The maintainers of OpenSSL have launched a repair for 2 high-severity safety flaws in its software program that might be exploited to hold out denial-of-service (DoS) assaults and bypass certificates verification. Tracked as CVE-2021-3449 and CVE-2021-3450, each the vulnerabilities have been resolved in an replace (model OpenSSL 1.1.1k) launched on Thursday. Whereas CVE-2021-3449 impacts all […]

Cisco has addressed a most severity vulnerability in its Software Centric Infrastructure (ACI) Multi-Web site Orchestrator (MSO) that would enable an unauthenticated, distant attacker to bypass authentication on weak units. “An attacker might exploit this vulnerability by sending a crafted request to the affected API,” the corporate said in an advisory revealed yesterday. “A profitable […]