Skip to main content

CND News and Blog

New Vulnerabilities Friday 24 March


New Alerts for ManageEngine, ProPump & Controls, SAUTER, IBM, Xerox, Tenable, and Linux.

ManageEngine 

ManageEngine ADSelfService Plus pertains to an OTP–brute-force issue in the Password Sync Agent that could affect integrated third-party applications. Attackers could exploit this vulnerability using specialized, highly sophisticated machines to reset passwords and take control over integrated third-party applications. This is rated High.
More info.

ProPump & Controls 

Osprey Pump Controller contains several vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, retrieve sensitive information, modify data, cause a denial-of-service, and/or gain administrative control. Highest CVSSv3 score of 9.8
No response from ProPump and Controls.
More info.

SAUTER 

SAUTER EY-modulo 5 Building Automation Stations contains multiple vulnerabilities. Successful exploitation of these vulnerabilities could lead to privilege escalation, unauthorized execution of actions, a DoS, or retrieval of sensitive information. Highest CVSSv3 score of 8.8
No patch will be available because encryption is not supported.
More info.

IBM 

Spectrum Protect Plus contains security vulnerabilities in third-party software included in the product. Highest CVSSv3 score of 10
More info.

Xerox 

Xerox has updated third-party software in several of their Print Server products.
More info.

Tenable 

Tenable.sc has been updated with fixes for multiple vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.

Linux 
Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, 23 April 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/