Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26162)
An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application.
Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)
Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.
Critical Citrix Gateway and Citrix ADC Vulnerabilities
November 2022 continues strong with more cybersecurity vulnerabilities. If you are running Citrix Gateway and Citrix ADC, stop what you are doing and read this post. Please reach out to www.Cornerstone.IT with any questions. We are a Citrix Gold partner with decades of Citrix experience.
Early November Security Alerts You Must be Aware of — Dropbox and Fortinet
iManage Security Vulnerability due to third-party Apache component Log4j
If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.
Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)
The iManage Security team identified a vulnerability affecting on-premises versions of iManage products.
It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.
Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid
Microsoft released patches and fixes during this week’s November Patch Tuesday. The report identified 55 vulnerabilities on Microsoft Windows, including on-premises (locally installed) products such as Microsoft Office (Microsoft Excel), Microsoft Edge browser and – most importantly – Microsoft Exchange.
Alert: Multiple Vulnerabilities in VMware vCenter Server
Product Security Alert: Critical Citrix Vulnerability Allowing Malicious Attack
#LegalIT #ITCornerView