Remove Blog Remove Security Remove Vulnerability
article thumbnail

Guidance for reducing unauthenticated OGNL injection security vulnerability risk (CVE-2022-26134)

Citrix

Citrix has crafted new signatures and has updated its Citrix Web App Firewall signature file to help customers mitigate the recent OGNL injection vulnerability in multiple versions of Atlassian Confluence (CVE-2022-26134). You can download these and apply them immediately.…

article thumbnail

Cybersecurity Tips: Risk and Vulnerability Management

Security Industry Association

Managing cybersecurity risks and vulnerabilities is a critical activity for any robust security program. Risk management and vulnerability management are performed in tandem to help keep your network safer and more secure. What Is Security Risk Management? What Is Security Risk Management?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Worried about the latest OpenSSL vulnerability? NetScaler can help.

Citrix

November has started with the announcement of a high security OpenSSL vulnerability. OpenSSL has released a blog post that provides more detail, and OpenSSL versions 3.0.0 Now that everyone is hopefully … The post Worried about the latest OpenSSL vulnerability? first appeared on Citrix Blogs. through 3.0.6

article thumbnail

Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF

Citrix

was made public on December 9, 2021, as to which JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other … The post Guidance for reducing Apache Log4j security vulnerability (CVE-2021-44228) risk with Citrix WAF first appeared on Citrix Blogs.

article thumbnail

The Top Vulnerabilities in Software Security

Assurance IT

Did you know that in 2020, over 18,000 vulnerabilities were created? When your computer is linked to an insecure network your software security can be compromised. Updates that are forgotten, product flaws, and unresolved developer issues expose your clients to computer security risks. What is a Vulnerability?

article thumbnail

What We Can Learn from the Log4j Vulnerability

Pure Storage

In December, a critical zero-day vulnerability was reported in the widely used Log4j framework. Log4j is so ubiquitous, in fact, that Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called this “the most serious vulnerability I have seen in my decades-long career.”. What Is the Log4j Vulnerability?

article thumbnail

Guidance for reducing HTTP protocol RCE security vulnerability risk with Citrix Web App Firewall (CVE-2022-21907)

Citrix

The HTTP protocol stack remote code execution vulnerability (CVE-2022-21907) lies in the management of HTTP Trailers by the kernel mode driver http.sys.