all InfoSec news
CVE-2023-37582 (rocketmq)
July 12, 2023, 10:15 a.m. |
National Vulnerability Database web.nvd.nist.gov
When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as.
It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or …
address command configuration cve exploit function issue leaked nameserver permission system update verification version vulnerability
More from web.nvd.nist.gov / National Vulnerability Database
CVE-2023-45955 (lightstrip_firmware)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21380 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21381 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
CVE-2023-21385 (android)
6 months, 2 weeks ago |
web.nvd.nist.gov
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Engineer II - Java Fullstack, AWS
@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
Consultant Cybersécurité Industrielle (F-H-X)
@ Bureau Veritas Group | COURBEVOIE, Ile-de-France, FR
Security Engineer II
@ Syniverse | Costa Rica