Citrix’s uberAgent, a sophisticated monitoring tool used to enhance performance and security across Citrix platforms, has been identified as having a critical vulnerability. The flaw, tracked under CVE-2024-3902,… Article Source https://cybersecuritynews.com/citrix-uberagent-privilege-escalation/
In a recent announcement, Citrix revealed that they have addressed a critical vulnerability in their NetScaler console. This vulnerability posed a potential threat to users of the popular networking hardware, allowing unauthorized access to sensitive information. The company moved swiftly to fix the issue, ensuring the safety and security of their customers. The vulnerability was … Read more
VMware has recently addressed a critical SQL injection vulnerability in its Aria Automation product, marked as CVE-2024-22280. This vulnerability, with a high severity level of 8.5 out of 10, could potentially allow authenticated attackers to carry out unauthorized database operations. The affected versions include VMware Aria Automation version 8.x and VMware Cloud Foundation versions 5.x … Read more
Software company VMware recently announced they have successfully fixed a critical SQL injection vulnerability in their Aria Automation platform. This vulnerability could have had serious consequences if left unaddressed, potentially allowing malicious actors to manipulate databases and steal sensitive information. The vulnerability was classified as a critical issue by VMware, indicating the severity of the … Read more
Citrix has revealed two critical vulnerabilities in its NetScaler products, posing risks of sensitive data exposure and denial of service attacks. The vulnerabilities identified as CVE-2024-6235 and CVE-2024-6236 have urged Citrix users to update their systems to prevent potential threats. CVE-2024-6235 involves authentication misuse, potentially divulging sensitive information, with a severity score of 9.4. Exploiting … Read more
Citrix has disclosed two critical vulnerabilities affecting its NetScaler products, including the NetScaler Console, SVM, and Agent. These vulnerabilities, identified as CVE-2024-6235 and CVE-2024-6236, could potentially allow attackers to access sensitive information and launch denial of service (DoS) attacks. The urgency of the situation has led to calls for immediate updates from Citrix to mitigate … Read more
A recent editorial from Red Hot Cyber highlights two vulnerabilities found in NetScaler ADC and NetScaler Gateway, which are widely used devices to enhance application performance and ensure secure access to sensitive data. The affected versions include NetScaler ADC and NetScaler Gateway 14.1 before version 14.1-25.53, 13.1 before version 13.1-53.17, and 13.0 before version 13.0-92.31, … Read more
A recent proof-of-concept exploit has been published for a critical vulnerability in VMware vCenter Server, designated CVE-2024-22274. This vulnerability affects the API components of the vCenter Server and has been rated as Important with a CVSSv3 base score of 7.2. The exploit targets specific API components that are vulnerable to a flag injection attack, allowing … Read more
Comcast’s Xfinity broadband entertainment platform announced a significant data breach affecting 35.9 million customers, related to the CitrixBleed vulnerability. The company quickly fixed the vulnerability after detecting an anomaly in mid-October and taking additional security measures. Despite this, a breach was identified between October 16 and 19 by an unauthorized third party during a cybersecurity … Read more
Cisco recently disclosed that dozens of its networking and communications devices are likely vulnerable to a SSH vulnerability that could allow remote code execution. The company confirmed that 42 products are affected, including those in network management, security, routing and switching, unified computing, voice, video streaming, and wireless. Additionally, 51 products in the same lines … Read more