The Microsoft Windows Kernel has a time-of-check / time-of-use issue in verifying layered key security which may lead to information disclosure from privileged registry keys.

Windows Kernel Information Disclosure

Scans showed that 91,000 devices are exposed and at risk for unauthorized access and TV set takeover.

Source: Askar Karimullin via Alamy Stock Photo

Researchers at Bitdefender have discovered four vulnerabilities in LG webOS, the operating system for multiple models of its smart television line.

According to the researchers, even though the now vulnerable LG webOS service is supposed to be used in local area networks, scans show that there are reportedly roughly 91,000 exposed devices that are vulnerable to the bugs.

The bugs are a mix of command injection, privilege escalation, and bypass vulnerabilities and are tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320. For instance, CVE-2023-6317 can allow an attacker to add an extra user to the TV set, and CVE-2023-6318 can allow a user to use the access "gained in the first step to root and fully take over the device."

They impact webOS 4.9.7-5.30.40 running on LG43UM7000PLA, webOS 5.5.0-04.50.51 running on OLED55CXPUA, webOS 6.3.3-442 (kisscurl-kinglake)-03.36.50 running on OLED48C1PUB, and webOS 7.3.1-43 (mullet-mebin)-03.33.85 running on OLED55A23LA.

The researchers reported their findings to LG in November 2023, but it was only last month that the vendor released security updates. Affected users who have not been alerted to the vulnerabilities or the updates to fix them should go to the TV "Settings," then "Support," and "Software Update," and then click on "Check for Update."

**About the Author(s)**

LG Smart TVs at Risk of Attacks, Thanks to 4 OS Vulnerabilities

Check out our slideshow of 10 fun games and toys that teach programming principles, electronics, and engineering concepts to get kids ready to hack the planet.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Time to Get Kids Hacking: Our 2022 Holiday Gift Guide

OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack.

CVE-2021-4234: Access Server Release Notes | OpenVPN

Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is

Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is dangerously exposed to the use of compromised credentials. Furthermore, this exposure is not confined to the on-prem environment. The common practice of syncing passwords between AD and the cloud identity provider means any AD breach is a potential risk to the SaaS environment as well.

In this article, we'll explore AD's inherent security weaknesses and examine their scope and potential impact. We'll then learn how Silverfort's Unified Identity Protection platform can address these weaknesses at their root and provide organizations using AD with the resiliency they need to thwart identity threats and mitigate the risks of compromised user accounts.

****What Cloud? Why AD Will Be Continue to Be Part of the Hybrid Environment****

While cloud computing has triggered a tectonic shift in IT, it hasn't completely replaced the on-prem environment but instead lives with it side by side. The pragmatic route that most organizations have chosen is to maintain a hybrid environment, where user access to SaaS and web resources is managed by a dedicated identity provider while AD still manages the on-prem resources.

From the operations side, this strategy is reasonable since there are multiple resources that can be migrated to the cloud or exchanged with SaaS apps. However, it's important to be aware that this approach means AD's long-ignored security weaknesses are still at large.

To learn more about how Silverfort addresses weaknesses in your identity security posture, check out our resource, **Silverfort MFA: Protect the Unprotectable**.

****AD's Achilles Heel: Unable to Detect and Prevent Malicious Access Attempts Using Compromised Credentials****

When a user initiates an access request, AD knows how to do one thing only: check if username and password match. If they don't, AD blocks access; if they do, access is granted. But what can AD do if username and password match but are being used by an adversary that has obtained them? Unfortunately, the answer is absolutely nothing.

As strange as it sounds, from AD's perspective there's no difference between a legitimate user providing the correct username and password and a malicious adversary doing the same thing. Both are granted the same access.

****So Why Can't Traditional MFA Solve This Problem?****

At this point, you may wonder why MFA can't simply be added to the AD authentication process, as is done with SaaS apps. The answer, unfortunately, is that it's not so simple. AD and its authentication protocols (NTLM and Kerberos) were built and designed more than two decades ago — long before MFA even existed. As a result, unlike modern authentication protocols that SaaS apps use, they can't support MFA at all. Nor are there any plans from Microsoft to open up these protocols and rewrite them so that they'd have this capability.

This means we're back to square one, where an attacker using compromised credentials in an AD environment can literally connect to any workstation, server, or app they please, with no security measures barring their way.

****An AD Breach AD Paves The Adversary's Way to Your Cloud Resources****

What many security stakeholders often forget is that on-prem and cloud environments are entwined. In fact, many attackers seeking to access SaaS apps choose to access them via a compromise of the on-prem environment, instead of attacking them directly through a browser. The common pattern of this kind of attack is to gain control of an employee's endpoint using social engineering and, once there, strive to compromise usernames and passwords to use them for malicious access to SaaS apps. Alternatively, if a federation server is in place, adversaries can simply compromise it as they would with any other on-prem resource and gain SaaS access from there.

One way or another, it's important to realize that when we're talking about AD's security gaps, this doesn't mean that only the AD-managed environment is at risk rather but the entire hybrid environment with all its users and resources.

****Silverfort Unified Identity Protection: Overcome AD's Gaps with Real-Time Protection****

Silverfort has pioneered the first platform purpose-built to protect against identity threats – in real time – making use of compromised credentials to access targeted resources. Silverfort provides continuous monitoring, risk analysis, and active policy enforcement on every incoming authentication and access request made by any user to any resource, both on-prem and in the cloud.

In this way, Silverfort can solve AD's security gaps at their root through an integration with AD's native authentication flow, thus taking the role of deciding for AD whether a user can fully be trusted when accessing a resource or not.

****Silverfort's AD Protection: A Layer of Threat Protection Natively Integrated into AD's Authentication Flow****

Here's how it works:

1.  A user wants to access a resource and initiates an access request to AD.
2.  AD, instead of deciding by itself whether to grant or deny access based on the password match, forwards this access request to Silverfort.
3.  Silverfort receives the access request and analyzes it using a multi-layered AI engine while also evaluating the request against pre-configured access policies.
4.  If the analysis reveals a suspected compromise, Silverfort connects to an MFA service to challenge the user to verify their identity.
5.  The MFA service sends the user the message and passes their response back to Silverfort.
6.  Based on the MFA response, Silverfort instructs AD whether to block or allow access.
7.  AD blocks or allows access per Silverfort's instruction.

****Agentless and Proxyless Technology, Agnostic to All Protocols and Access Methods****

As you can see, this unique ability to receive every access attempt in real time from AD enables Silverfort to add the missing risk analysis and MFA capabilities into the AD authentication flow. Additionally, because Silverfort sits behind AD and gets 100% of its authentication requests, this eliminates the need to install MFA agents on individual resources or place a proxy in front of them. It also means that it makes no difference what protocol is used or whether it supports MFA. As long as an authentication to AD is carried out, AD will forward this to Silverfort and protection will be in place.

_**Want to learn more about Silverfort's AD protection?** Schedule a call with one of our experts._

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight? 

Apple Security Advisory 10-25-2023-2 - iOS 16.7.2 and iPadOS 16.7.2 addresses bypass, code execution, and use-after-free vulnerabilities.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-10-25-2023-2 iOS 16.7.2 and iPadOS 16.7.2iOS 16.7.2 and iPadOS 16.7.2 addresses the following issues.Information about the security content is also available athttps://support.apple.com/kb/HT213981.Apple maintains a Security Updates page athttps://support.apple.com/HT201222 which lists recentsoftware updates with security advisories.CoreAnimationAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An app may be able to cause a denial-of-serviceDescription: The issue was addressed with improved memory handling.CVE-2023-40449: Tomi Tokics (@tomitokics) of iTomsn0wFind MyAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An app may be able to read sensitive location informationDescription: The issue was addressed with improved handling of caches.CVE-2023-40413: Adam M.ImageIOAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Processing an image may result in disclosure of process memoryDescription: The issue was addressed with improved memory handling.CVE-2023-40416: JZIOTextEncryptionFamilyAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An app may be able to execute arbitrary code with kernelprivilegesDescription: The issue was addressed with improved memory handling.CVE-2023-40423: an anonymous researcherKernelAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An attacker that has already achieved kernel code execution maybe able to bypass kernel memory mitigationsDescription: The issue was addressed with improved memory handling.CVE-2023-42849: Linus Henze of Pinauten GmbH (pinauten.de)Mail DraftsAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Hide My Email may be deactivated unexpectedlyDescription: An inconsistent user interface issue was addressed withimproved state management.CVE-2023-40408: Grzegorz RiegelmDNSResponderAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: A device may be passively tracked by its Wi-Fi MAC addressDescription: This issue was addressed by removing the vulnerable code.CVE-2023-42846: Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_coPro ResAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An app may be able to execute arbitrary code with kernelprivilegesDescription: The issue was addressed with improved memory handling.CVE-2023-42841: Mingxuan Yang (@PPPF00L), happybabywu and Guang Gong of360 Vulnerability Research InstituteSafariAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Visiting a malicious website may reveal browsing historyDescription: The issue was addressed with improved handling of caches.CVE-2023-41977: Alex RendaSiriAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An attacker with physical access may be able to use Siri toaccess sensitive user dataDescription: This issue was addressed by restricting options offered ona locked device.CVE-2023-41997: Bistrit DahlaCVE-2023-41982: Bistrit DahlaWeatherAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: An app may be able to access sensitive user dataDescription: A privacy issue was addressed with improved private dataredaction for log entries.CVE-2023-41254: Cristian Dinca of "Tudor Vianu" National High School ofComputer Science, RomaniaWebKitAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: A user's password may be read aloud by VoiceOverDescription: This issue was addressed with improved redaction ofsensitive information.WebKit Bugzilla: 248717CVE-2023-32359: Claire HoustonWebKitAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Processing web content may lead to arbitrary code executionDescription: The issue was addressed with improved memory handling.WebKit Bugzilla: 259836CVE-2023-40447: 이준성(Junsung Lee) of Cross RepublicWebKitAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Processing web content may lead to arbitrary code executionDescription: A logic issue was addressed with improved checks.WebKit Bugzilla: 260173CVE-2023-42852: an anonymous researcherWebKitAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Processing web content may lead to arbitrary code executionDescription: A use-after-free issue was addressed with improved memorymanagement.WebKit Bugzilla: 259890CVE-2023-41976: 이준성(Junsung Lee)WebKit Process ModelAvailable for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rdgeneration and later, iPad 5th generation and later, and iPad mini 5thgeneration and laterImpact: Processing web content may lead to a denial-of-serviceDescription: The issue was addressed with improved memory handling.WebKit Bugzilla: 260757CVE-2023-41983: 이준성(Junsung Lee)Additional recognitionlibxml2We would like to acknowledge OSS-Fuzz, Ned Williamson of Google ProjectZero for their assistance.libarchiveWe would like to acknowledge Bahaa Naamneh for their assistance.WebKitWe would like to acknowledge an anonymous researcher for theirassistance.This update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/  iTunes and Software Update on thedevice will automatically check Apple's update server on its weeklyschedule. When an update is detected, it is downloaded and the optionto be installed is presented to the user when the iOS device isdocked. We recommend applying the update immediately if possible.Selecting Don't Install will present the option the next time youconnect your iOS device.  The automatic update process may take up toa week depending on the day that iTunes or the device checks forupdates. You may manually obtain the update via the Check for Updatesbutton within iTunes, or the Software Update on your device.  Tocheck that the iPhone, iPod touch, or iPad has been updated:  *Navigate to Settings * Select General * Select About. The versionafter applying this update will be "iOS 16.7.2 and iPadOS 16.7.2".All information is also posted on the Apple Security Updatesweb site: https://support.apple.com/en-us/HT201222.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmU5YvsACgkQX+5d1TXaIvpLZQ//e5ZVOM9rZ/DUWaI9SA97C3aNYfmtQCmxmFTq2PHtQ8ipSRtJyqfGXngofVuXRjgCIdVrIXiqnI7RGYHSTAZ1bcdP3ZJB6LWVC6BsNBWKP24AiPh8DxCdzIH6yvqL43nwml86WP7n7RxZDIUdY6tXewfk4OklGmqal3HCKJW5KmY2sxmKB49rfMVFTU7uBIw4rdeogwY6WL0pKGDjCl0Jwa5u8TLzX21mLP+/4+DYyocTOeSezNPCHj8Hz6xnzngtYOZfROaOLMRu72a21No7RBio6QDWGbWX09lPXF/PT00wa2vQ6JxBfnDfjGg8yLz/kN+91LlV5QDoPZLvNIx/8PIjppclLi/NbQEBZDAp6kn1T1xOQHV31rMVxUikMR3JDVHZYeaL6Yjgh55EYQUq0/ngwgZ0eTDK1wCGROLOQWdw2K4u/B5wp/XSklYLvJBSJnNFPPAanueteOsOJ0P7WQy0XPvkxblnfzz+Un2cfENhtuu2SW3Li8EXtA4P7NklsU8apEPwcVkX/FTvrQdNKdyYMtgya4fY7Zo7XAtWV+2f1EJ+WBLMaoXi2TRktQzhvrekK8OBRVRBYPAAyoWceG1tKG6V7K5kZ3mwknBGhLXJvEvV31/shr1bGYTLcdmq8VFOVuPbuhfbMiAKct6T4ipLqjTeFyTDS2xhimLMWJY==wyRz-----END PGP SIGNATURE-----

Apple Security Advisory 10-25-2023-2

An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

'2153052?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2022-3108: Invalid Bug ID

On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.


**Date: August 23, 2023**

Revision

Date

Changes

1.0

August 23, 2023

Initial release

The CVE-ID tracking this issue: CVE-2023-24548  
CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)  
Common Weakness Enumeration: CWE-120 Buffer Copy without Checking Size of Input  
This vulnerability is being tracked by BUG 828687

**Description**

On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.

The issue was discovered in an Arista customer environment but Arista is not aware of any malicious uses of this issue in customer networks.

**Vulnerability Assessment****Affected Software****EOS Versions**

*   4.25.0F in the 4.25.x train
*   4.24.11M and below releases in the 4.24.x train
*   4.23.14M and below releases in the 4.23.x train
*   4.22.13M and below releases till 4.22.1F in the 4.22.x train

**Affected Platforms**

The following products **are** affected by this vulnerability:

*   Arista EOS-based products:  
    *   7280R3 Series
    *   7500R3 Series
    *   7800R3 Series

The following product versions and platforms **are not** affected by this vulnerability:

*   Arista EOS-based products:  
    *   720D Series
    *   720XP/722XPM Series
    *   750X Series
    *   7010 Series
    *   7010X Series
    *   7020R Series
    *   7130 Series running EOS
    *   7150 Series
    *   7160 Series
    *   7170 Series
    *   7050X/X2/X3/X4 Series
    *   7060X/X2/X4/X5 Series
    *   7250X Series
    *   7260X/X3 Series
    *   7300X/X3 Series
    *   7320X Series
    *   7358X4 Series
    *   7368X4 Series
    *   7388X5 Series
    *   CloudEOS
    *   cEOS-lab
    *   vEOS-lab
    *   AWE 5000 Series
*   Arista Wireless Access Points
*   CloudVision CUE, virtual appliance or physical appliance
*   CloudVision CUE cloud service delivery
*   CloudVision eXchange, virtual or physical appliance
*   CloudVision Portal, virtual appliance or physical appliance
*   CloudVision as-a-Service
*   CloudVision AGNI
*   Arista 7130 Systems running MOS
*   Arista Converged Cloud Fabric and DANZ Monitoring Fabric (Formerly Big Switch Nodes for BCF and BMF)
*   Arista Network Detection and Response (NDR) Security Platform (Formerly Awake NDR)
*   Arista Edge Threat Management - Arista NG Firewall and Arista Micro Edge (Formerly Untangle)

**Required Configuration for Exploitation**

In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:

IP routing should be enabled:

Switch> show running-config section ip routing
ip routing

AND

VXLAN should be configured - a sample configuration is found below:

\# Loopback interface configuration
switch> show running-config section loopback
interface Loopback0
   ip address 10.0.0.1/32
  
# VXLAN VTEP configuration
switch> show running-config section vxlan
interface Vxlan1
   vxlan source-interface Loopback0
   vxlan udp-port 4789
   vxlan flood vtep 10.0.0.2

AND

VXLAN extended VLAN or VNI must be routable - two examples are shown below:

\# Overlay interface
switch> show running-config section vlan
vlan 100
interface Ethernet1/1
   switchport access vlan 100
interface Vlan100
   ip address 1.0.0.1/24
 
Interface Vxlan1
  vxlan vlan 100 vni 100000

switch> show running-config section red
vrf instance red
ip routing vrf red
 
interface Vxlan1
   vxlan vrf red vni 200000

Whether such a configuration exists can be checked as follows:

switch> show vxlan vni
VNI to VLAN Mapping for Vxlan1
VNI          VLAN       Source       Interface         802.1Q Tag
------------ ---------- ------------ ----------------- ----------
100000       100        static       Ethernet1/1       untagged
                                     Vxlan1            100
 
VNI to dynamic VLAN Mapping for Vxlan1
VNI          VLAN       VRF       Source
------------ ---------- --------- ------------
200000       1006       red       evpn
 
switch> show vlan
VLAN  Name                             Status    Ports
----- -------------------------------- --------- -------------------------------
100   VLAN0100                         active    Cpu, Vx1
1006\* VLAN1006                         active    Cpu, Vx1
 
switch> show ip interface brief
                                                                               Address
Interface         IP Address            Status       Protocol            MTU    Owner
----------------- --------------------- ------------ -------------- ----------- -------
Vlan100           1.0.0.1/24            up           up                 1500
Vlan1006          unassigned            up           up                10168

From the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.

**Indicators of Compromise**

This vulnerability causes egress ports to stop passing traffic. An indication of this issue is that the interface counters for the impacted egress interfaces would no longer increment even if packets are forwarded to those ports.

switch > show interfaces counters | nz
Port                          OutOctets    OutUcastPkts    OutMcastPkts    OutBcastPkts
Et8/1                            139851               0            1137               0

We will also see the  DeqDeletePktCnt go up in show hardware counter drop.

switch > show hardware counter drop | nz
Summary:
Total Adverse (A) Drops: 2033
Total Packet Processor (P) Drops: 0
Type  Chip         CounterName                    :           Count : First Occurrence    : Last Occurrence
--------------------------------------------------------------------------------------------------------------
A     Fap0         DeqDeletePktCnt                :            2033 : 2023-04-05 10:09:17 : 2023-04-05 10:10:51              

In addition, protocols that establish neighbor relationships over the affecting port are likely to be affected.

**Mitigation**

There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.

**Resolution**

The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades

CVE-2023-24548 has been fixed in the following releases:

*   4.30.0F and later releases in the 4.30.x train
*   4.29.0F and later releases in the 4.29.x train
*   4.28.0F and later releases in the 4.28.x train
*   4.27.0F and later releases in the 4.27.x train
*   4.26.0F and later releases in the 4.26.x train
*   4.25.1F and later releases in the 4.25.x train

No remediation is planned for EOS software versions that are beyond their standard EOS support lifecycle (i.e. 4.22, 4.23).

**Hotfix**

No hotfix is available for this vulnerability.

**For More Information**

If you require further assistance, or if you have any further questions regarding this security notice, please contact the Arista Networks Technical Assistance Center (TAC) by one of the following methods:

**Open a Service Request**

By email: This email address is being protected from spambots. You need JavaScript enabled to view it.  
By telephone: 408-547-5502 ; 866-476-0000  
Contact information needed to open a new service request may be found at: https://www.arista.com/en/support/customer-support

CVE-2023-24548: Security Advisory 0089 - Arista

Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).

![CSC Logo](https://support.solarwinds.com/-/media/solarwinds/success-center/header/csc-logo.ashx?rev=90c971434fcd4e209946c5e4dbfbfcb6&la=en&hash=8C5784DEC5EA84CE2BF83BFAFC2BA594)

*   Visit SolarWinds.com
*   Documentation
*   Contact Us
*   Customer Portal

![SolarWinds logo](https://support.solarwinds.com/-/media/solarwinds/swdcv2/global/logo-types/solarwinds-logo-types/sw-logo-rev-svg.ashx?rev=2c0f7fac37f3450c8f0c88b0cac7b852&h=35&w=150&la=en&hash=B34F5931AE706E15546A4998736FBFAD)

How can we help you?

![](https://support.solarwinds.com/-/media/solarwinds/swdcv2/global/icons/searchicon.ashx?rev=ece9e83f870b4139b1283d6e608828f1&h=18&w=19&la=en&hash=DC9D122D69BADE5F4E13C623477C47C2)

![CSC Home Hero](https://support.solarwinds.com/-/media/solarwinds/swdcv2/landing-pages/trust-center/csc-home-hero.ashx?rev=2ccf6b00415f4174bb1f92cc465d6cbd&h=250&w=555&la=en&hash=1084127ADBA8201A7992C896321B2005)

Calling Today's IT Transformers

THWACKcamp is back for its 10th year! We're optimizing your experience with special prizes and timely content for today's IT transformers like you. We can't wait to share our best industry insights and help you succeed in 2022.

Virtual Classes for 2022

If you have a SolarWinds product on a maintenance plan, Virtual Classrooms has courses to help you use, maintain, and optimize your software. Expand your knowledge and expertise with a class in our Customer Portal—live and on-demand!

THWACK Mission: Remote Wranglin'

Looking for a new way to wrangle in the needs of your remote users? Join our THWACK mission today to learn about our various tool offerings. No other tech pro in the universe could cowboy your users' problems like you can!

Top Customer Success Resources

![SolarWinds Academy](https://support.solarwinds.com/-/media/solarwinds/swdcv2/global/logo-types/solarwinds-logo-types/solarwinds_academy_logo.ashx?h=76px&w=250px&rev=447d86738f374ad48c75cc1466c8c9c7&hash=1E055FE6AF54BF4A72567C742B06EEEE)

**Ready to advance your expertise—and your career?**

**VIRTUAL CLASSROOMS**

The SolarWinds Academy offers instructor-led classes at every level to learn about your product deployment, configuration, and more.

Find a Class

**ELEARNING**

The online eLearning library contains on-demand training videos to help you learn about your product and setup, including key features and popular optimizations.

Explore eLearning

**SOLARWINDS CERTIFIED PROFESSIONAL PROGRAM**

Take the SolarWinds Certified Professional® credential with you anywhere to show you have the knowledge and skills needed to manage and administer SolarWinds software.

Get Certified

Premier and Premier Enterprise Support — Your Choice

![](https://support.solarwinds.com/-/media/solarwinds/appoptics/header/multi-colored-brand-line-small.ashx?rev=b5e069c7fa3e44d7925fe8bf735e1c94&la=en&hash=2A0AA9CEAF355CDAE3FAFEDBC57DD39E)

![](https://support.solarwinds.com/-/media/solarwinds/swdcv2/landing-pages/premier-support-page/premier-support-icon.ashx?rev=64cf7687e5a649f6b9e920a927663aec&h=70&w=70&la=en&hash=A523D2D2C8DECF78DE7310BA935FB2B7)

Premier Support

With the Premier Support program, we will help you resolve your product issues faster, provide best practices, and partner with you for long-term success.

![](https://support.solarwinds.com/-/media/solarwinds/appoptics/header/multi-colored-brand-line-small.ashx?rev=b5e069c7fa3e44d7925fe8bf735e1c94&la=en&hash=2A0AA9CEAF355CDAE3FAFEDBC57DD39E)

![](https://support.solarwinds.com/-/media/solarwinds/swdcv2/landing-pages/premier-support-page/premier-enterprise-support-icon.ashx?rev=017b6abc16ca4cbaaa15c75e3dd1aea3&h=70&w=70&la=en&hash=AECDC9A4241ECA24D1A1569C3FA20CB8)

Premier Enterprise Support

With Premier Enterprise support, our experts will help you drive the business and technical outcomes most critical to your business.

![smart-start](https://support.solarwinds.com/-/media/solarwinds/success-center/smart-start/solarwinds-smart-start-svg.ashx?h=76&rev=c9823a12497f41048bf02afd6aaca92f&hash=248CC5C021984171AE526D7741C56C38)

SmartStart Self-Led

Follow step-by-step instructions at your own pace while installing and configuring Network Performance Monitor (NPM), Server & Application Monitor (SAM), and Service Desk, with more products coming soon.

Smart Start Assisted Onboarding

Our implementation experts will work with you to understand your goals, assist you in installing and configuring your new product, and help optimize your environment.

SmartStart Assisted Upgrade

Our specialists will help ensure your upgrade plays well with your environment before, during, and after.

**Find solutions and answers for every product**

CVE-2020-13169: SolarWinds Product Support | Success Center

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.

**Email display mode:**

Modern rendering  
Legacy rendering

Search

lenovo warranty check/lookup | check warranty status | lenovo support us