewall’s interfaces. That is: If your Internet-facing WAN interface gets a dynamic IP address via DHCP or PPPoE (rather than statically configured), the firewall updates this IP address to…
Juniper Networks released a security bulletin to address a vulnerability in Junos OS: SRX Series. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. Users and administrators are encouraged to review the following and apply the necessary updates: JSA83195 Juniper Security…
