Jasper Westerman

**Name of the Vulnerable Software and Affected Versions** Cisco Nexus Dashboard Fabric Controller (NDFC) versions prior to 12.2.3 **Description** A vulnerability exists in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) due to insufficient SSH host key validation. This allows an unauthenticated, remote attacker to perform a machine-in-the-middle (MitM) attack on SSH connections to Cisco NDFC-managed devices. A successful exploit could allow the attacker to intercept traffic and impersonate a managed device, potentially capturing user credentials. **Recommendations** Update Cisco Nexus Dashboard Fabric Controller (NDFC) to version 12.2.3 or later.

Name of the Vulnerable Software and Affected Versions: Dell Wyse Management Suite versions WMS 4.4 and before Description: The issue is related to an authentication bypass vulnerability in the Dell Wyse Management Suite, which could allow a remote attacker to cause a denial of service. A high-privileged attacker with remote access could potentially exploit this vulnerability. The vulnerability is described as an Authentication Bypass by Capture-replay. Recommendations: For versions WMS 4.4 and before, consider disabling remote access until a patch is available to prevent potential exploitation of the authentication bypass vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Nexus Dashboard Fabric Controller (NDFC) (affected versions not specified) **Description** A vulnerability in the REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a specific REST API endpoint or web-based management interface. A successful exploit could allow the attacker to read, modify, or delete arbitrary data on an internal database, which could affect the availability of the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Aspera Faspex versions 5.0.0 through 5.0.9 **Description** The issue allows a user to bypass intended access restrictions and conduct resource modification. This flaw enables users to access and modify resources that they should not have access to, potentially leading to unauthorized data modification or other security breaches. **Recommendations** For versions 5.0.0 through 5.0.9, update to version 5.0.10 or later to resolve the issue. At the moment, there is no information about other mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Aspera Faspex versions 5.0.0 through 5.0.9 **Description** A user with access to the package can obtain sensitive information through a directory listing. This issue affects users with package access, allowing them to get sensitive details. **Recommendations** For versions 5.0.0 through 5.0.9, consider restricting access to sensitive directories to minimize the risk of exploitation. As a temporary workaround, limit the directory listing functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Aspera Faspex versions 5.0.0 through 5.0.9 **Description** The issue allows a user to bypass intended access restrictions and conduct resource modification. **Recommendations** For IBM Aspera Faspex versions 5.0.0 through 5.0.9, update to a version that includes the fix for this issue to prevent unauthorized access and resource modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Forcepoint Web Security versions prior to 8.5.6 **Description** The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It has been determined that the `user agent` field in the Transaction Viewer is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability, which can be exploited by any user who can route traffic through the Forcepoint Web proxy. This issue enables unauthorized attackers to execute JavaScript within the browser context of a Forcepoint administrator, thereby allowing them to perform actions on the administrator's behalf. Such a breach could lead to unauthorized access or modifications, posing a significant security risk. **Recommendations** For versions prior to 8.5.6, update to version 8.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Transaction Viewer to minimize the risk of exploitation. Avoid using the `user agent` field in the Transaction Viewer until the issue is resolved.