Updates IaaS Infrastructure – version 5.0
New IaaS Architecture was released February 3th!
The following section list all the features, improvements, and fixed included in IaaS Service 5.0 release:
| Type | Summary |
| Improvement | Now Redis is used to lock LVM operations. |
| Improvement | RHEL/CentOS 5.x Ruby packages compiled with OpenSSL 1.0.1e. |
| Improvement | Erlang upgraded to 18.3 version. |
| Improvement | Improved reliability and cloud engine. |
| Fix | Fixed the issue when after editing a swap disk that had been manually added (built or attached), the disk was removed from fstab and wasn’t available anymore. |
| Fix | Fixed the issue when Virtual Servers built on vCloud compute resources were shut down after increasing the disk size. |
| Fix | Fixed the problem when under certain conditions the vCloud user group created from GUI got duplicated. This led to duplicated resource pools and general misconfiguration of vCloud. |
| Fix | Fixed the problem when in multi-vCenter environment the stats have not been collected from one of vCenter instances. |
| Fix | Fixed the issue with inserting media to vCloud Director VS. |
| Fix | Fixed the synchronization problem when deleting a media file from the catalog in vCloud Director was not updated in SOD CP. |
| Fix | Fixed the issue when vCloud console did not show the correct size for Windows VSs. |
| Fix | Fixed the problem when password became out of sync in vCloud Director after an admin had been editing a user profile and left the password blank. |
| Fix | Fixed the problem when it was impossible to upload an ISO when the image extension was with capital ISO letters. |
| Fix | Fixed moving Firewall Rules down |
| Fix | Fixed the problem when Windows VS build failed if owner’s name contained incompatible character encodings: ASCII-8BIT and UTF-8 |
| Fix | Fixed a range of minor bugs related to VPN IPsec of vCloud Director integration. |
| Fix | Fixed the problem when it was impossible to build a VS from ISO with operating system Windows. |
| Fix | Fixed the error which occurred for a backup’s transaction log item. |
| Fix | Fixed the broken autoscaling for load balancer clusters (autoscaling type) . |
Share
RSS
More Articles…
- From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company
- NIS: what it is and how it protects cybersecurity
- Advanced persistent threats (APTs): what they are and how to defend yourself
- Penetration Testing and MFA: A Dual Strategy to Maximize Security
- Penetration Testing: Where to Strike to Protect Your IT Network
- Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
- Why IT audit and log management are important for Cybersecurity
- Red Team, Blue Team and Purple Team: what are the differences?
Categories …
- Backup as a Service (18)
- Acronis Cloud Backup (11)
- Veeam Cloud Connect (4)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- Cyberfero (15)
- ICT Monitoring (5)
- Log Management (2)
- News (25)
- ownCloud (4)
- Privacy (7)
- Security (203)
- Cyber Threat Intelligence (CTI) (8)
- Deception (4)
- Ethical Phishing (11)
- Netwrix Auditor (2)
- Penetration Test (11)
- Posture Guard (3)
- SOCaaS (65)
- Vulnerabilities (84)
- Web Hosting (15)
Tags
Acronis Cloud Backup
BaaS
Backup
cloud
cloud computing
Cloud Conference
cloud provider reggio emilia
cloud server
cloud services
CTI
cyber security
cyber security
cyber threat
Cyber Threat Hunter
Data Exfiltration
GDPR
Machine Learning
Monitoraggio infrastruttura ICT
Next Generation SIEM
nextgen siem
online hosting
owncloud
owncloud
pentest
Phishing
Plesk
Ransomware
Ransomware
security
server virtuale
sicurezza
siem
Smart Working
SOAR
SOCaaS
Threat intelligence
UEBA
VDS
Virtual Machine
vps
vulnerability assessment
web hosting
webinar
Zabbix
Zabbix as a Service
Unknown Feed
Full Disclosure
- Defense in depth -- the Microsoft way (part 89): user group policies don't deserve tamper protection June 3, 2025Posted by Stefan Kanthak on Jun 03Hi @ll, user group policies are stored in DACL-protected registry keys [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies] respectively [HKEY_CURRENT_USER\Software\Policies] and below, where only the SYSTEM account and members of the "Administrators" user group are granted write access. At logon the user's registry hive "%USERPROFILE%\ntuser.dat" is loaded with exclusive (read, write and...
- CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 June 3, 2025Posted by Sanjay Singh on Jun 03Hello Full Disclosure list, I am sharing details of a newly assigned CVE affecting an open-source educational software project: ------------------------------------------------------------------------ CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 ------------------------------------------------------------------------ Product: CloudClassroom PHP Project Vendor:...
- ERPNext v15.53.1 Stored XSS in bio Field Allows Arbitrary Script Execution in Profile Page June 3, 2025Posted by Ron E on Jun 03An authenticated attacker can inject JavaScript into the bio field of their user profile. When the profile is viewed by another user, the injected script executes. *Proof of Concept:* POST /api/method/frappe.desk.page.user_profile.user_profile.update_profile_info HTTP/2 Host: --host-- profile_info={"bio":"\">"}
- ERPNext v15.53.1 Stored XSS in user_image Field Allows Script Execution via Injected Image Path June 3, 2025Posted by Ron E on Jun 03An authenticated user can inject malicious JavaScript into the user_image field of the profile page using an XSS payload within the file path or HTML context. This field is rendered without sufficient sanitization, allowing stored script execution in the context of other authenticated users. *Proof of Concept:*POST /api/method/frappe.desk.page.user_profile.user_profile.update_profile_info HTTP/2 […]
- Local information disclosure in apport and systemd-coredump June 3, 2025Posted by Qualys Security Advisory via Fulldisclosure on Jun 03Qualys Security Advisory Local information disclosure in apport and systemd-coredump (CVE-2025-5054 and CVE-2025-4598) ======================================================================== Contents ======================================================================== Summary Mitigation Local information disclosure in apport (CVE-2025-5054) - Background - Analysis - Proof of concept Local information disclosure in systemd-coredump...
- Stored XSS via File Upload - adaptcmsv3.0.3 June 3, 2025Posted by Andrey Stoykov on Jun 03# Exploit Title: Stored XSS via File Upload - adaptcmsv3.0.3 # Date: 06/2025 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS via File Upload #1: Steps to Reproduce: 1. Login with low privilege user and visit "Profile" > "Edit […]
- IDOR "Change Password" Functionality - adaptcmsv3.0.3 June 3, 2025Posted by Andrey Stoykov on Jun 03# Exploit Title: IDOR "Change Password" Functionality - adaptcmsv3.0.3 # Date: 06/2025 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ IDOR "Change Password" Functionality #1: Steps to Reproduce: 1. Login as user with low privilege and visit profile page 2. Select […]
- Stored XSS "Send Message" Functionality - adaptcmsv3.0.3 June 3, 2025Posted by Andrey Stoykov on Jun 03# Exploit Title: Stored XSS "Send Message" Functionality - adaptcmsv3.0.3 # Date: 06/2025 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS "Send Message" Functionality #1: Steps to Reproduce: 1. Login as normal user and visit "Profile" > "Message" > […]
- Authenticated File Upload to RCE - adaptcmsv3.0.3 June 3, 2025Posted by Andrey Stoykov on Jun 03# Exploit Title: Authenticated File Upload to RCE - adaptcmsv3.0.3 # Date: 06/2025 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Authenticated File Upload to RCE #1: Steps to Reproduce: 1. Login as admin user and visit "System" > "Appearance" > […]
- Stored XSS in "Description" Functionality - cubecartv6.5.9 June 3, 2025Posted by Andrey Stoykov on Jun 03# Exploit Title: Stored XSS in "Description" Functionality - cubecartv6.5.9 # Date: 05/2025 # Exploit Author: Andrey Stoykov # Version: 6.5.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS #1: Steps to Reproduce: 1. Visit "Account" > "Address Book" and choose "Edit" 2. In the "Description" parameter […]
Customers
Twitter FEED
Recent activity
-
SecureOnlineDesktop
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
-
SecureOnlineDesktop
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF
Newsletter
{subscription_form_1}Products and Solutions
Partners
Cloud Models
News
- From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company May 6, 2024
- NIS: what it is and how it protects cybersecurity April 22, 2024
- Advanced persistent threats (APTs): what they are and how to defend yourself April 17, 2024
- Penetration Testing and MFA: A Dual Strategy to Maximize Security April 15, 2024
- Penetration Testing: Where to Strike to Protect Your IT Network March 25, 2024
Google Reviews
Paolo Raimondi
7 years ago
La Polimatica Progetti Srl, azienda di... cui sono titolare, collabora con soddisfazione da alcuni anni con Secure Online Desktop. L'Azienda è costituita da professionisti seri e competenti. Insieme a loro abbiamo costruito un sistema organizzato di soluzioni ICT, servizi e attività di consulenza per la compliance alla normativa in materia di protezione dei dati personali (GDPR).read more
Ilaria Miglietta
7 years ago
Servizi affidabili e di semplice... utilizzo. I loro tecnici molto attenti alle esigenze del cliente, continuate cosìread more
Francesca Marastoni
7 years ago
Excellent service company with... wonderful stuff. Highly recommended.
Ottima azienda, servizi molto utili, staff qualificato e competente. Raccomandata!read more
Ottima azienda, servizi molto utili, staff qualificato e competente. Raccomandata!read more
Alessio Liga
7 years ago
Servizi di alto livello, competenti e... disponibili a accettare nuove sfide per sviluppare business
Ottimo supportoread more
Ottimo supportoread more
Matteo Revelli
7 years ago
Ottima azienda, offre servizi di alta... qualità con personale competente e disponibile.read more
Lorenzo Munari
7 years ago
Azienda molto seria e... affidabile.
E' un piacere poter collaborare con realtà di questo tiporead more
E' un piacere poter collaborare con realtà di questo tiporead more
Francisco Amadi
7 years ago
Ho avuto il piacere di collaborare con... loro e spero vivamente che succeda di nuovo. Competenti, professionali, precisi e cordiali!read more
Davide Michelotto
7 years ago
Ottimo servizio, seri professionisti al... timone della società e celerità nei tempi di risposta, oltre ogni aspettativa.read more
Luca Prati
7 years ago
Azienda eccellente, consulenza... customizzata e puntuale.
Un ottimo fornitore.
Io personalmente ho parlato con l' Ing. Venuti, valore aggiunto indubbiamente.read more
Un ottimo fornitore.
Io personalmente ho parlato con l' Ing. Venuti, valore aggiunto indubbiamente.read more
About
© 2024 Cyberfero s.r.l. All Rights Reserved. Sede Legale: via Statuto 3 - 42121 Reggio Emilia (RE) – PEC cyberfero@pec.it Cod. fiscale e P.IVA 03058120357 – R.E.A. 356650 Informativa Privacy - Certificazioni ISO