Was dies genau bedeutet und wie man es verhindert mit Updates oder Alternative #API's gibt muss ich mir noch ansehen.
»Fluent Bit – Schwere Sicherheitslücke bei vielen #Cloud-Anbietern entdeckt:
Das #OpenSource-Programm #FluentBit wird unter anderem von allen großen Cloud-Anbietern wie #AWS und #Google genutzt. Bei der #Protokoll-#Software wurde jetzt eine kritische #Schwachstelle entdeckt, die mehrere Angriffe (#DoS) erlaubt. Ein #Update wird dringend empfohlen.«
Was fiddling with email from my health insurance company that came "secure" via #Cisco secure email of some sort. I followed all the instructions and could not get it to open. Finally, tried Chrome and it worked. So the problem appeared to be some compatibility w Cisco's system of encryption/authentication and #Firefox. I googled it, and found this: https://www.cisco.com/c/en/us/td/docs/security/email_encryption/CRES/recipient_guide/b_Recipient/b_Recipient_chapter_0101.pdf
Scroll down and you'll find that in order to use the thing, you have to turn on cross site scripting.
@AAKL@thehackernews
Up to now I thought that this was the standard procedure? If I look at #Chrome or #Cisco (to name just two) it seems true for me.
SCNR
A critical vulnerability, identified as CVE-2024-20356, has been found in Cisco's Integrated Management Controller (IMC). This flaw allows for command injection, potentially giving attackers the ability to gain root access to systems. The vulnerability is located in the web-based management interface of the IMC, which is used for remotely managing Cisco hardware. The issue arises from insufficient user input validation in the IMC interface, allowing an authenticated, remote attacker with administrative privileges to inject malicious commands.
Security researchers from Nettitude have developed a Proof of Concept (PoC) exploit, named "CISCown," to demonstrate this vulnerability. The exploit involves sending crafted commands through the web interface, enabling attackers to execute arbitrary code with root privileges on the underlying operating system of Cisco hardware. This PoC exploit is part of a toolkit developed by Nettitude and is available on GitHub. It uses parameters such as target IP, username, and password to automate the exploitation process and deploy a telnetd root shell service on compromised devices.
The release of this PoC exploit signifies a critical threat level for organizations using affected Cisco products. Gaining root access can lead to data theft, system downtime, and further network compromise. Cisco has responded by releasing software updates to address this vulnerability. It is strongly recommended that all affected organizations apply these updates immediately, as no known workaround mitigates this vulnerability.
The affected products include a range of Cisco servers and computing systems, such as the 5000 Series Enterprise Network Compute Systems (ENCS), Catalyst 8300 Series Edge uCPE, UCS C-Series M5, M6, and M7 Rack Servers in standalone mode, UCS E-Series Servers, and UCS S-Series Storage Servers. Users and administrators are advised to visit Cisco’s official security advisory page and the Nettitude GitHub repository hosting the exploitation toolkit for more detailed information and access to the updates.