CISA Adds Two Known Exploited Vulnerabilities to Catalog 08/22/2023 08:00 AM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors… Continue reading CISA Adds Two Known Exploited Vulnerabilities to Catalog
Tag: authentication
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog 08/22/2023 08:00 AM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors… Continue reading CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog 08/22/2023 12:40 PM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors… Continue reading CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog 08/22/2023 12:40 PM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors… Continue reading CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1
CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1 06/28/2022 02:51 PM EDT Original release date: June 28, 2022 CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication (“Modern Auth”) before Microsoft begins permanently disabling Basic Auth on October 1, 2022.… Continue reading CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1
CISA Temporarily Removes CVE26925 from Known Exploited Vulnerability Catalog
CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog 05/13/2022 08:20 PM EDT Original release date: May 13, 2022 CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup… Continue reading CISA Temporarily Removes CVE26925 from Known Exploited Vulnerability Catalog
GoCD Authentication Vulnerability
GoCD Authentication Vulnerability 10/29/2021 10:05 AM EDT Original release date: October 29, 2021 GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users… Continue reading GoCD Authentication Vulnerability