#auth

### Impact Recovering coordinators do not verify the seed provided by the recovering party. This allows an attacker to set up a coordinator with a manifest that passes validation, but with a secret seed controlled by the attacker. If network traffic is redirected from the legitimate coordinator to the attacker's coordinator, a workload owner is susceptible to impersonation if either * they `set` a new manifest and don't compare the root CA cert with the existing one (this is the default of the `contrast` CLI) or * they `verify` the coordinator and don't compare the root CA cert with a trusted reference. Under these circumstances, the attacker can: * Issue certificates that chain back to the attacker coordinator's root CA. * Recover arbitrary workload secrets of workloads deployed after the attack. This issue does **not** affect the following: * secrets of the legitimate coordinator (seed, workload secrets, CA) * integrity of workloads, even when used with the rogue coordinator...

The env option `KC_CACHE_EMBEDDED_MTLS_ENABLED` does not work and the jgroups replication configuration is always used in plain. This option worked before in 24 and 22. More info in public issue https://github.com/keycloak/keycloak/issues/34644.

**Product:** Mobile Security Framework (MobSF) **Version:** 4.3.0 **CWE-ID:** CWE-269: Improper Privilege Management **CVSS vector v.4.0:** 7.1 (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N) **CVSS vector v.3.1:** 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) **Description:** MobSF has a functionality of dividing users by roles. This functionality is not efficient, because any registered user can get API Token with all privileges. **Impact:** Information Disclosure **Vulnerable component:** Code output component (`/source_code`) **Exploitation conditions:** authorized user **Mitigation:** Remove token output in the returned js-script **Researcher:** Egor Filatov (Positive Technologies) ## Research Researcher discovered zero-day vulnerability «Local Privilege Escalation» in Mobile Security Framework (MobSF). To reproduce the vulnerability follow the steps below. • A user with minimal privileges is required, so the administrator must create a user account <img width="215" al...

While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to improve the value of hard decisions.

### Impact Using a specially crafted file, a user could potentially upload a file containing code that when executed could send arbitrary requests to the server. If that file was opened by an administrator, it could lead to escalation of privileges of the original submitter or other malicious actions. Users must have been registered to the site to exploit this vulnerability. ### Patches This vulnerability has been fixed in CKAN 2.10.7 and 2.11.2 ### Workarounds On versions prior to CKAN 2.10.7 and 2.11.2, site maintainers can restrict the file types supported for uploading using the [ckan.upload.user.mimetypes](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-user-mimetypes) / [ckan.upload.user.types](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-user-types) and [ckan.upload.group.mimetypes](https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-group-mimetypes) / [ckan.upload.group.types](https://docs.ckan.or...

The dismantling of USAID by Elon Musk's DOGE and a State Department funding freeze have severely disrupted efforts to help people escape forced labor camps run by criminal scammers.

New research highlights how bad actors could abuse deleted AWS S3 buckets to create all sorts of mayhem, including a SolarWinds-style supply chain attack.

A banking malware campaign using live phone numbers to redirect SMS messages has been identified by the zLabs research team, uncovering 1,000+ malicious apps and 2.5GB of exposed data.

Web shops are an attractive target. How can SMBs keep theirs safe?

A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services.