Fabriquants

Retour à Sécurité

Fortinet

    • Security-Driven Networking, SD-WAN, and the New Edge: A Q&A with John Maddison 18 juin 2019
      Fortinet’s John Maddison, recently sat down for a conversation with Dan Woods from Early Adopter Research to discuss issues CISOs face regarding securing the distributed networks and edges of today. Read this summary of the interview to learn more about securing SD-WAN, the new edge, and security-driven networking. …

    • Analysis of a New HawkEye Variant 18 juin 2019
      FortiGuard Labs recently identified a new variant of HawkEye malware being spread by a phishing email. Read more about the analysis here.

    • SD-Branch — Extending Security into the Next-Gen Branch Network 17 juin 2019
      As organizations look to enable their remote branches and locations with all of the power and potential of digital transformation, they are finding that they need to rethink their entire WAN strategy. Learn how Fortinet’s Secure SD-Branch solution offers simplicity, visibility, and industry leading security to improve the WAN experience for branch users. …

    • Big Data Made Small 13 juin 2019
      Prosiak 65 is a malware that was first seen almost 20 years ago. As with many older malware, it continues to be in circulation. While the overall prevalence of Prosiak 65 has declined across locations, we have and continue to see repeated activity – our research offers more information on the malware. …

    • 5 Must-Haves for Effectively Securing Azure 11 juin 2019
      Learn more about how Fortinet’s cloud security solutions for Microsoft Azure offer a broad set of tools to protect against advanced threats, the ability to integrate cloud controls with on-premises security solutions, and seamless integration and functionality.

Aruba

Cisco

    • Cisco Integrated Management Controller CLI Command Injection Vulnerability 19 juin 2019
      A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could exploit this vulnerability by authenticating with the administrator password via the CLI of an affect …

    • Cisco Wide Area Application Services Software HTTPS Proxy Authentication Bypass Vulnerability 19 juin 2019
      A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exploit this vulnerability by sending a malicious HTTPS CONNECT message to the Central Manager. A …

    • Cisco TelePresence Endpoint Command Shell Injection Vulnerability 19 juin 2019
      A vulnerability in the Cisco Discovery Protocol (CDP) implementation for the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, adjacent attacker to inject arbitrary shell commands that are executed by the device. The vulnerability is due to insufficient input validation of received CDP packets. An attacker could exploit this vulnerability by sen …

    • Cisco StarOS Denial of Service Vulnerability 19 juin 2019
      A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploi …

    • Cisco SD-WAN Solution Privilege Escalation Vulnerability 19 juin 2019
      A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device. The vulnerability is due to a failure to properly authorize certain user actions in the device configuration. An attacker could exploit this vulnerability by logging in to the vManage Web UI and sending crafted HT …

    • Cisco SD-WAN Solution Privilege Escalation Vulnerability 19 juin 2019
      A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the targeted device and executing commands that could lead to elevated privileges. A successful …

    • Cisco SD-WAN Solution Command Injection Vulnerability 19 juin 2019
      A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the vManage Web UI. A successful ex …

    • Cisco RV110W, RV130W, and RV215W Routers Management Interface Denial of Service Vulnerability 19 juin 2019
      A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-s …

    • Cisco RV110W, RV130W, and RV215W Routers Information Disclosure Vulnerability 19 juin 2019
      A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router. There are no w …

    • Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability 19 juin 2019
      A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attac …

Google Online Security Blog