article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. The problem: CVE-2024-22245 and CVE-2024-22250 put Windows domains vulnerable to authentication relay and session hijack attacks.

Risk 104
article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 79
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. OpenFire vulnerability persists Open-source chat server OpenFire has been affected by an authentication bypass vulnerability (CVE-2023-32315) since May.

VPN 64
article thumbnail

How to Perform a Vulnerability Scan in 10 Steps

eSecurity Planet

Vulnerability scans play a vital role in identifying weaknesses within systems and networks, reducing risks, and bolstering an organization’s security defenses. Performing a complete scan with authentication, which entails giving valid login credentials, may increase the number of CVE findings identified.

article thumbnail

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN 103
article thumbnail

What Is VLAN Tagging? Definition & Best Practices

eSecurity Planet

User Authentication: In addition to checking VLAN IDs to ensure they match and are approved for that particular VLAN, many other user authentication methods are typically used to ensure devices and users are approved for that VLAN. Trunk: The trunk port forwards and facilitates VLAN-to-VLAN communication across multiple VLANs.