Tufin: How to Make Better Sense of the Cloud Security Equation

Tufin: How to Make Better Sense of the Cloud Security Equation
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database CVE-2019-18238PUBLISHED: 2020-02-26

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik 2500 series firmware, Version 3.0 or lower IOxpress configuration utility, Version 2.3.0 or lower. Sensitive information is stored in configuration files without encryption, which may allow an attacker to a...

CVE-2019-17274PUBLISHED: 2020-02-26

NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.

CVE-2019-17275PUBLISHED: 2020-02-26

OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.

CVE-2020-3169PUBLISHED: 2020-02-26

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a spe...

CVE-2020-3170PUBLISHED: 2020-02-26

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. ..