Fortinet
- 19 janvier 2021Realize 100% ROI in Five Years or Sooner with Fortinet Secure SD-WAN
Learn how your organization can realize 100% SD-WAN ROI in five years or sooner with Secure SD-WAN. … - 15 janvier 2021Providing Differentiated Managed Service Offerings with FortiSOAR
With FortiSOAR, MSSPs are able to differentiate their service offerings and take advantage of the growing SOAR market. Learn how. … - 14 janvier 2021Fortinet Extends Integration with VMware through Support for NSX-T Data Center 3.1 Release
FortiGate-VM now interoperates and integrates with VMware’s NSX-T Data Center 3.1 release. Learn more about this. … - 13 janvier 2021What Makes SD-WAN More Than Just a Branch Solution?
Modern SD-WAN solutions are more than just branch solutions, securely and rapidly connecting home users and branch offices to data centers and distributed cloud environments. Learn how. … - 12 janvier 2021New Variant of Ursnif Continuously Targeting Italy
The FortiGuard Labs team detected a phishing campaign in the wild that was spreading a fresh variant of the Ursnif banking Trojan via an attached MS Word document that is continuously targeting Italy. Learn more. … - 12 janvier 2021Ensuring Cybersecurity in a Shifting Technological Landscape
Fortinet’s CISO answers some pertinent questions about cybersecurity in the current and future technological landscape as remote work becomes the new norm. Learn more. … - 11 janvier 2021Understanding the Security Implications of the Hybrid Workforce
IT teams must adjust strategies to manage hybrid workforces at scale. Explore key considerations for managing and securing hybrid workforces. … - 8 janvier 20212021 Cybersecurity Predictions for CISOs Across Industries
Fortinet CISOs share their 2021 cybersecurity predictions for the federal, retail, financial services and healthcare sectors. Read now. … - 7 janvier 2021Fortinet Expands FortiCASB Offering to Support New Cloud Applications
Fortinet expands its FortiCASB offering to support new cloud applications and provide visibility, compliance, data security, and threat protection for cloud-based services. Learn more. … - 6 janvier 2021Fortinet Will Continue Offering Free Cybersecurity Training Courses to Close Industry’s Skills Gap
Fortinet extends its free cybersecurity training, self-paced NSE courses to further build industry’s workforce. Learn more. …
Aruba
- 12 janvier 2021AirWave Glass Multiple Vulnerabilities
Aruba has released updates to Airwave Glass that address multiple security vulnerabilities.
The post AirWave Glass Multiple Vulnerabilities first appeared on Aruba.
- 8 décembre 2020ArubaOS Multiple Vulnerabilities
Aruba has released patches for ArubaOS that address multiple security vulnerabilities.
The post ArubaOS Multiple Vulnerabilities first appeared on Aruba.
- 20 octobre 2020AirWave Glass Multiple Vulnerabilities
Aruba has released updates to Airwave Glass that address multiple security vulnerabilities.
The post AirWave Glass Multiple Vulnerabilities first appeared on Aruba.
- 15 septembre 2020TCP SACK PANIC – Kernel vulnerabilities
Aruba has released updates to products affected by Linux Kernel vulnerabilities known as TCP SACK PANIC. Successful exploitation of the most severe of these vulnerabilities could allow a remote attacker to trigger a kernel panic and impact the system availability.The post TCP SACK PANIC – Kernel vulnerabilities first appeared on Aruba. … - 15 septembre 2020Multiple Memory Corruption Vulnerabilities for Aruba CX Switches
Four memory corruption vulnerabilities in the Aruba CX Switches have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of both LLDP (Link Layer Discovery Protocol) and CDP (Cisco Discovery Protocol) processes in the switch.The post Multiple Memory Corruption Vulnerabilities for Aruba CX Switches first appeared on Aruba. … - 1 septembre 2020Authenticated arbitrary file modification vulnerability in Analytics and Location Engine (ALE)
Aruba has released an update to Analytics and Location Engine (ALE) that addresses a high severity vulnerability in the Web Management Interface of this product.The post Authenticated arbitrary file modification vulnerability in Analytics and Location Engine (ALE) first appeared on Aruba. … - 25 août 2020Multiple vulnerabilities in Web Management Interface for Aruba Intelligent Edge Switches
Two vulnerabilities in the Aruba Intelligent Edge Switches web management interface have been found. Successful exploitation of these vulnerabilities could result in unauthorized administrative access to the switch.The post Multiple vulnerabilities in Web Management Interface for Aruba Intelligent Edge Switches first appeared on Aruba. … - 23 juin 2020“Ripple20” Multiple Vulnerabilities affecting the Treck TCP/ IP stack
A collection of vulnerabilities known as “Ripple20” affect the Treck TCP/IP stack implementation. Successful exploitation of these vulnerabilities could result in denial of service, information disclosure or remote code execution. This is a preliminary advisory based on initial investigation; it will be updated as new information becomes known. Aruba has not yet performed a complete an … - 2 juin 2020ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba.
- 14 avril 2020ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba.
Cisco
- 20 janvier 2021Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability
A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafte … - 20 janvier 2021Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the Universal Plug and Play (UPnP) service and the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow a remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has not … - 19 janvier 2021Multiple Vulnerabilities in dnsmasq DNS Forwarder Affecting Cisco Products: January 2021
A set of previously unknown vulnerabilities in the DNS forwarder implementation of dnsmasq were disclosed on January 19, 2021. The vulnerabilities are collectively known as DNSpooq. Exploitation of these vulnerabilities could result in remote code execution or denial of service (DoS), or may allow an attacker to more easily forge DNS answers that can poison DNS caches, depending on the specific vu … - 14 janvier 2021Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabi … - 14 janvier 2021Cisco AnyConnect Secure Mobility Client for Windows DLL Injection Vulnerability
A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are lo … - 14 janvier 2021Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability
A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the local … - 14 janvier 2021Cisco Webex Teams Shared File Manipulation Vulnerability
A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file within the application interface. A successful exploit could allow the attacker to modify how the share … - 14 janvier 2021Cisco Webex Meetings Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerabilit … - 14 janvier 2021Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex … - 14 janvier 2021Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulne …
Google Online Security Blog