Dark Reading | Security | Protect The Business

Network Computing Dark Reading

Advertise

About Us

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 10/1/2020

9 Tips to Prepare for the Future of Cloud & Network Security

Kelly Sheridan, Staff Editor, Dark Reading, 9/28/2020

Attacker Dwell Time: Ransomware's Most Important Metric

Ricardo Villadiego, Founder and CEO of Lumu, 9/30/2020

Live Events

Webinars

Hear Microsoft, FedEx & VMware Speak @ Interop Digital

Network Automation Summit presented by Network to Code at Interop Digital

Dark Reading Cybersecurity Summit @ Interop Digital

More Informa Tech Live Events

White Papers

The High Cost of Poor Web Performance

Tackling the Challenges of HTTP Streaming Delivery and Performance

Jump into the Deep End with Your Cloud Transformation

Architecting an Agile Approach to App Development

Container Security 101

More White Papers

Cartoon

Latest Comment: Sorry, I cannot brush my teeth tonight. The toothbrush locked me out after three tries.

Cartoon Archive

Current Issue

Special Report: Computing's New Normal

This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How IT Security Organizations are Attacking the Cybersecurity Problem

The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.

Download Now!

Special Report: Understanding Your Cyber Attackers

0 comments

2020 State of Cybersecurity Operations and Incident Response

0 comments

The Changing Face of Threat Intelligence

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-19393
PUBLISHED: 2020-10-01

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the c...

CVE-2020-16844
PUBLISHED: 2020-10-01

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.

CVE-2020-24620
PUBLISHED: 2020-10-01

Unisys Stealth(core) before 4.0.132 stores Passwords in a Recoverable Format.

CVE-2020-25017
PUBLISHED: 2020-10-01

Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoyâ€™s setCopy() header map API does not replace all existing occurences of a non-inline header.

CVE-2020-25018
PUBLISHED: 2020-10-01

Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]