VMSA-2022-0001.2
CVSSv3 Range: 7.7
Issue Date: 2022-01-04
Updated On: 2022-02-14
CVE(s): CVE-2021-22045
Synopsis:
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
https://www.vmware.com/security/advisories/VMSA-2022-0001.html
CVSSv3 Range: 7.7
Issue Date: 2022-01-04
Updated On: 2022-02-14
CVE(s): CVE-2021-22045
Synopsis:
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
https://www.vmware.com/security/advisories/VMSA-2022-0001.html
VMSA-2022-0004
CVSSv3 Range: 5.3-8.4
Issue Date: 2022-02-15
CVE(s):CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
https://www.vmware.com/security/advisories/VMSA-2022-0004.html
CVSSv3 Range: 5.3-8.4
Issue Date: 2022-02-15
CVE(s):CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
https://www.vmware.com/security/advisories/VMSA-2022-0004.html
VMSA-2022-0005
CVSSv3 Range: 8.8
Issue Date: 2022-02-15
CVE(s): CVE-2022-22945
Synopsis:
VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)
Impacted Products
VMware NSX Data Center for vSphere (NSX-V)
https://www.vmware.com/security/advisories/VMSA-2022-0005.html
CVSSv3 Range: 8.8
Issue Date: 2022-02-15
CVE(s): CVE-2022-22945
Synopsis:
VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945)
Impacted Products
VMware NSX Data Center for vSphere (NSX-V)
https://www.vmware.com/security/advisories/VMSA-2022-0005.html
VMware
VMSA-2022-0005
VMware NSX Edge update addresses CLI shell injection vulnerability (CVE-2022-22945)
Múltiples vulnerabilidades en productos VMware
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
ESXi, versiones:
7.0 U3;
7.0 U2;
7.0 U1;
7.0;
6.7;
6.5.
Fusion, versiones 12.x.
Workstation, versiones 16.x.
Cloud Foundation (ESXi), versiones:
4.x;
3.x.
NSX Data Center para vSphere, todas las versiones.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-24
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
ESXi, versiones:
7.0 U3;
7.0 U2;
7.0 U1;
7.0;
6.7;
6.5.
Fusion, versiones 12.x.
Workstation, versiones 16.x.
Cloud Foundation (ESXi), versiones:
4.x;
3.x.
NSX Data Center para vSphere, todas las versiones.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-24
INCIBE-CERT
Múltiples vulnerabilidades en productos VMware
Los investigadores Wei de Kunlun Lab, junto con Dimitri Di Cristofaro y Przemek Reszke de SECFORCE LTD, han reportado 6 vulnerabilidades, 5 de severidad alta y 1 media, aunque la combinación de
Múltiples vulnerabilidades en productos de TIBCO
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
TIBCO BusinessConnect Container Edition versión 1.1.0 y anteriores;
TIBCO AuditSafe versión 1.1.0 y anteriores.
Componentes Database, Auth Server y Web Server.
Descripción:
TIBCO ha reportado 3 vulnerabilidades: 2 de severidad crítica y 1 de severidad alta por las que un atacante no autenticado con acceso a la red podría ejecutar métodos de la API en el sistema afectado y obtener nombres y contraseñas de los usuarios.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-4
Fecha de publicación: 16/02/2022
Importancia: 5 - Crítica
Recursos afectados:
TIBCO BusinessConnect Container Edition versión 1.1.0 y anteriores;
TIBCO AuditSafe versión 1.1.0 y anteriores.
Componentes Database, Auth Server y Web Server.
Descripción:
TIBCO ha reportado 3 vulnerabilidades: 2 de severidad crítica y 1 de severidad alta por las que un atacante no autenticado con acceso a la red podría ejecutar métodos de la API en el sistema afectado y obtener nombres y contraseñas de los usuarios.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-4
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisories SA-CORE-2022-003 and SA-CORE-2022-004 and apply the necessary updates.
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/drupal-releases-security-updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Drupal security advisories SA-CORE-2022-003 and SA-CORE-2022-004 and apply the necessary updates.
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/drupal-releases-security-updates
www.cisa.gov
Drupal Releases Security Updates | CISA
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following…
Cisco Releases Security Updates for Email Security Appliance
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/cisco-releases-security-updates-email-security-appliance
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/cisco-releases-security-updates-email-security-appliance
www.cisa.gov
Cisco Releases Security Updates for Email Security Appliance | CISA
Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see…
Unsafe client-side session storage leading to authentication bypass / instance takeover via Zabbix Frontend with configured SAML (CVE-2022-23131)
https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-20350
https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-20350
Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites
https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html
https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html
VMSA-2022-0006
CVSSv3 Range: 6.6
Issue Date: 2022-02-23
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Impacted Products
VMware Workspace ONE Boxer
https://www.vmware.com/security/advisories/VMSA-2022-0006.html
CVSSv3 Range: 6.6
Issue Date: 2022-02-23
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Impacted Products
VMware Workspace ONE Boxer
https://www.vmware.com/security/advisories/VMSA-2022-0006.html
VMware
VMSA-2022-0006
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
Advisory ID: cisco-sa-nxos-bfd-dos-wGQXrzxn
First Published: 2022 February 23 16:00 GMT
Workarounds: No workarounds available
CVSS Score: Base 8.6
CVE-2022-20623
Summary
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
Advisory ID: cisco-sa-nxos-bfd-dos-wGQXrzxn
First Published: 2022 February 23 16:00 GMT
Workarounds: No workarounds available
CVSS Score: Base 8.6
CVE-2022-20623
Summary
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn
Cisco
Cisco Security Advisory: Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability
A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device.…
Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability
Advisory ID: cisco-sa-cfsoip-dos-tpykyDr
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvy95696 CSCvy95840
CVSS Score: 8.6
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the CFSoIP feature enabled:
Nexus 3000 Series Switches (CSCvy95696)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvy95696)
UCS 6400 Series Fabric Interconnects (CSCvy95840)
Note: For Nexus 3000 and Nexus 9000 Series Switches, CFSoIP is not enabled by default. For UCS 6400 Series Fabric Interconnects, CFSoIP is enabled by default.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cfsoip-dos-tpykyDr
Advisory ID: cisco-sa-cfsoip-dos-tpykyDr
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvy95696 CSCvy95840
CVSS Score: 8.6
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the CFSoIP feature enabled:
Nexus 3000 Series Switches (CSCvy95696)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvy95696)
UCS 6400 Series Fabric Interconnects (CSCvy95840)
Note: For Nexus 3000 and Nexus 9000 Series Switches, CFSoIP is not enabled by default. For UCS 6400 Series Fabric Interconnects, CFSoIP is enabled by default.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cfsoip-dos-tpykyDr
Cisco NX-OS Software NX-API Command Injection Vulnerability
Advisory ID: cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvz80191 CSCvz81047
CVSS Score: Base 8.8
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
Note: The NX-API feature is disabled by default.
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the NX-API feature enabled:
Nexus 3000 Series Switches (CSCvz80191)
Nexus 5500 Platform Switches (CSCvz81047)
Nexus 5600 Platform Switches (CSCvz81047)
Nexus 6000 Series Switches (CSCvz81047)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvz80191)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
Advisory ID: cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
First Published: 2022 February 23 16:00 GMT
Cisco Bug IDs: CSCvz80191 CSCvz81047
CVSS Score: Base 8.8
Summary
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
Note: The NX-API feature is disabled by default.
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco NX-OS Software and have the NX-API feature enabled:
Nexus 3000 Series Switches (CSCvz80191)
Nexus 5500 Platform Switches (CSCvz81047)
Nexus 5600 Platform Switches (CSCvz81047)
Nexus 6000 Series Switches (CSCvz81047)
Nexus 9000 Series Switches in standalone NX-OS mode (CSCvz80191)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-cmdinject-ULukNMZ2
Cisco
Cisco Security Advisory: Cisco NX-OS Software NX-API Command Injection Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges.
The vulnerability is due to insufficient input validation of user supplied data that is sent to…
The vulnerability is due to insufficient input validation of user supplied data that is sent to…
GPU giant Nvidia is investigating a potential cyberattack.
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
https://www.bleepingcomputer.com/news/security/gpu-giant-nvidia-is-investigating-a-potential-cyberattack/
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
https://www.bleepingcomputer.com/news/security/gpu-giant-nvidia-is-investigating-a-potential-cyberattack/
BleepingComputer
GPU giant Nvidia is investigating a potential cyberattack
US chipmaker giant Nvidia confirmed today it's currently investigating an "incident" that reportedly took down some of its systems for two days.
Múltiples vulnerabilidades en productos de GitLab
Fecha de publicación: 28/02/2022
Importancia: 5 - Crítica
Recursos afectados:
GitLab CE/EE, todas las versiones;
GitLab Omnibus, versiones anteriores a 14.8.
Descripción:
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a través de una API, acceder a variables de entorno, listar usuarios no autenticados, ejecutar comandos arbitrarios, filtrar credenciales o causar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-gitlab
Fecha de publicación: 28/02/2022
Importancia: 5 - Crítica
Recursos afectados:
GitLab CE/EE, todas las versiones;
GitLab Omnibus, versiones anteriores a 14.8.
Descripción:
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a través de una API, acceder a variables de entorno, listar usuarios no autenticados, ejecutar comandos arbitrarios, filtrar credenciales o causar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-gitlab
INCIBE-CERT
Múltiples vulnerabilidades en productos de GitLab
GitLab ha publicado 7 vulnerabilidades: 1 de severidad crítica, 5 de severidad media y 1 de severidad baja, por las que un atacante podría acceder al token de registro, añadir usuarios a grupos a
Múltiples vulnerabilidades en Lansweeper
Fecha de publicación: 01/03/2022
Importancia: 5 - Crítica
Recursos afectados:
Lansweeper 9.1.20. 2.
Descripción:
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación podría permitir a un atacante realizar inyecciones SQL e inyección arbitraria de código Javascript.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-lansweeper
Fecha de publicación: 01/03/2022
Importancia: 5 - Crítica
Recursos afectados:
Lansweeper 9.1.20. 2.
Descripción:
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación podría permitir a un atacante realizar inyecciones SQL e inyección arbitraria de código Javascript.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-lansweeper
INCIBE-CERT
Múltiples vulnerabilidades en Lansweeper
Marcin "Icewall" Noga, investigador de Cisco Talos, ha reportado 4 vulnerabilidades en la solución de gestión de activos informáticos Lansweeper, 3 de severidad crítica y 1 medio, cuya explotación
VMSA-2022-0007
CVSSv3 Range: 5.6
Issue Date: 2022-03-01
CVE(s): CVE-2022-22943
Synopsis:
VMware Tools for Windows update addresses an uncontrolled search path vulnerability (CVE-2022-22943)
Impacted Products
VMware Tools for Windows
https://www.vmware.com/security/advisories/VMSA-2022-0007.html
CVSSv3 Range: 5.6
Issue Date: 2022-03-01
CVE(s): CVE-2022-22943
Synopsis:
VMware Tools for Windows update addresses an uncontrolled search path vulnerability (CVE-2022-22943)
Impacted Products
VMware Tools for Windows
https://www.vmware.com/security/advisories/VMSA-2022-0007.html
Omisión de autenticación administrativa en FortiMail de Fortinet
Fecha de publicación: 02/03/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiMail, versiones:
7.0.0 y anteriores;
6.4.5 y anteriores;
6.2.7 y anteriores;
6.0.11 y anteriores;
5.4.12 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-administrativa-fortimail-fortinet
Fecha de publicación: 02/03/2022
Importancia: 5 - Crítica
Recursos afectados:
FortiMail, versiones:
7.0.0 y anteriores;
6.4.5 y anteriores;
6.2.7 y anteriores;
6.0.11 y anteriores;
5.4.12 y anteriores.
Descripción:
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-administrativa-fortimail-fortinet
INCIBE-CERT
Omisión de autenticación administrativa en FortiMail de Fortinet
Giuseppe Cocomazzi, del equipo de seguridad de productos de Fortinet, ha reportado una vulnerabilidad de severidad crítica de omisión de autenticación en FortiMail.
Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
Advisory ID: cisco-sa-expressway-filewrite-87Q5YRk
First Published: 2022 March 2 16:00 GMT
Version 1.0: Final
Cisco Bug IDs:
CSCvz85393 CSCwa25107
CVE-2022-20754
CVE-2022-20755
CWE-23
CWE-78
CVSS Score: Base 9.0
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-87Q5YRk
Advisory ID: cisco-sa-expressway-filewrite-87Q5YRk
First Published: 2022 March 2 16:00 GMT
Version 1.0: Final
Cisco Bug IDs:
CSCvz85393 CSCwa25107
CVE-2022-20754
CVE-2022-20755
CWE-23
CWE-78
CVSS Score: Base 9.0
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-87Q5YRk
Cisco
Cisco Security Advisory: Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write…
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure Privilege Escalation Vulnerability
Advisory ID:cisco-sa-uccsmi-prvesc-BQHGe4cm
First Published: 2022 March 2 16:00 GMT
Cisco Bug IDs:
CSCvz40263
CVE-2022-20762
CWE-284
CVSS Score: Base 7.8
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccsmi-prvesc-BQHGe4cm
Advisory ID:cisco-sa-uccsmi-prvesc-BQHGe4cm
First Published: 2022 March 2 16:00 GMT
Cisco Bug IDs:
CSCvz40263
CVE-2022-20762
CWE-284
CVSS Score: Base 7.8
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccsmi-prvesc-BQHGe4cm
Cisco
Cisco Security Advisory: Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure Privilege Escalation Vulnerability
A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure (SMI) software could allow an authenticated, local attacker to escalate privileges on an affected device.
This vulnerability…
This vulnerability…