Our Blog

eSec Security Team

Responsible Vulnerability Disclosure – Defect Advisory for Host Header Injection in Cisco Umbrella Dashboard

INTRODUCTION

Cisco Umbrella is a taut cloud-driven Internet Gateway that fortifies users from all kinds of cyber proliferation, no matter the user’s environs. It is one of the most comfortable ways to safeguard the end users anywhere, in minutes.

eSecForte Technologies Security Researcher – Abhinav Khanna found a Host Header Injection vulnerability in Cisco Umbrella Dashboard and a defect advisory was generated by Cisco for the same.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2021-1350 – Packet Flood Vulnerability in Cisco Umbrella Dashboard

INTRODUCTION

Cisco Umbrella is a taut cloud-driven Internet Gateway that fortifies users from all kinds of cyber proliferation, no matter the user’s environs. It is one of the most comfortable ways to safeguard the end users anywhere, in minutes.

eSecForte Technologies Security Researcher – Abhinav Khanna found a Packet Flood vulnerability in Cisco Umbrella Dashboard and it has been assigned CVE-2021-1350.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16961 – Cross-Site Scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found Cross Site Scripting in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16961 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16962 – HTML Injection vulnerability in Manage Engine DesktopCentral

INTRODUCTION

ManageEngine DesktopCentral is a Unified Endpoint Management (UEM) solution that helps manage servers, desktops, virtual machines, mobile phones, tablets, It’s features includes Patch Management, Software Deployment, Remote Desktop Sharing, IT Asset Management, Desktop Configurations, Service Pack Installation, Active Directory Reports, User Administration, Mobile Device Management and many more.

 

eSecForte Technologies Security Researcher – Abhinav Khanna found a HTML Injection vulnerability in the ManageEngine DesktopCentral and it has been assigned CVE-2019-16962 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16954 – HTML Injection vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found HTML Injection vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16954 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16960 – Cross-site scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found a Cross-Site Scripting vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16960 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16956 – Cross-site scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found Cross-Site Scripting in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16956 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16959 – Formula Injection vulnerability in Solarwinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found Formula Injection vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16959 by the MITRE.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16957 – Cross-site scripting vulnerability in Solarwinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSec Security Team

Responsible Vulnerability Disclosure CVE-2019-16955 – Cross-site scripting via file upload vulnerability in Solarwinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.