CISO New Year’s Resolutions for 2021

Subscribe to Newsletters

Webinar Archives

White Papers

Ransomware Response Report: Vol 1 Trends and Outlook

Addressing Complexity and Expertise in Application Security Testing

Getting a grip on enterprise connectivity – integration made easy

Better Together – ITSM and Project Management

What Fortnite Taught Me About Cloud Security

More White Papers

Video

All Videos

Cartoon

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

2020: The Year in SecurityDownload this Tech Digest for a look at the biggest security stories that – so far – have shaped a very strange and stressful year.

Back Issues | Must Reads

Flash Poll

All Polls

Assessing Cybersecurity Risk in Today’s Enterprises
COVID-19 has created a new IT paradigm in the enterprise — and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-4918
PUBLISHED: 2021-01-04

IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392.

CVE-2020-4919
PUBLISHED: 2021-01-04

IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395.

CVE-2020-4928
PUBLISHED: 2021-01-04

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705.

CVE-2020-4942
PUBLISHED: 2021-01-04

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942.

CVE-2020-4909
PUBLISHED: 2021-01-04

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273.

The post CISO New Year’s Resolutions for 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/04/ciso-new-years-resolutions-for-2021/?utm_source=rss&utm_medium=rss&utm_campaign=ciso-new-years-resolutions-for-2021