![]() Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. ![]() ![]() Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. ![]() Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.īuffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check. This issue affects only firmware version SonicOS 7.1.1-7040.Ĭurl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could potentially enable a remote authenticated attacker to associate another user's MFA mobile application.Īn improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Users are recommended to upgrade to version 4.0.0, which fixes this issue. ![]() When ssl was enabled for Mongo Hook, default settings included "allow_insecure" which caused that certificates were not validated. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |