Latest Security News about vulnerability in the rest api

Contact US For API Security>

Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1

Overview : Cross site scripting vulnerability in McAfee Network Security Management (NSM) Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors. McAfee Security Bulletin - Network Security Manager/Network Security Platform/Network Threat Behavior Analysis update fixes multiple vulnerabilities (CVE-2013-4559, CVE-2015-3200, CVE-2016-2183, CVE-2020-7256, CVE-2020-7258) Security Bulletins ID:   SB10310 Last Modified:  3/17/2020 [...]
Contact US For API Security>

API Security Web Application Firewall

How can you secure your Exposed services without installing the patch by the vendor? Have a look at the use case below about recent security updates by router giant cisco. Recently 12 severe security vulnerabilities and Patches issued by Cisco. Among those three of them are critical authentication bypass issues. Now lets drill deep down, CVE-2019-15975, […]

Contact US For API Security>

The vulnerability is addressed in the 2018.1, 2018.2 versions of CloudVision Portal

Overview : In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI. Affected […]

Contact US For API Security>

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71

Overview : Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to alter the application’s allowable list of OS [...]