Hackers Exploiting High-Severity Zimbra Flaw to Steal Email Account Credentials

Zimbra CVE-2022-27824 has been added to the CISA’s “Known Exploited Vulnerabilities” catalog as a new vulnerability. Hackers are actively exploiting it in attack activities, which indicates it is active in the hacking community. Unauthenticated threat actors are able to steal email account credentials in clear-text by exploiting this high-severity vulnerability. Using Zimbra Collaboration, a threat […]

Continue Reading

Cisco Nexus Dashboard Flaw Let Remote Attacker Execute Arbitrary Commands

The Cisco Nexus Dashboard data center management solution was found to have severe vulnerabilities that Cisco has addressed recently. The total number of vulnerabilities identified was 45, which affected a wide variety of products and services. A remote attacker can exploit these vulnerabilities to execute commands or perform actions with root privileges or Administrator permissions […]

Continue Reading

VMware vCenter Server Flaw Let Attacker Exploit to Perform Elevate Privileges Attack

There has finally been a patch released by VMware for an affected version of vCenter Server’s IWA mechanism, eight months after a high-severity privilege escalation vulnerability was disclosed. CrowdStrike Security’s Yaron Zinar and Sagi Sheinfeld reported the vulnerability and it has been tracked as CVE-2021-22048 on their respective systems.  It also affects the hybrid cloud […]

Continue Reading

Critical Fortinet Flaws Patched – Following Products Affected

Fortinet, a cybersecurity company headquartered in Sunnyvale, California develops and sells cybersecurity solutions, such as physical firewalls, antivirus software, intrusion prevention systems, and endpoint security components. Recently, the company has issued security fixes for the multiple products that affect its various endpoint security products. Path Traversal Vulnerability The flaws which are rated high in severity […]

Continue Reading