Feed – Page 31 – TIFeeds

RSA Announces the February 2021 Release of RSA SecurID Access

February 23, 2021February 23, 2021

Summary: The February 2021 release of the Cloud Authentication Service contains the following features. Configured SAML applications can assign entitlements dynamically based on the business context, such as the user role, as … Read more

SonicWall Releases Second Set of February Firmware Patches

February 25, 2021February 23, 2021

Network security firm SonicWall today released a new set of firmware … firm warned that a remote attacker could exploit a vulnerability in versions of …

Microsoft Internal Solorigate Investigation – Final Update

February 13, 2023February 17, 2021

Source: https://msrc-blog.microsoft.com/blog/2021/02/microsoft-internal-solorigate-investigation-final-update/ We believe the Solorigate incident is an opportunity to work with the community, to share information, strengthen defenses and respond to attacks. We have now completed our internal investigation into … Read more

CVE-2020-2042 PAN-OS: Buffer overflow in the management web interface (Severity: HIGH)

February 11, 2021February 11, 2021

CVE-2020-2044 PAN-OS: Passwords may be logged in clear text while storing operational command (op command) history (Severity: LOW)

February 11, 2021February 11, 2021

CVE-2020-2043 PAN-OS: Passwords may be logged in clear text when using after-change-detail custom syslog field for config logs (Severity: LOW)

February 11, 2021February 11, 2021

CVE-2020-2040 PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled (Severity: CRITICAL)

February 11, 2021February 11, 2021

CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation (Severity: HIGH)

February 11, 2021February 11, 2021

CVE-2020-2048 PAN-OS: System proxy passwords may be logged in clear text while viewing system state (Severity: LOW)

February 11, 2021February 11, 2021

CVE-2020-2022 PAN-OS: Panorama session disclosure during context switch into managed device (Severity: HIGH)

February 11, 2021February 11, 2021

CVE-2020-2000 PAN-OS: OS command injection and memory corruption vulnerability (Severity: HIGH)

February 11, 2021February 11, 2021

CVE-2020-1999 PAN-OS: Threat signatures are evaded by specifically crafted packets (Severity: MEDIUM)

February 11, 2021February 11, 2021

CVE-2020-2050 PAN-OS: Authentication bypass vulnerability in GlobalProtect client certificate verification (Severity: HIGH)

February 11, 2021February 11, 2021

CVE-2020-2020 Cortex XDR Agent: Exceptional condition denial-of-service (DoS) (Severity: MEDIUM)

February 11, 2021February 11, 2021

CVE-2020-2049 Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation (Severity: HIGH)

February 11, 2021February 11, 2021

PAN-SA-2020-0011 Informational: Impact of OpenSSL vulnerability CVE-2020-1971 (Severity: NONE)

February 11, 2021February 11, 2021

CVE-2020-2036 PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface (Severity: HIGH)

February 11, 2021February 11, 2021

TCP/IP に影響を与える脆弱性情報に関する注意喚起

February 13, 2023February 10, 2021

Source: https://msrc-blog.microsoft.com/blog/2021/02/20210212_tcpip/ 「Multiple Security Updates Affecting TCP/IP: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086」の日本語抄訳です。 2021 年 2 月 9 日 (日本時

Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)

February 11, 2021February 10, 2021

Source: https://us-cert.cisa.gov/ncas/current-activity/2021/02/10/microsoft-launches-phase-2-mitigation-netlogon-remote-code Original release date: February 10, 2021 Microsoft addressed a critical remote code execution vulnerability affecting the Netlogon protocol (CVE-2020-1472) on August 11, 2020. Beginning with the February 9, 2021 Security … Read more

CVE-2020-2039 PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload (Severity: MEDIUM)

February 11, 2021February 10, 2021