Grafana Labs reports: Grafana validates Azure Active Directory accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants. This can enable a Gr ...
Continue ReadingJune 25, 2023
[Researchers have found]() that a flaw in Microsoft Azure AD can be used by attackers to take over accounts that rely on pre-established trust. In a nutshell, Microsoft Azure AD allows you to change t ...
Continue ReadingJune 24, 2023
Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication byp ...
Continue ReadingJune 23, 2023
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3. It is, therefore, affected by a vulnerability as referenced in the K20717585 advisory. - On version 14.1.x before ...
Continue ReadingJune 23, 2023
None ## Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability, Microsoft SharePoint denial of service vulnerability, and Microsoft SharePoint Server ...
Continue ReadingJune 23, 2023
## Summary Google OAuth Client Library for Java as used by IBM QRadar SIEM is vulnerable to verification bypass. IBM QRadar SIEM has addressed the applicable vulnerability. ## Vulnerability Details ** ...
Continue ReadingJune 23, 2023
A flaw was found in Grafana, which validates Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants, which enables Grafana account takeo ...
Continue ReadingJune 23, 2023
Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication byp ...
Continue ReadingJune 22, 2023
Back to Main