SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.03K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
July 2022 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul
705 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos Juniper

Fecha de publicación: 14/07/2022
Identificador: INCIBE-2022-0835
Importancia: 5 - Crítica

Recursos afectados:
Juniper Networks NorthStar Controller:
versiones anteriores a 5.1.0 Service Pack 6;
versiones 6 anteriores a 6.2.2.
Juniper Networks Junos Space Policy Enforcer, versiones anteriores a 22.1R1.
Juniper Networks Contrail Networking, versiones anteriores a 21.4.0.
Juniper Networks Junos Space, versiones anteriores a 22.1R1.

Descripción:
Juniper ha publicado 4 avisos de severidad crítica que recogen múltiples vulnerabilidades.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-juniper-12
INCIBE-CERT
Múltiples vulnerabilidades en productos Juniper
Juniper ha publicado 4 avisos de severidad crítica que recogen múltiples vulnerabilidades.
760 views
SysAdmin 24x7
Inyección XXE en OpenKM

Fecha de publicación: 15/07/2022
Identificador: INCIBE-2022-0831
Importancia: 4 - Alta

Recursos afectados:
OpenKM Document Management Community, versión 6.3.10 y anteriores.

Descripción:
INCIBE ha coordinado la publicación de una vulnerabilidad en OpenKM, con el código interno INCIBE-2022-0831, que ha sido descubierta por Keval Shah.

A esta vulnerabilidad se le ha asignado el código CVE-2022-2131. Se ha calculado una puntuación base CVSS v3.1 de 8,5, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L.

Solución:
Esta vulnerabilidad ha sido resuelta por el equipo de OpenKM en la versión 6.3.11, publicada el 20/05/2021.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/inyeccion-xxe-openkm
www.incibe.es
Inyección XXE en OpenKM
INCIBE ha coordinado la publicación de una vulnerabilidad en OpenKM, con el código interno INCIBE-2022
788 views
SysAdmin 24x7
Múltiples vulnerabilidades en Moodle

Fecha de publicación: 18/07/2022
Identificador: INCIBE-2022-0837
Importancia: 5 - Crítica

Recursos afectados:
Versiones:
de la 4.0 a la 4.0.1;
de la 3.11 a la 3.11.7;
de la 3.9 a la 3.9.14;
versiones anteriores no soportadas.

Descripción:
Diversas investigaciones han reportado 6 vulnerabilidades en Moodle, 3 de severidad crítica y 3 bajas, por las que un atacante podría realizar ejecución remota de código, lectura arbitraria de archivos, XSS, SSRF y redirección abierta.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-moodle-20
INCIBE-CERT
Múltiples vulnerabilidades en Moodle
Diversas investigaciones han reportado 6 vulnerabilidades en Moodle, 3 de severidad crítica y 3 bajas, por las que un atacante podría realizar ejecución remota de código, lectura arbitraria de
835 views
SysAdmin 24x7
Software Vendors Start Patching Retbleed CPU Vulnerabilities.

Vendors have started rolling out software updates to address the recently disclosed Retbleed speculative execution attack targeting Intel and AMD processors.

https://www.securityweek.com/software-vendors-start-patching-retbleed-cpu-vulnerabilities
Securityweek
Software Vendors Start Patching Retbleed CPU Vulnerabilities | SecurityWeek.Com
Vendors have started rolling out software updates to address the recently disclosed Retbleed speculative execution attack targeting Intel and AMD processors.
658 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos Dell

Fecha de publicación: 19/07/2022
Identificador: INCIBE-2022-0839
Importancia: 5 - Crítica

Recursos afectados:
Dell Avamar Server Hardware Appliance, Gen4S y Gen4T,
Dell Avamar Virtual Edition,
Dell Avamar NDMP Accelerator,
Dell Avamar VMware Image Proxy,
Dell NetWorker Virtual Edition (NVE),
Dell PowerProtect DP Series Appliance, Dell Integrated Data Protection Appliance (IDPA).

Descripción:
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante comprometer el sistema afectado.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-dell
INCIBE-CERT
Múltiples vulnerabilidades en productos Dell
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante comprometer el sistema afectado.
822 views
SysAdmin 24x7
‘Password extraction risk’ in identity provider Okta disputed.

Researchers go public after vendor disputes impersonation threat

https://portswigger.net/daily-swig/password-extraction-risk-in-identity-provider-okta-disputed
The Daily Swig | Cybersecurity news and views
‘Password extraction risk’ in identity provider Okta disputed
Researchers go public after vendor disputes impersonation threat
739 views
SysAdmin 24x7
Oracle Critical Patch Update Advisory - July 2022.

https://www.oracle.com/security-alerts/cpujul2022.html
647 views
SysAdmin 24x7
July 2022: Atlassian Security Advisories Overview

Hardcoded password (CVE-2022-26138)
Multiple Servlet Filter Vulnerabilities
(CVE-2022-26136, CVE-2022-26137)

https://confluence.atlassian.com/security/july-2022-atlassian-security-advisories-overview-1142446703.html
918 views
SysAdmin 24x7
Cisco Nexus Dashboard Unauthorized Access Vulnerabilities

Advisory ID: cisco-sa-ndb-mhcvuln-vpsBPJ9y

First Published: 2022 July 20 16:00 GMT
Cisco Bug IDs: CSCwa75451 CSCwa93560 CSCwb24518
CVE-2022-20857
CVE-2022-20858
CVE-2022-20861
CWE-306
CWE-352

CVSS Score: Base 9.8

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mhcvuln-vpsBPJ9y
Cisco
Cisco Security Advisory: Cisco Nexus Dashboard Unauthorized Access Vulnerabilities
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.
For more information about these vulnerabilities…
664 views
SysAdmin 24x7
VMSA-2021-0025.3

CVSSv3 Range: 7.1
Issue Date: 2021-11-10
CVE(s): CVE-2021-22048

Synopsis:
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

Impacted Products
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)

Introduction
A privilege escalation vulnerability in VMware Center Server was privately reported to VMware. Workarounds are available to remediate this vulnerability in the affected VMware products.

https://www.vmware.com/security/advisories/VMSA-2021-0025.html
704 views
SysAdmin 24x7
Zyxel firewall vulnerabilities left business networks open to abuse.

Severity of code execution bug mitigated by ‘high uptake’ of previous patch

Zyxel has released patches for several of its firewall products following the discovery of two security vulnerabilities that left business networks open to exploitation.

CVE-2022-2030
CVE-2022-30526

https://portswigger.net/daily-swig/zyxel-firewall-vulnerabilities-left-business-networks-open-to-abuse
The Daily Swig | Cybersecurity news and views
Zyxel firewall vulnerabilities left business networks open to abuse
Severity of code execution bug mitigated by ‘high uptake’ of previous patch
688 views
SysAdmin 24x7
UNAUTHENTICATED SQL INJECTION IN SONICWALL GMS AND ANALYTICS

Advisory ID: SNWLID-2022-0007
First Published: 2022-07-21

Workaround: true
Status: Applicable
CVE: CVE-2022-22280
CVSS v3: 9.4

SUMMARY
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS and Analytics On-Prem.

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007
710 views
SysAdmin 24x7
Zero Day attacks target online stores using PrestaShop

Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop.

https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36408
Security Affairs
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day to steal payment information from sites using the open source e-commerce platform PrestaShop.
686 views
SysAdmin 24x7
WITH MANAGEMENT COMES RISK: FINDING FLAWS IN FILEWAVE MDM

https://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm/
Claroty
Uncovering FileWave Mobile Device Management (MDM) Vulnerabilities
Team82 has uncovered and disclosed two critical vulnerabilities, CVE-2022-34907 and CVE-2022-34906, in FileWave’s mobile device management (MDM) system.
647 views
SysAdmin 24x7
Printing to USB-connected printers might fail

OS Build 19044.1806
KB5014666
2022-06-28

https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#printing-to-usb-connected-printers-might-fail
Docs
Windows 10, version 21H2
View announcements and review known issues and fixes for Windows 10, version 21H2
787 views
SysAdmin 24x7
Múltiples vulnerabilidades en Dell Embedded NAS

Fecha de publicación: 28/07/2022
Identificador: INCIBE-2022-0852
Importancia: 5 - Crítica

Recursos afectados:
Dell PowerMax Embedded NAS, versiones anteriores a la 8.1.15.401.

Solución: 
Actualizar a Dell PowerMax Embedded NAS versión 8.1.15.401.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-dell-embedded-nas
INCIBE-CERT
Múltiples vulnerabilidades en Dell Embedded NAS
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante la ejecución remota de código, leer o escribir en archivos restringidos, divulgación de información,
680 views
SysAdmin 24x7
Critical Samba bug could let anyone become Domain Admin – patch now!

https://nakedsecurity.sophos.com/2022/07/27/critical-samba-bug-could-let-anyone-become-domain-admin-patch-now/
Sophos News
Naked Security – Sophos News
743 views
SysAdmin 24x7
SysAdmin 24x7
Critical Samba bug could let anyone become Domain Admin – patch now! https://nakedsecurity.sophos.com/2022/07/27/critical-samba-bug-could-let-anyone-become-domain-admin-patch-now/
https://www.samba.org/samba/security/CVE-2022-32744.html
709 views
SysAdmin 24x7
Feliz SysAdminDay a tod@s
Día del Administrador de Sistemas Informáticos
Viernes 29 de julio de 2022
775 views
SysAdmin 24x7
Synology-SA-22:10 Samba

https://www.synology.com/en-global/security/advisory/Synology_SA_22_10
Synology
Synology_SA_22_10 | Synology Inc.
Synology Product Security Advisory
648 views