Posts tagged Vulnerability Disclosure

33 min Vulnerability Disclosure

Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)

In early 2023, Rapid7 discovered several vulnerabilities in Rocket Software UniData UniRPC. We worked with the company to fix issues and coordinate this disclosure.

7 min Vulnerability Disclosure

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.

4 min Vulnerability Disclosure

Microsoft Defender for Cloud Management Port Exposure Confusion

Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.

13 min Vulnerability Disclosure

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)

Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.

5 min Vulnerability Disclosure

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

Rapid7 found an additional vulnerability in the appliance-mode REST interface. We reported it to F5 and are now disclosing it in accordance with our vulnerability disclosure policy.

5 min Vulnerability Disclosure

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

Rapid7 has updated its coordinated vulnerability disclosure (CVD) policy and philosophy. In this article, you'll learn what prompted the changes.

4 min Vulnerability Disclosure

Cengage LTI Session Management Leakage

Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration (LTI) pipeline.

3 min Vulnerability Disclosure

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.

12 min Vulnerability Disclosure

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Rapid7 discovered several vulnerabilities and exposures in specific F5 BIG-IP and BIG-IQ devices in August 2022. Since then, members of our research team have worked with the vendor to discuss impact, resolution, and a coordinated response.

8 min Vulnerability Disclosure

FLEXlm and Citrix ADM Denial of Service Vulnerability

Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and not CVE-2022-27511, which has a different root cause. On June 27, 2022, Citrix released an advisory [https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512] for CVE-2022-27511 [https://nvd.nist.gov/vuln/detail/CVE-2022-27511] and CVE-2022-27512 [https://nvd.nist.gov/vuln/detail/CVE-2022-27512], which affect Citrix ADM (Application Del

7 min Vulnerability Disclosure

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.

21 min Vulnerability Disclosure

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.

5 min Vulnerability Disclosure

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.

9 min Vulnerability Disclosure

QNAP Poisoned XML Command Injection (Silently Patched)

In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.

8 min Vulnerability Disclosure

Primary Arms PII Disclosure via IDOR (FIXED)

Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.