Fabriquants

Retour à Sécurité

Fortinet

    • 9 juin 2021Cloud Security 2021: Latest Trends and Insights
      With securing the cloud top of mind for security leaders, Fortinet and Cybersecurity Insiders decided to ask cybersecurity professionals in industries around the world for their insights and challenges. Read the 2021 Cloud Security Report. …

    • 3 juin 2021Commemorating 50 Years of Email and How to Keep Your Email Secure
      The inception of email kickstarted an unprecedented expansion of communications across the globe and 2021 marks its 50th anniversary. Learn more about the evolution of email and how Fortinet’s FortiMail helps organizations guard against email-based cyberthreats. …

    • 3 juin 2021Security Is Key for the Success of 5G
      The benefits of 5G far outweigh its potential risks—but only when security is an integrated part of the process and solution. Learn how organizations can confidently distribute 5G services from the core of their network out to its furthest reaches, while developing and deploying critical digital innovation. …

Aruba

Cisco

    • 9 juin 2021Cisco Finesse and Cisco Virtualized Voice Browser OpenSocial Gadget Editor Vulnerabilities
      Multiple vulnerabilities in the web-based management interface of Cisco Finesse and Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack and obtain potentially confidential information by leveraging a flaw in the authentication mechanism. For more information about these vulnerabilities, see the Details section of …

    • 9 juin 2021Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021
      On June 1, 2021, Lasso disclosed a security vulnerability in the Lasso Security Assertion Markup Language (SAML) Single Sign-On (SSO) library. This vulnerability could allow an authenticated attacker to impersonate another authorized user when interacting with an application. For a description of this vulnerability, see lasso.git NEWS. This advisory will be updated as additional information become …

    • 8 juin 2021Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
      A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker cou …

    • 2 juin 2021Cisco Common Services Platform Collector Command Injection Vulnerability
      A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. This vulnerability is due to insufficient sanitization of configuration entries. An attacker could exploit this vulnerability by logging in as a super admin and entering crafted input to configuration options on the CSPC con …

    • 2 juin 2021Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability
      A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit this vulnerability by persuading a user to follow a specially crafted URL that is designed to cause Cisco We …

    • 2 juin 2021Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability
      A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in either Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could expl …

    • 2 juin 2021Cisco Webex Player Memory Corruption Vulnerability
      A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insufficient validation of values in Webex recording files that are stored in Webex Recording Format (WRF). An attacker could exploit this vu …

    • 2 juin 2021Cisco Webex Player Memory Corruption Vulnerability
      A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious WRF file through a link or email attachment and persuadin …

    • 2 juin 2021Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability
      A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex recording files formatted as either Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could …

Google Online Security Blog