all InfoSec news
CVE-2023-37579 (pulsar)
July 12, 2023, 10:15 a.m. |
National Vulnerability Database web.nvd.nist.gov
This issue affects Apache Pulsar: before 2.10.4, and 2.11.0.
Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization. Many sources and sinks contain credentials in the configuration, which could lead to leaked credentials. This vulnerability is mitigated by the fact that there is not a known way for an authenticated user to enumerate another tenant's sources or sinks, meaning the source or sink name …
apache apache software foundation authorization configuration credentials cve fact foundation function issue leaked pulsar software vulnerability worker
More from web.nvd.nist.gov / National Vulnerability Database
CVE-2023-45955 (lightstrip_firmware)
5 months, 3 weeks ago |
web.nvd.nist.gov
CVE-2023-21380 (android)
5 months, 4 weeks ago |
web.nvd.nist.gov
CVE-2023-21381 (android)
5 months, 4 weeks ago |
web.nvd.nist.gov
CVE-2023-21385 (android)
5 months, 4 weeks ago |
web.nvd.nist.gov
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital Laguna Beach
@ Allied Universal | Laguna Beach, CA, United States
Sr. Cloud DevSecOps Engineer
@ Oracle | NOIDA, UTTAR PRADESH, India
Cloud Operations Security Engineer
@ Elekta | Crawley - Cornerstone
Cybersecurity – Senior Information System Security Manager (ISSM)
@ Boeing | USA - Seal Beach, CA
Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas
@ Goldman Sachs | Dallas, Texas, United States