#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

JAVA Framework | Breaking Cybersecurity News | The Hacker News

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

Feb 28, 2023 Software Security / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Tracked as  CVE-2022-36537  (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive information via specially crafted requests. "The ZK Framework is an open source Java framework," CISA  said . "This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager." The  vulnerability  was patched in May 2022 in versions 9.6.2, 9.6.0.2, 9.5.1.4, 9.0.1.3, and 8.6.4.2. As  demonstrated  by Huntress in a proof-of-concept (PoC) in October 2022, the vulnerability can be weaponized to bypass authentication, upload a backdoored JDBC database driver to gain code execution, and deploy ransomware on susceptible
Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

Dec 01, 2022 Kubernetes / Vulnerability Management
A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as  CVE-2022-4116  (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges. "The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by localhost attacks that could lead to remote-code execution (RCE)," Contrast Security researcher Joseph Beeton, who reported the bug,  said  in a write-up. Quarkus, developed by Red Hat, is an  open source project  that's used for creating Java applications in  containerized  and serverless environments. It's worth pointing out that the  issue  only impacts developers who are running Quarkus and are tricked into visiting a specially crafted website, which is embedded with malicious JavaScript code designed to install or execute arbitrary payloads. This could take the form o
cyber security

Cracking the Code to Vulnerability Management

websitewiz.ioVulnerability Management / Cloud Security
Vulnerability management in the cloud is no longer just about patches and fixes. In this latest report, the Wiz Security Research team put vulnerability management theory into practice using recently identified vulnerabilities as examples. Get the FREE report
Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk

Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk

Dec 04, 2023SaaS Security / Data Security
As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn't have access as well as trim unnecessary permissions. In addition to saving some unnecessary license fees, a clean user inventory significantly enhances the security of your SaaS applications. From reducing risk to protecting against data leakage, here is how you can start the new year with a clean user list.  How Offboarded Users  Still  Have Access to Your Apps When employees leave a company, they trigger a series of changes to backend systems in their wake. First, they are removed from the company's identity provider (IdP), which kicks off an automated workflow that deactivates their email and removes access to all internal systems. When enterprises use an SSO (single sign-on), these former employees lose access to any online properties – including SaaS applications – that require SSO for login.  However, that doesn't mean that former employee
Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Apr 06, 2018
Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it. Spring Framework is a popular, lightweight and an open source framework for developing Java-based enterprise applications. In an advisory released today by Pivotal, the company detailed following three vulnerabilities discovered in Spring Framework versions 5.0 to 5.0.4, 4.3 to 4.3.14, and older unsupported versions: Critical : Remote Code Execution with spring-messaging (CVE-2018-1270) High : Directory Traversal with Spring MVC on Windows (CVE-2018-1271) Low : Multipart Content Pollution with Spring Framework (CVE-2018-1272) Vulnerable Spring Framework versions expose STOMP clients over WebSocket endpoints with an in-memory STOMP broker through the 'spring-messaging' module, which could allow an attacker to send a mali
Cybersecurity Resources