Múltiples vulnerabilidades en productos Netgear

Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica

Descripción:
Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-19

Múltiples vulnerabilidades en GitLab

Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica

Recursos afectados:
Todas las versiones de:
GitLab CE/EE,
GitLab Omnibus,
GitLab Charts,
GitLab Pages.
Descripción:
GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar una vulnerabilidad tipo Cross-Site Scripting (XSS), acceder al token de registro y variables de entorno o causar una denegación de servicio entre otros.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab

GitLab addresses critical account hijack bug.

https://portswigger.net/daily-swig/gitlab-addresses-critical-account-hijack-bug

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)

https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Original release date: April 01, 2022

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/spring-releases-security-updates-addressing-spring4shell-and

VMSA-2022-0010

CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

CVE-2022-26871 Detail

NVD Published Date: 03/29/2022
NVD Last Modified: 03/30/2022
Source: Trend Micro, Inc.

Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2022-26871

Boletín de seguridad de Android de abril de 2022

Fecha de publicación: 05/04/2022
Importancia: 4 - Alta

Recursos afectados:
Android Open Source Project (AOSP):

Versiones 10, 11, 12 y 12L.
Descripción:
El boletín mensual de Android de abril de 2022 soluciona 3 vulnerabilidades de severidad alta que afectan al sistema, y que podrían permitir a un cibedelincuente la escalada remota de privilegios, sin necesidad de privilegios de ejecución adicionales ni interacción por parte del usuario, y la divulgación de información.

https://www.incibe.es/protege-tu-empresa/avisos-seguridad/boletin-seguridad-android-abril-2022

https://t.me/sysadmin24x7/4927
Actualización de contenido sobre vulnerabilidad

VMSA-2022-0010.1

CVSSv3 Range: 9.8
Issue Date: 2022-04-02

Updated On: 2022-04-06

CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

Vulnerabilidad SQLi en FortiWAN de Fortinet

Fecha de publicación: 06/04/2022
Importancia: 5 - Crítica

Recursos afectados:
FortiWAN 4.5.8 y anteriores.

Descripción:
Giuseppe Cocomazzi, del equipo Fortinet Product Security, ha descubierto esta vulnerabilidad crítica que podría permitir a un atacante ejecutar código o comandos no autorizados.

Solución:
Actualizar a FortiWAN 4.5.9 o superior.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-sqli-fortiwan-fortinet

VMSA-2022-0011

CVSSv3 Range: 5.3-9.8
Issue Date: 2022-04-06

CVE(s): CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961

Synopsis:
VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.

Impacted Products:
VMware Workspace ONE Access (Access)
VMware Identity Manager (vIDM)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

https://www.vmware.com/security/advisories/VMSA-2022-0011.html

Citrix Hypervisor Security Update

Description of Problem
A security issue has been identified that affects Citrix Hypervisor.
This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by the host administrator using the PCI passthrough feature.
The issue has the following identifier:
CVE-2022-26357
Customers who have not assigned a physical PCI device to a guest VM are not affected by this issue. Customers who are running on systems with only AMD CPUs are also not affected by this issue.

https://support.citrix.com/article/CTX390511

VMSA-2022-0012

CVSSv3 Range: 7.3
Issue Date: 2022-04-06

CVE(s): CVE-2022-22962, CVE-2022-22964

Synopsis:
VMware Horizon Client for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)

Impacted Products
VMware Horizon Client for Linux

https://www.vmware.com/security/advisories/VMSA-2022-0012.html

ICS Medical Advisory (ICSMA-21-187-01)
Philips Vue PACS (Update B)

CVSS v3: 9.8
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Philips
Equipment: Vue PACS

Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper Authentication, Improper Initialization, Use of a Broken or Risky Cryptographic Algorithm, Protection Mechanism Failure, Use of a Key Past its Expiration Date, Insecure Default Initialization of Resource, Improper Handling of Unicode Encoding, Insufficiently Protected Credentials, Data Integrity Issues, Cross-site Scripting, Improper Neutralization, Use of Obsolete Function, Relative Path Traversal

https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01

https://t.me/sysadmin24x7/4927
Actualización de contenido sobre vulnerabilidad

VMSA-2022-0010.2
CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-06

CVE(s):CVE-2022-22965
Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

VMSA-2022-0010.4

CVSSv3 Range: 9.8
Issue Date: 2022-04-02

Updated On: 2022-04-08
CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs (TAS)
VMware Tanzu Operations Manager (Ops Manager)
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

Microsoft Releases April 2022 Security Updates
Original release date: April 12, 2022

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/microsoft-releases-april-2022-security-updates

Google Releases Security Updates for Chrome

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/google-releases-security-updates-chrome

Latest Servicing Stack Updates
ADV990001

Security Advisory
Released: Nov 13, 2018 Last updated: Apr 12, 2022

https://msrc.microsoft.com/update-guide/vulnerability/ADV990001

Citrix Releases Security Updates for Multiple Products
Original release date: April 12, 2022

Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary updates.

CTX370550
CTX377814
CTX370551
CTX341455

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/citrix-releases-security-updates-multiple-products

Apache Releases Security Advisory for Struts 2
Original release date: April 12, 2022

The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Apache’s security advisory S2-062 and upgrade to the latest released version.

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/apache-releases-security-advisory-struts-2

https://cwiki.apache.org/confluence/plugins/servlet/mobile?contentId=210079428#content/view/210079428