Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20619PUBLISHED: 2021-01-19Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2020-29450PUBLISHED: 2021-01-19Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
CVE-2020-36192PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193PUBLISHED: 2021-01-18Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343PUBLISHED: 2021-01-18Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
User Rank: Apprentice
1/27/2014 | 10:48:24 AM
The bad news is that bad guys are usually not far behind -- and in many cases ahead. In creating a good security platform, there are several things to consider. Compliance and regulation aside, some of the biggest mistakes I've seen revolve around lapsed policies, reactive thinking, and no security testing.
Honestly, it's the little things that can hurt a business. Forgetting to renew an SSL cert, leaving a port open, or not having proper security services running internally. Also, checking your sources helps a lot as well. Let me give you an example, a friend of mine ran an experiment as a part of some research he was working on. He built an Amazon Machine Image (AMI) of a popular penetration testing platform -- which was previously unavailable on EC2. One of his additions to the AMI was a backdoor which would basically just communicate back to his own server, indicating that somebody had turned on his backdoored instance. He could have just as easily built a reverse shell into the image. This basically comes back around to the discussion of data security, as all of your encryption keys, VPN configurations, and potentially passwords are protected by unknown controls, which are of unknown resiliency.
In creating the optimal security platform, consider best practices and also consider the target. This also means constant testing and log keeping. There are a lot of proactive things you can do around security that will certainly help.