CVE-2021-1541
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to
CVE-2020-35761
bloofoxCMS 0.5.2.1 is infected with XSS that allows remote attackers to execute arbitrary JS/HTML Code. (CVSS:0.0) (Last Update:2021-06-16)
CVE-2021-21668
Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable
CVE-2021-21667
Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored
CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It’s possible to collect various information by having an e-mail
CVE-2021-1571
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to
Apache PDFbox up to 2.0.23 PDF File infinite loop [CVE-2021-31812]
A vulnerability, which was classified as problematic, was found in Apache PDFbox up to 2.0.23. This affects some unknown processing
EMQ X Broker up to 4.2.7 memory allocation [CVE-2021-33175]
A vulnerability classified as problematic has been found in EMQ X Broker up to 4.2.7. Affected is an unknown code.
Microsoft Edge Remote Code Execution [CVE-2021-33741]
A vulnerability has been found in Microsoft Edge (Web Browser) (affected version unknown) and classified as critical. Applying a patch
Common Vulnerabilities and Exposures Countermeasures: Patch Exploit: No Local: No Product: .NET Remote: Yes Risk: problematic Vendor: Microsoft
Microsoft .NET 3.1/5.0 denial of service [CVE-2021-31957]
A vulnerability was found in Microsoft .NET 3.1/5.0. It has been classified as problematic. Affected is an unknown code block.
Microsoft Paint 3D Remote Code Execution [CVE-2021-31945]
A vulnerability has been found in Microsoft Paint 3D (affected version unknown) and classified as critical. As an impact, it is known
Microsoft Paint 3D Remote Code Execution [CVE-2021-31946]
A vulnerability was found in Microsoft Paint 3D (affected version not known) and classified as critical. Impacted is confidentiality, integrity, and availability.
Cisco Finesse and Cisco Virtualized Voice Browser OpenSocial Gadget Editor Vulnerabilities
The vulnerabilities are dependent on one another; exploitation of one of the vulnerabilities is required to exploit the other vulnerability.
Details about the vulnerabilities are as follows:
Cisco Finesse and Cisco Virtualized Voice Browser OpenSocial Gadget Editor Unauthenticated Access Vulnerability
A vulnerability in the web management interface of Cisco Finesse and Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to access the OpenSocial Gadget Editor without providing valid user credentials.
The vulnerability is due to missing authentication for a specific section of the web-based management interface. An attacker could exploit this vulnerability by accessing a crafted URL. A successful exploit could allow the attacker to obtain access to a section of the interface, which they could use to obtain potentially confidential information and create arbitrary XML files.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE ID: CVE-2021-1246Bug ID(s): CSCvs52916, CSCvw27957Security Impact Rating (SIR): MediumCVSS Base Score: 6.5CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE ID: CVE-2021-1245Bug ID(s): CSCvs52916Security Impact Rating (SIR): MediumCVSS Base Score: 6.1CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Symantec Endpoint Protection Manager 11/12 SAP XML Parser xml external entity reference
A vulnerability classified as critical has been found in Symantec Endpoint Protection Manager 11/12 (Anti-Malware Software). This affects an unknown
CVE-2021-20293
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it
Threats to Containers
Understanding the container security areas that need to be focused on and particular control recommendations helps to understand which threat
Container Runtime Protection
Runtime Security in Kubernetes deployment might be policed based on a pod-by-pod. A pod is a group of containers that
Make in India WAF
Make in India WAF Empowering Web Security with ‘Make in India’ Pride Prophaze navigates the complexities of the digital age,
Secure Your Website in 15 Minutes
[vc_row css=”.vc_custom_1619107488485{padding-top: 20px !important;padding-bottom: 5px !important;background-color: #1e73be !important;}”][vc_column][vc_row_inner][vc_column_inner][vc_column_text][/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row css=”.vc_custom_1618908097174{background-color: #11213d !important;}”][vc_column][vc_column_text css_animation=”none” css=”.vc_custom_1618819492860{margin-top: px !important;padding-top: 30px !important;padding-right: 20px !important;padding-bottom: 30px
Prophaze WAF
[vc_row css=”.vc_custom_1619107488485{padding-top: 20px !important;padding-bottom: 5px !important;background-color: #1e73be !important;}”][vc_column][vc_row_inner][vc_column_inner][vc_column_text][/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row css=”.vc_custom_1618908097174{background-color: #11213d !important;}”][vc_column][vc_column_text css_animation=”none” css=”.vc_custom_1618819492860{margin-top: px !important;padding-top: 30px !important;padding-right: 20px !important;padding-bottom: 30px
Prophaze Bot Mitigation
[vc_row css=”.vc_custom_1619107488485{padding-top: 20px !important;padding-bottom: 5px !important;background-color: #1e73be !important;}”][vc_column][vc_row_inner][vc_column_inner][vc_column_text][/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row css=”.vc_custom_1618908097174{background-color: #11213d !important;}”][vc_column][vc_column_text css_animation=”none” css=”.vc_custom_1620823459347{margin-top: px !important;padding-top: 30px !important;padding-right: 20px !important;padding-bottom: 30px
Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities
The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.Details about the vulnerabilities are as follows.
Cisco AnyConnect Secure Mobility Client for Windows Uninstall Executable Hijacking Vulnerability
A vulnerability in the uninstall process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device.
This vulnerability exists because a temporary file with insecure permissions is created during the uninstall process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvv43102, CSCvv60844CVE ID(s): CVE-2021-1426Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Cisco AnyConnect Secure Mobility Client for Windows Upgrade DLL Hijacking Vulnerabilities
Two vulnerabilities in the upgrade process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device.
These vulnerabilities exist because the application loads a DLL file from a user-writable directory. An attacker could exploit these vulnerabilities by copying a malicious DLL file to a specific directory. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Bug ID(s): CSCvw16996, CSCvw17005CVE ID(s): CVE-2021-1427, CVE-2021-1428Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Cisco AnyConnect Secure Mobility Client for Windows Upgrade Executable Hijacking Vulnerability
A vulnerability in the install process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device.
This vulnerability exists because a temporary file with insecure permissions is created during the upgrade process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvw18527CVE ID(s): CVE-2021-1429Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Cisco AnyConnect Secure Mobility Client for Windows Upgrade DLL Hijacking Vulnerability
A vulnerability in the upgrade process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device.
This vulnerability exists because a temporary file with insecure permissions is created during the upgrade process. An attacker could exploit this vulnerability by overwriting the temporary file before it is accessed for execution. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvw18595CVE ID(s): CVE-2021-1430Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Cisco AnyConnect Secure Mobility Client for Windows Install Executable Hijacking Vulnerability
A vulnerability in the install process of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform an executable hijacking attack on an affected device.
This vulnerability exists because the application loads an executable file from a user-writable directory. An attacker could exploit this vulnerability by copying a malicious executable file to a specific directory, which would be executed when the application is installed or upgraded. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu77671CVE ID(s): CVE-2021-1496Security Impact Rating (SIR): HighCVSS Base Score: 7.0CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Cisco SD-WAN vManage Software Vulnerabilities
The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities.Several of the vulnerabilities below only impact Cisco SD-WAN vManage Software that is operating in a cluster. Customers can verify whether the software is operating in cluster mode by checking the Cisco SD-WAN vManage web-based management interface Administration > Cluster Management view. Customers should also refer to the Cisco SD-WAN Getting Started Guide chapter on Cluster Management.
Details about the vulnerabilities are as follows:
CVE-2021-1468: Cisco SD-WAN vManage Cluster Mode Unauthorized Message Processing Vulnerability
A vulnerability in a messaging service of Cisco SD-WAN vManage Software when operating in cluster mode could allow an unauthenticated, remote attacker to send unauthorized messages to the vulnerable application.
This vulnerability is due to improper authentication checks on user-supplied input to an application messaging service. An attacker could exploit this vulnerability by submitting crafted input to the service. A successful exploit could allow the attacker to call privileged actions within the affected system, including creating new administrative level user accounts.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu28454CVE ID: CVE-2021-1468Security Impact Rating (SIR): CriticalCVSS Base Score: 9.8CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-1505: Cisco SD-WAN vManage Cluster Mode Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to bypass authorization checking and gain elevated privileges within an affected system.
This vulnerability exists because the affected software does not perform authorization checks on certain operations. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain elevated privileges within the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu28390CVE ID: CVE-2021-1505Security Impact Rating (SIR): CriticalCVSS Base Score: 9.1CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-1508: Cisco SD-WAN vManage Cluster Mode Unauthorized Access Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to bypass authorization checking and make application modifications that could allow the attacker to gain elevated privileges within an affected system. This vulnerability exists because the affected software does not perform authorization checks on certain operations. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain elevated privileges within the affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE ID: CVE-2021-1508
Security Impact Rating (SIR): High
CVSS Base Score: 8.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2021-1275: Cisco SD-WAN vManage Denial of Service Vulnerability
A vulnerability in an API of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected system.
The vulnerability is due to insufficient handling of API requests to the affected system. An attacker could exploit this vulnerability by sending a large amount of API requests to the affected system. A successful exploit could allow the attacker to cause a DoS condition on the affected system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvv67264CVE ID: CVE-2021-1275Security Impact Rating (SIR): HighCVSS Base Score: 7.5CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-1506: Cisco SD-WAN vManage Cluster Mode Unauthorized Services Access Vulnerability
A vulnerability in a service of Cisco SD-WAN vManage Software when operating in cluster mode could allow an authenticated, remote attacker to gain unauthorized access to services within an affected system. This vulnerability exists because the affected software does not perform authorization checks on service access. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to bypass authorization checks and gain unauthorized access to services within the affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvu28402CVE ID: CVE-2021-1506Security Impact Rating (SIR): HighCVSS Base Score: 7.2CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Solutions
By Industry E-Commerce Prophaze WAF also monitors each request the application receives and the corresponding response of the application along