The Telegram channel and website Deep State uses public data and insider intelligence to power its live tracker of Ukraine’s ever-shifting front line. Read More
IBM QRadar SIEM Bug Let Remote Attacker Trigger DoS
Multiple vulnerabilities have been found in IBM QRadar Wincollect, which were associated with denial of service that could allow a threat actor to disrupt the service from usage. These vulnerabilities were assigned with CVEs CVE-2023-38039, CVE-2023-1255, and CVE-2022-25883.
IBM has released security patches for fixing these vulnerabilities, along with a security advisory. Furthermore, users are urged to patch them.
CVE-2022-25883: Denial of Service in Node.js semver package
This vulnerability is associated with the Node.js semver package which is due to a regular expression denial-of-service (ReDoS) flaw in the new range function. A threat actor could use a specially crafted regex input to exploit this vulnerability. The severity for this vulnerability has been given as 5.3 (Medium).
CVE-2023-1255: Denial of Service in OpenSSL
This vulnerability is present in the OpenSSL due to a flaw in the implementation of AES-XTS cipher decryption for 64-bit ARM platforms. A threat actor could send a specially crafted request that could result in crashing the application. The severity for this vulnerability has been given as 3.7 (Low)
In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway
CVE-2023-38039: Denial of Service in cURL libcurl
This vulnerability exists in the cURL libcurl library due to insufficient limitation of the number and size of headers accepted in a response. A threat actor could send a specially crafted request, which could exhaust the heap memory and result in a denial of service condition. The severity of this vulnerability has been given as 7.5 (High).
A complete report has been published by IBM, providing detailed information on these and many other vulnerabilities.
Cisco SD-WAN vManage impacted by unauthenticated REST API access
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance. […] Read More
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
[[{“value”:”A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments.
Cisco Talos, which dubbed the activity ArcaneDoor, attributing it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft).
"”}]] Read More
The Hacker News | #1 Trusted Cybersecurity News Site