RSS Feed
Contents
x
Product Documentation
Download Center
Architecture Diagrams
FAQs
CTERA Support Documents
How-tos
Troubleshooting
Security Advisories
Videos
Powered by
Security Advisories
6 Articles
in this category
Share this
Print
Share
Dark
Light
Contents
Security Advisories
6 Articles
in this category
Share
Dark
Light
Edge Filer Security Vulnerability
Vulnerability Description A vulnerability has been identified in the CTERA Edge Filer administrative interface that allows authenticated users to escalate their privileges. This vulnerability has been assessed by CTERA to hav...
Updated on : 15 Feb 2023
Samba Vulnerability CVE-2021-44142
Vulnerability Description CVE-2021-44142 is a privilege escalation vulnerability that allows remote attackers to execute arbitrary code on affected installations of Samba. Access as a user that has write access to a file's e...
Updated on : 12 Apr 2022
Security Vulnerability CVE-2021-4034 (Polkit (Pwnkit))
Vulnerability Description A memory corruption vulnerability has been found in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows an...
Updated on : 12 Apr 2022
Security Vulnerability CVE-2021-44228 (Log4Shell)
The information in this article is correct as of December 16th 2021. Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled L...
Updated on : 12 Apr 2022
Security Vulnerability CVE-2022-0847 (Dirty Pipe ) and CVE-2022-0001 (Spectre-BHI )
Vulnerability Description The Dirty Pipe vulnerability in the Linux kernel has been around since version 5.8 and is tracked as CVE-2022-0847. This flaw discovered by Max Kellermann, abuses how the Kernel manages pages in pip...
Updated on : 12 Apr 2022
Security Vulnerability CVE-2022-22965 and CVE-2022-22963 (Spring4Shell Zero-Day Vulnerability)
Vulnerability Description A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WA...
Updated on : 12 Apr 2022