Blog
Share This Post
[ad_1]
IBM Security Verify Access, an authorization and network security policy management solution, was discovered by IT security researcher Pierre Barre to be impacted by 32 security vulnerabilities, at least half of which could have been leveraged to facilitate total authentication infrastructure compromise, according to SecurityWeek.
Malicious multi-factor authenticators could be added by threat actors to ISVA through the abuse of the solution’s authentication bypass issue and back-end access, which could then allow complete infrastructure takeovers, noted Barre. “Note that even with network restrictions, a low privileged user on a trusted machine can fully compromise the authentication solution, since the back-end used to manage the entire authentication infrastructure can be reached without authentication by sending a specific HTTP header,” Barre said. With IBM refusing to address the flaws as it passed the responsibility of communications filtering to their customers, organizations have been urged by Barre to mitigate the threat through network segmentation and the adoption of additional authentication measures.
Get essential knowledge and practical strategies to fortify your network security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
