Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-2838PUBLISHED: 2022-08-16In Eclipse Sphinxâ„¢ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.
CVE-2022-35734PUBLISHED: 2022-08-16'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
CVE-2022-36293PUBLISHED: 2022-08-16Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors.
CVE-2022-36344PUBLISHED: 2022-08-16
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed wit...
CVE-2022-36381PUBLISHED: 2022-08-16OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.
User Rank: Author
5/22/2015 | 10:38:52 AM
In order to have the best visibility on the status of user credentials in a network - have a look at UserLock. UserLock helps prevent outside attacks from compromised credentials, stops unauthorized network access, protects users from their own careless behavior, mitigates the actions of malicious insiders and will also ensure that any access to a company network (and resources inside) is attributed to the authorized individual employee.
UserLock continuously monitors all network logon events, across all session types (including Wi-Fi, VPN and IIS), automatically applying custom policies that permit or deny authenticated users' access. (limiting concurrent logins, workstation/device restrictions, IP address restrictions, time restrictions etc). You can then track, report and immediately respond to any suspicious logon behaviour.
With UserLock's layered security and real-time monitoring you can extend the way you easily verify a users' identity to offer the best protection against compromised credentials.