Tag: Portal software
SQL injection, deserialization and other remotely exploitable vulnerabilities in Red Hat JBoss Web …
Red Hat Security Advisory 2020-5174-01 ≈ Packet Storm
Citrix Files Authentication to Network Share and SharePoint Connectors
Manual user login to Connectors
When a user browses to a Network Share or SharePoint connector, they must first log in if not using SSO. To login, the user must right-click on the Connector name and choose Sign in from the Windows / Mac context menu.
With Citrix Files for Windows v4.4 or later, if the user browses to a unauthenticated connector folder, they are automatically prompted for authentication.
Once the user selects Sign in, they are presented with a Login dialog where the user is required to enter their domain username and password. Upon successful login, they are able to browse their connector folders.
Single Sign-On to Connectors Using NTLM or Kerberos Authentication
Active Directory domain-joined endpoints can SSO into a Network Share or SharePoint connector allowing seamless access for users browsing their connector folders. Users must sign into their AD-joined desktop or virtual application using domain credentials. No additional configuration is required on the Citrix Files client.
Single Sign-On to Connectors using Workspace App
When accessed through Citrix Workspace, users are automatically signed into the connector without a need for user interaction to provide credentials. For SSO to Network Shares or SharePoint connectors using Workspace authentication, StorageZones Controller v5.4.1 or higher is required.
As a requirement, in addition to installing Citrix Files for Windows / Mac, Citrix Workspace App must be installed on their machine and configured for the Citrix Workspace account. For more information on logging onto Citrix Files with Workspace App, please see: https://docs.citrix.com/en-us/citrix-content-collaboration/files-authentication.html
Single Sign-On to Connectors using VDA Authentication
When accessing Connectors inside a VDA session through Workspace, users will be automatically signed into the connector without a need for user interaction to provide credentials. For SSO to Network Shares or SharePoint connectors using Workspace authentication inside a VDA environment, StorageZones Controller v5.4.1 or higher is required.
exclusing company onedrive and sharepoint
Seem to be having difficulties excluding all the different places and ways users are accessing some of our tools.
I had made prior channel filter exclusions that seemed to be working as well as http ones but am continually adding to these as we had some tenant changes with 0365 etc.
I have and influx of cloud hits for our sharepoint sites as well as our one drive.
I do only wish to exclude our corporate one drive and not something someone might have installed and be using with personal accounts.
Right now I am seeing incidents created with OneDrive.exe as well as EXCEL.exe and a sharepoint site that I already added to the excluded list. Trying to keep ‘private’ information and sorporation so hope the blackouts do not interfere with assistance (images attached)
Is there somewhere else I ened to make these exclusions for this endpoint activity?
In https I have -*xnamexgroup-my.sharepoint.com/*
and assorted ways that the home paths are listed for onedrive, example
%HOMEPATH%OneDrive – xxx Group*
DLP v15 Deprecated Technologies
We’re looking at upgrading our DLP implementation from v14.6 to v15.x and i’m trying to find out if any technologies have been deprecated under v15.x? Looking at the documentation for v15, SharePoint 2007 for example is not covered as a supported technology. Is there anywhere which either gives a definitive list of all currently supported OS’s, technologies etc… or a list of all deprecated technologies per version?
DLP v15 Depracted Technologies
We’re looking at upgrading our DLP implementation from v14.6 to v15.x and i’m trying to find out if any technologies have been deprecated under v15.x? Looking at the documentation for v15, SharePoint 2007 for example is not covered as a supported technology. Is there anywhere which either gives a definitive list of all currently supported OS’s, technologies etc… or a list of all depracated technologies per version?
Cisco Data Center Network Manager JBoss EAP Unauthorized Access Vulnerability
A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device.
The vulnerability is due to an incorrect configuration of the authentication settings on the JBoss EAP. An attacker could exploit this vulnerability by authenticating with a specific low-privilege account. A successful exploit could allow the attacker to gain unauthorized access to the JBoss EAP, which should be limited to internal system accounts.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
Security Impact Rating: Medium
Favorite Folders and Files
To add a folder or file to your favorites, click the Star icon to the left of the folder or file name.
To view all of your Favorite Folders, click on the Favorites tab in the left navigation menu.
Items in this list can be organized by selecting the gray grips along the right edge of the row. Click and hold to drag to move the file or folder up or down.
- You cannot add a SharePoint folder that is a sub-site (ReadOnly) within your SharePoint Connectors menu.
How to Access SharePoint and Network Shares on ShareFile Desktop App for Windows
The ShareFile Desktop App allows access to SharePoint and Network Shares. If this feature is enabled for your account, access these locations via the Navigation drop-down menu. Please note that your ability to download, upload or modify files within your SharePoint or Network Share locations depends on your permissions in those locations.