#auth

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties that had "password" contained in the name. There are a number of sensitive system properties, such as "basicauth" and "aws.secretKey" do not contain "password", thus their values were published via the "/admin/info/properties" endpoint. This endpoint populates the list of System Properties on the home screen of the Solr Admin page, making the exposed credentials visible in the UI. This /admin/info/properties endpoint is protected under the "config-read" permission. Therefore, Solr Clouds with Authorization enabled will only be vulnerable through logged-in users that have the "config-read" permission. Users are recommended to upgrade to version 9.3.0 or 8.11.3, both of which fix the issue. A s...

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configure and test new Schemas and configSets. However, when the feature was created, the "trust" (authentication) of these configSets was not considered. External library loading is only available to configSets that are "trusted" (created by authenticated users), thus non-authenticated users are unable to perform Remote Code Execution. Since the Schema Designer loaded configSets without taking their "trust" into account, configSets that were created by unauthenticated users were allowed to load external libraries when used in the Schema Designer. Users are recommended to upgrade to version 9.3.0 or 8.11.3, both of which fix the issue.

Ivanti has found yet another vulnerability in versions of Connect Secure, Policy Secure, and ZTA gateways.

By Owais Sultan In the rapidly evolving world of digital commerce, cryptocurrencies have emerged as a game-changer, with Ethereum at the… This is a post from HackRead.com Read the original post: Accepting Ethereum (ETH) for Businesses, An Overview

### Impact This is a privilege escalation vulnerability. The impact is negligible and entirely theoretical. A non-exploitable weakness was found in how the client-supplied JWTs are verified. Because an explicit allow-list of known algorithms is used in the PyJWT library, user-supplied (invalid) algorithms are rejected. If this was not the case, then the client JWTs could be tampered with, resulting in privilege escalation which would allow the attacker to perform any operation as any client (impersonation) without leaving a trace of the real user/client. ### Patches Will be fixed in 1.12.2 ### Workarounds None needed. But be careful when updating PyJWT. Check that the used PyJWT has no algorithms specified with a name in "", "HS25", "HS2", "HS", "H", or that those algorithms are acceptable. ### Details The header and payload of JSON Web Tokens (JWTs) are cryptographically signed with an algorithm. A JWT has a header field `alg` that specifies the algorithm used in the signatu...

IBM i Access Client Solutions (ACS) versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 suffer from a remote credential theft vulnerability.

Advanced Page Visit Counter version 1.0 suffers from a persistent cross site scripting vulnerability.

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period of time," Check Point said in a report this

Various Kyber software libraries in various environments leak secret information into timing, specifically because * these libraries include a line of code that divides a secret numerator by a public denominator, * the number of CPU cycles for division in various environments varies depending on the inputs to the division, and * this variation appears within the range of numerators used in these libraries. The KyberSlash pages track which Kyber [libraries](https://kyberslash.cr.yp.to/libraries.html) have this issue, and include a [FAQ](https://kyberslash.cr.yp.to/faq.html) about the issue. ## Author The KyberSlash pages were written by Daniel J. Bernstein. The FAQ originally said "I", but some people seemed to have trouble finding this authorship statement, so the FAQ now says "Bernstein" instead. ## URL The permanent link for the KyberSlash pages is [https://kyberslash.cr.yp.to](https://kyberslash.cr.yp.to). ## Mitigation status in qpc_kyber crate The issues has not been re...

FBI and CISA have produced guidance about Chinese APT group Volt Typhoon and other groups that use Living off the Land (LOTL) techniques.