Description
---
The f5 is a "load balancer" which has several modules, one of them called ASM
works as a WAF (firewall application). The asm allow create security policy
to protect a web site for example.
For it have some methods
Create a policy automatically (recommended) <- BAD IDEA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass
Vulnerability
EMC Identifier: ESA-2014-160
CVE Identifier: CVE-2014-4631
Severity Rating: CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Affected Products:
RSA Adaptive Authe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2014-156: EMC Documentum Content Server Insecure Direct Object Reference
Vulnerability
EMC Identifier: ESA-2014-156
CVE Identifier: CVE-2014-4629
Severity Rating: CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:P/A:C)
Affected products:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Product: WordPress plugin cm-download-manager
Plugin page: https://wordpress.org/plugins/cm-download-manager/
Vendor: CreativeMindsSolutions http://cminds.com/
Vulnerability Type: CWE-79: Cross-site scripting
Vulnerable Versions: 2.0.6 and below
Fixed
Advisory: Unauthenticated Remote Code Execution in IBM Endpoint Manager
Mobile Device Management Components
During a penetration test, RedTeam Pentesting discovered that several
IBM Endpoint Manager Components are based on Ruby on Rails and use
static secret_token values. With these valu
