SOAP - API Security Blog

Improper access control

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access control vulnerability in EHAC component. A remote unauthenticated attacker could potentially exploit th ...

February 16, 2024

CVE-2023-39244

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access control vulnerability in EHAC component. A remote unauthenticated attacker could potentially exploit th ...

February 15, 2024

php:8.1 security update

An update is available for module.php-pecl-apcu, module.php-pecl-xdebug3, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-rrd, php-pecl-zip, php-pecl-xdebug3, php-pecl-apcu. This update affects Roc ...

February 12, 2024

Ivanti SAML – Server Side Request Forgery (SSRF)

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access cert ...

February 12, 2024

Cisco Expressway Series XSRF (cisco-sa-expressway-csrf-KnnZDMj3)

According to its self-reported version, Cisco Expressway Series is affected by multiple vulnerabilities. A vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server ...

February 10, 2024

Cross site request forgery (csrf)

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CS ...

February 08, 2024

CVE-2024-20255

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CS ...

February 07, 2024

SOAP API Detected

This is an informational notice that the scanner was able to detect a SOAP...Read More ...

February 06, 2024