登录查看更多内容

ApiSec: The week of Dec'20 2021

Ivan Novikov

CEO @ Wallarm | Leading API Security Solution for Enterprises

发布日期: 2021年12月24日

Podman API authentication vulnerability

A flaw was found in podman. The?podman machine?function (used to create and manage Podman virtual machine containing a Podman process) spawns a?gvproxy?process on the host system. The?gvproxy?API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host’s firewall, an attacker can potentially use the?gvproxy?API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host’s services by forwarding all ports to the VM. Source: https://github.com/containers/podman/releases/tag/v3.4.3

SonicWall SMA100 API authentication vulnerability

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability affected 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions. Source: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0030

CISO Series 7 个月前

Telerik breaches Government, Critical Outlook bug…

CISO Series 1 年前

Do you need "Supply Chain Security" or SBOM?

Pramod Gosavi 2 年前

mySCADA myPRO API Remote Code Injection

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. Source: https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-01

Dalmark Systems Systeam API authentication bypass by temporary JWT token

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. A broken access control vulnerability has been found while using a temporary generated token in order to consume api resources. The vulnerability allows an unauthenticated attacker to use an api endpoint to generate a temporary JWT token that is designed to reference the correct tenant prior to authentication, to request system configuration parameters using direct api requests. The correct exploitation of this vulnerability causes sensitive information exposure. In case the tenant has an smtp credential set, the full credential information is disclosed. Source: https://www.systeam.com.br/cve/broken-access-control-en.txt

ApiSec: The week of Dec'20 2021

Ivan Novikov

CEO @ Wallarm | Leading API Security Solution for Enterprises

Podman API authentication vulnerability

SonicWall SMA100 API authentication vulnerability

领英推荐

mySCADA myPRO API Remote Code Injection

Dalmark Systems Systeam API authentication bypass by temporary JWT token

?? API Security Threats ??

1,873 位关注者

更多精彩文章

社区洞察

其他会员也浏览了

Active Directory Account Passwords Cracking using AS-REP Roasting

What Happened Over the Week? | CVEs Special

My Recent Press Appearances & Contributions

Hackers Abusing Cloudflare Tunnels for Covert Communications

Ballot Box Stuffing. ESS Systems & Software.

SIEM Korelasyon X Sürede Y Adet Olay Olursa veya A Olay? Olursa Demek De?ildir.

Transport Layer Security & Introduction to TLS 1.3

?????????? ??????????????-????-?????????? ?????????????? & ???????????? ???????????????????????????? ?????????? [Explained]

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy

May 13, 2021

Podman API authentication vulnerability

SonicWall SMA100 API authentication vulnerability

领英推荐

mySCADA myPRO API Remote Code Injection

Dalmark Systems Systeam API authentication bypass by temporary JWT token

?? API Security Threats ??

1,873 位关注者

Top 5 API Security Risks Uncovered Through 2023 Incidents

2024年2月20日

Etherium Response on API Security: how GraphQL CRASH blockchain

2023年10月18日

No API Management Without API Security. But API Security Without API Management? Absolutely.

2023年9月22日

5 reasons why OWASP Top Ten 2021 is broken

2022年4月22日

Moving day! This newsletter is moving to the "API Security Community" group

2022年3月2日

API exploits: the week of January 31st. Huawei, Zoho, and DPD API auth bypass.

2022年2月8日

API exploits: the week of January 24th. Agilia Infusion, Tesla, Codeigniter4, and Reolink cameras

2022年1月30日

API security exploits of the week of January 17th, 2022. F5, NGINX, Juniper, Istio, and Grafana API vulnerabilities.

2022年1月25日

ApiSec: The week of Jan'10th, 2022. CISCO, MSFT, IBM, MITRE and NodeJS. The week of command injections.

2022年1月15日

ApiSec: The week of Dec'27th, 2021. Apache APISIX Remote Code Exeution

2022年1月2日

社区洞察

其他会员也浏览了

Active Directory Account Passwords Cracking using AS-REP Roasting

What Happened Over the Week? | CVEs Special

My Recent Press Appearances & Contributions

Hackers Abusing Cloudflare Tunnels for Covert Communications

Ballot Box Stuffing. ESS Systems & Software.

SIEM Korelasyon X Sürede Y Adet Olay Olursa veya A Olay? Olursa Demek De?ildir.

Transport Layer Security & Introduction to TLS 1.3

?????????? ??????????????-????-?????????? ?????????????? & ???????????? ???????????????????????????? ?????????? [Explained]

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy

May 13, 2021