Name That Toon: Something Seems Afoul

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2021-27891
PUBLISHED: 2021-03-15

SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected.

CVE-2021-27892
PUBLISHED: 2021-03-15

SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected.

CVE-2021-27893
PUBLISHED: 2021-03-15

SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected.

CVE-2021-26923
PUBLISHED: 2021-03-15

An issue was discovered in Argo CD before 1.8.4. Accessing the endpoint /api/version leaks internal information for the system, and this endpoint is not protected with authentication.

CVE-2021-26924
PUBLISHED: 2021-03-15

An issue was discovered in Argo CD before 1.8.4. Browser XSS protection is not activated due to the missing XSS protection header.

Source

Next Post

Vulnerability Summary for the Week of March 8, 2021

Mon Mar 15 , 2021
microsoft — windows Windows App-V Overlay Filter Elevation of Privilege Vulnerability 2021-03-11 not yet calculated CVE-2021-26860MISC adobe — animate Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the […]