A security flaw can allow an unauthenticated attacker to remotely conduct a cross site scripting (XSS) attack against a user of the web services interface. Enterprises should patch their Cisco ASA Software and Firepower Software as soon as possible.
About Heidi Gerken, Senior Sales Engineer
This author has not written his bio yet.
But we are proud to say that Heidi Gerken, Senior Sales Engineer contributed 3 entries already.
Entries by Heidi Gerken, Senior Sales Engineer
The Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future.
F5 has released patches for several BIG-IP and BIG-IQ critical vulnerabilities. CVE-2021-22986 is the most critical since it allows unauthenticated attackers with network access to use the iControl REST interface, via the BIG-IP management interface and self IP addresses, to execute system commands that could lead to complete system compromise.