Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29117PUBLISHED: 2022-08-12A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
CVE-2021-29118PUBLISHED: 2022-08-12An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user.
CVE-2022-2797PUBLISHED: 2022-08-12
A vulnerability classified as critical was found in SourceCodester Student Information System. Affected by this vulnerability is an unknown functionality of the file /admin/students/view_student.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...
CVE-2021-29112PUBLISHED: 2022-08-12An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user.
CVE-2022-35980PUBLISHED: 2022-08-12
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch cluster configured with advanced access control features doc...
User Rank: Ninja
5/31/2014 | 11:25:42 AM
If I can foster an email correspondence with anyone at the enterprise, as long as the email isn't aliased, I could possibly have your username. From there facebook could be used to pull personal data and maybe hone down the field of a password possibility if you create your own passwords. With this put into the specialized fields of a dictionary attack, it could take a lot less time to discover your password.
Now account lockouts are the next piece of security that would prevent intrusion. But if I am a hacker I do not want to go on site and try to bypass physical security as well. I would rather try and find an in remotely. Next step for me is to call the helpdesk for remote documentation. Some enterprises have multiple avenues for working remotely. Going back to my previous point about lockouts, the functionality of a remote client is to allow you to work from anywhere. Functionality is the main purpose here. Many don't have a lockout mechanism. So I can try to log in remotely as many times as I want, making my dictionary attack much more efficient. Once I have the credentials. I log in remotely during off hours, and because I don't need to change your password you may not be any the wiser.
This is all thanks to social engineering.