Software Vendors Start Patching Retbleed CPU Vulnerabilities.
Vendors have started rolling out software updates to address the recently disclosed Retbleed speculative execution attack targeting Intel and AMD processors.
https://www.securityweek.com/software-vendors-start-patching-retbleed-cpu-vulnerabilities
Vendors have started rolling out software updates to address the recently disclosed Retbleed speculative execution attack targeting Intel and AMD processors.
https://www.securityweek.com/software-vendors-start-patching-retbleed-cpu-vulnerabilities
Securityweek
Software Vendors Start Patching Retbleed CPU Vulnerabilities | SecurityWeek.Com
Vendors have started rolling out software updates to address the recently disclosed Retbleed speculative execution attack targeting Intel and AMD processors.
Múltiples vulnerabilidades en productos Dell
Fecha de publicación: 19/07/2022
Identificador: INCIBE-2022-0839
Importancia: 5 - Crítica
Recursos afectados:
Dell Avamar Server Hardware Appliance, Gen4S y Gen4T,
Dell Avamar Virtual Edition,
Dell Avamar NDMP Accelerator,
Dell Avamar VMware Image Proxy,
Dell NetWorker Virtual Edition (NVE),
Dell PowerProtect DP Series Appliance, Dell Integrated Data Protection Appliance (IDPA).
Descripción:
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante comprometer el sistema afectado.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-dell
Fecha de publicación: 19/07/2022
Identificador: INCIBE-2022-0839
Importancia: 5 - Crítica
Recursos afectados:
Dell Avamar Server Hardware Appliance, Gen4S y Gen4T,
Dell Avamar Virtual Edition,
Dell Avamar NDMP Accelerator,
Dell Avamar VMware Image Proxy,
Dell NetWorker Virtual Edition (NVE),
Dell PowerProtect DP Series Appliance, Dell Integrated Data Protection Appliance (IDPA).
Descripción:
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante comprometer el sistema afectado.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-dell
INCIBE-CERT
Múltiples vulnerabilidades en productos Dell
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante comprometer el sistema afectado.
‘Password extraction risk’ in identity provider Okta disputed.
Researchers go public after vendor disputes impersonation threat
https://portswigger.net/daily-swig/password-extraction-risk-in-identity-provider-okta-disputed
Researchers go public after vendor disputes impersonation threat
https://portswigger.net/daily-swig/password-extraction-risk-in-identity-provider-okta-disputed
The Daily Swig | Cybersecurity news and views
‘Password extraction risk’ in identity provider Okta disputed
Researchers go public after vendor disputes impersonation threat
Oracle Critical Patch Update Advisory - July 2022.
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
July 2022: Atlassian Security Advisories Overview
Hardcoded password (CVE-2022-26138)
Multiple Servlet Filter Vulnerabilities
(CVE-2022-26136, CVE-2022-26137)
https://confluence.atlassian.com/security/july-2022-atlassian-security-advisories-overview-1142446703.html
Hardcoded password (CVE-2022-26138)
Multiple Servlet Filter Vulnerabilities
(CVE-2022-26136, CVE-2022-26137)
https://confluence.atlassian.com/security/july-2022-atlassian-security-advisories-overview-1142446703.html
Cisco Nexus Dashboard Unauthorized Access Vulnerabilities
Advisory ID: cisco-sa-ndb-mhcvuln-vpsBPJ9y
First Published: 2022 July 20 16:00 GMT
Cisco Bug IDs: CSCwa75451 CSCwa93560 CSCwb24518
CVE-2022-20857
CVE-2022-20858
CVE-2022-20861
CWE-306
CWE-352
CVSS Score: Base 9.8
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mhcvuln-vpsBPJ9y
Advisory ID: cisco-sa-ndb-mhcvuln-vpsBPJ9y
First Published: 2022 July 20 16:00 GMT
Cisco Bug IDs: CSCwa75451 CSCwa93560 CSCwb24518
CVE-2022-20857
CVE-2022-20858
CVE-2022-20861
CWE-306
CWE-352
CVSS Score: Base 9.8
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndb-mhcvuln-vpsBPJ9y
Cisco
Cisco Security Advisory: Cisco Nexus Dashboard Unauthorized Access Vulnerabilities
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.
For more information about these vulnerabilities…
For more information about these vulnerabilities…
VMSA-2021-0025.3
CVSSv3 Range: 7.1
Issue Date: 2021-11-10
CVE(s): CVE-2021-22048
Synopsis:
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
Impacted Products
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)
Introduction
A privilege escalation vulnerability in VMware Center Server was privately reported to VMware. Workarounds are available to remediate this vulnerability in the affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2021-0025.html
CVSSv3 Range: 7.1
Issue Date: 2021-11-10
CVE(s): CVE-2021-22048
Synopsis:
VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
Impacted Products
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)
Introduction
A privilege escalation vulnerability in VMware Center Server was privately reported to VMware. Workarounds are available to remediate this vulnerability in the affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2021-0025.html
Zyxel firewall vulnerabilities left business networks open to abuse.
Severity of code execution bug mitigated by ‘high uptake’ of previous patch
Zyxel has released patches for several of its firewall products following the discovery of two security vulnerabilities that left business networks open to exploitation.
CVE-2022-2030
CVE-2022-30526
https://portswigger.net/daily-swig/zyxel-firewall-vulnerabilities-left-business-networks-open-to-abuse
Severity of code execution bug mitigated by ‘high uptake’ of previous patch
Zyxel has released patches for several of its firewall products following the discovery of two security vulnerabilities that left business networks open to exploitation.
CVE-2022-2030
CVE-2022-30526
https://portswigger.net/daily-swig/zyxel-firewall-vulnerabilities-left-business-networks-open-to-abuse
The Daily Swig | Cybersecurity news and views
Zyxel firewall vulnerabilities left business networks open to abuse
Severity of code execution bug mitigated by ‘high uptake’ of previous patch
UNAUTHENTICATED SQL INJECTION IN SONICWALL GMS AND ANALYTICS
Advisory ID: SNWLID-2022-0007
First Published: 2022-07-21
Workaround: true
Status: Applicable
CVE: CVE-2022-22280
CVSS v3: 9.4
SUMMARY
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS and Analytics On-Prem.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007
Advisory ID: SNWLID-2022-0007
First Published: 2022-07-21
Workaround: true
Status: Applicable
CVE: CVE-2022-22280
CVSS v3: 9.4
SUMMARY
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS and Analytics On-Prem.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0007
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop.
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36408
Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop.
https://securityaffairs.co/wordpress/133669/hacking/prestashop-zero-day.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36408
Security Affairs
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day to steal payment information from sites using the open source e-commerce platform PrestaShop.
WITH MANAGEMENT COMES RISK: FINDING FLAWS IN FILEWAVE MDM
https://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm/
https://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm/
Claroty
Uncovering FileWave Mobile Device Management (MDM) Vulnerabilities
Team82 has uncovered and disclosed two critical vulnerabilities, CVE-2022-34907 and CVE-2022-34906, in FileWave’s mobile device management (MDM) system.
Printing to USB-connected printers might fail
OS Build 19044.1806
KB5014666
2022-06-28
https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#printing-to-usb-connected-printers-might-fail
OS Build 19044.1806
KB5014666
2022-06-28
https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#printing-to-usb-connected-printers-might-fail
Docs
Windows 10, version 21H2
View announcements and review known issues and fixes for Windows 10, version 21H2
Múltiples vulnerabilidades en Dell Embedded NAS
Fecha de publicación: 28/07/2022
Identificador: INCIBE-2022-0852
Importancia: 5 - Crítica
Recursos afectados:
Dell PowerMax Embedded NAS, versiones anteriores a la 8.1.15.401.
Solución:
Actualizar a Dell PowerMax Embedded NAS versión 8.1.15.401.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-dell-embedded-nas
Fecha de publicación: 28/07/2022
Identificador: INCIBE-2022-0852
Importancia: 5 - Crítica
Recursos afectados:
Dell PowerMax Embedded NAS, versiones anteriores a la 8.1.15.401.
Solución:
Actualizar a Dell PowerMax Embedded NAS versión 8.1.15.401.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-dell-embedded-nas
INCIBE-CERT
Múltiples vulnerabilidades en Dell Embedded NAS
Se han publicado múltiples vulnerabilidades en productos Dell que podrían permitir a un atacante la ejecución remota de código, leer o escribir en archivos restringidos, divulgación de información,
Critical Samba bug could let anyone become Domain Admin – patch now!
https://nakedsecurity.sophos.com/2022/07/27/critical-samba-bug-could-let-anyone-become-domain-admin-patch-now/
https://nakedsecurity.sophos.com/2022/07/27/critical-samba-bug-could-let-anyone-become-domain-admin-patch-now/
Sophos News
Naked Security – Sophos News
Feliz SysAdminDay a tod@s
Día del Administrador de Sistemas Informáticos
Viernes 29 de julio de 2022
Día del Administrador de Sistemas Informáticos
Viernes 29 de julio de 2022
SysAdmin 24x7
July 2022: Atlassian Security Advisories Overview Hardcoded password (CVE-2022-26138) Multiple Servlet Filter Vulnerabilities (CVE-2022-26136, CVE-2022-26137) https://confluence.atlassian.com/security/july-2022-atlassian-security-advisories-overview-1142446703.html
Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation
https://thehackernews.com/2022/07/latest-critical-atlassian-confluence.html
https://thehackernews.com/2022/07/latest-critical-atlassian-confluence.html
Alteración de URL del backend en Lura Project
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0850
Importancia: 3 - Media
Recursos afectados:
Lura and KrakenD-CE, versiones anteriores a la 2.0.2;
KrakenD-EE versiones anteriores a la 2.0.0.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/alteracion-url-del-backend-lura-project
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0850
Importancia: 3 - Media
Recursos afectados:
Lura and KrakenD-CE, versiones anteriores a la 2.0.2;
KrakenD-EE versiones anteriores a la 2.0.0.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/alteracion-url-del-backend-lura-project
INCIBE-CERT
Alteración de URL del backend en Lura Project
INCIBE ha coordinado la publicación de una vulnerabilidad en Lura Project, con el código interno INCIBE-2022-0850, que ha sido descubierta por el usuario Fepame de GitHub. A esta vulnerabilidad se le
Múltiples vulnerabilidades en productos HPE
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0857
Importancia: 5 - Crítica
Descripción:
Se han publicado múltiples vulnerabilidades que podrían permitir a un atacante la ejecución arbitraria de código, la denegación del servicio, divulgación de información sensible o modificación no autorizada de información local.
Solución:
Actualizar a HPE Integrated Lights-Out 5 (iLO 5), versión 2.71 o posterior.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-9
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0857
Importancia: 5 - Crítica
Descripción:
Se han publicado múltiples vulnerabilidades que podrían permitir a un atacante la ejecución arbitraria de código, la denegación del servicio, divulgación de información sensible o modificación no autorizada de información local.
Solución:
Actualizar a HPE Integrated Lights-Out 5 (iLO 5), versión 2.71 o posterior.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-9
INCIBE-CERT
Múltiples vulnerabilidades en productos HPE
Se han publicado múltiples vulnerabilidades que podrían permitir a un atacante la ejecución arbitraria de código, la denegación del servicio, divulgación de información sensible o modificación no
Denegación de servicio en PowerVM VIOS de IBM
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0858
Importancia: 5 - Crítica
Recursos afectados:
PowerVM VIOS, versión 3.1.
Descripción:
Se ha publicado una vulnerabilidad en productos IBM que podría permitir a un atacante, remoto, manipular la configuración del sistema o provocar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/denegacion-servicio-powervm-vios-ibm
Fecha de publicación: 29/07/2022
Identificador: INCIBE-2022-0858
Importancia: 5 - Crítica
Recursos afectados:
PowerVM VIOS, versión 3.1.
Descripción:
Se ha publicado una vulnerabilidad en productos IBM que podría permitir a un atacante, remoto, manipular la configuración del sistema o provocar una denegación de servicio.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/denegacion-servicio-powervm-vios-ibm
INCIBE-CERT
Denegación de servicio en PowerVM VIOS de IBM
Se ha publicado una vulnerabilidad en productos IBM que podría permitir a un atacante, remoto, manipular la configuración del sistema o provocar una denegación de servicio.