Jenkins security: Unpatched XSS, CSRF bugs included in latest plugin advisory.

https://portswigger.net/daily-swig/jenkins-security-unpatched-xss-csrf-bugs-included-in-latest-plugin-advisory

August 5, 2022

An incident impacting some accounts and private information on Twitter

https://privacy.twitter.com/en/blog/2022/an-issue-affecting-some-anonymous-accounts

RHBA-2022:5874 - Bug Fix Advisory

Issued:2022-08-09

OpenShift Container Platform 4.10.26 packages update

Affected Products
Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
Red Hat OpenShift Container Platform 4.10 for RHEL 7 x86_64
Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

https://access.redhat.com/errata/RHBA-2022:5874

VMSA-2022-0021.1

CVSSv3 Range: 4.7-9.8
Issue Date: 2022-08-02
Updated On: 2022-08-09

Impacted Products
VMware Workspace ONE Access (Access)
VMware Workspace ONE Access Connector (Access Connector)
VMware Identity Manager (vIDM)
VMware Identity Manager Connector (vIDM Connector)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager

https://www.vmware.com/security/advisories/VMSA-2022-0021.html

VMSA-2022-0022

CVSSv3 Range: 5.6-7.2
Issue Date: 2022-08-09
Updated On: 2022-08-09 (Initial Advisory)
CVE(s): CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675

Synopsis:
VMware vRealize Operations contains multiple vulnerabilities

https://www.vmware.com/security/advisories/VMSA-2022-0022.html

VMSA-2022-0023

CVSSv3 Range: 5.7
Issue Date: 2022-08-09
Updated On: 2022-08-09 (Initial Advisory)
CVE(s): CVE-2022-22983

Synopsis:
VMware Workstation update addresses an unprotected storage of credentials vulnerability (CVE-2022-22983)

Known Attack Vectors

A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

https://www.vmware.com/security/advisories/VMSA-2022-0023.html

Adobe Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/adobe-releases-security-updates-multiple-products

Microsoft Releases August 2022 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug

Palo Alto Networks Releases Security Update for PAN-OS

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/05/palo-alto-networks-releases-security-update-pan-os

Cisco Talos shares insights related to recent cyber attack on Cisco

[...]
During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.
[...]

https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html

Hotfix XS71ECU2077 - For XenServer 7.1 Cumulative Update 2

https://support.citrix.com/article/CTX462418/hotfix-xs71ecu2077-for-xenserver-71-cumulative-update-2

Citrix Hypervisor Security Bulletin for CVE-2022-33745
Security

https://support.citrix.com/article/CTX463455/citrix-hypervisor-security-bulletin-for-cve202233745

Open AMT Cloud Toolkit Advisory

Advisory Category: Software
Impact of vulnerability: Escalation of Privilege
Severity rating: CRITICAL

Affected Products:
Open AMT Cloud Toolkit software maintained by Intel® before versions 2.0.2 and 2.2.2.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00694.html

Intel® Data Center Manager Advisory

Intel ID: INTEL-SA-00662
Advisory Category: Software
Impact of vulnerability: Escalation of Privilege, Denial of Service
Severity rating: CRITICAL

Affected Products:
Intel® Data Center Manager software before version 4.1.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html

SAP Security Patch Day –August2022

https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability

Advisory ID: cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz
First Published: 2022 August 10 16:00 GMT
CVSS Score: Base 7.4

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz

Múltiples vulnerabilidades en Zimbra Collaboration Suite (ZCS)

Fecha de publicación: 17/08/2022
Identificador: INCIBE-2022-888
Importancia: 5 - Crítica

Recursos afectados:
Zimbra Collaboration Suite (ZCS).

Descripción:
CISA y MS-ISAC advierten de la explotación activa de múltiples vulnerabilidades en Zimbra Collaboration Suite (ZCS).

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-zimbra-collaboration-suite-zcs

Omisión de autenticación en productos ManageEngine

Fecha de publicación: 19/08/2022
Identificador: INCIBE-2022-0889
Importancia: 5 - Crítica

Descripción:
Se ha identificado una vulnerabilidad crítica en varios productos de ManageEngine que podría permitir a un atacante omitir el proceso de autenticación y acceder a API externas.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-productos-manageengine

Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-35820

Security Vulnerability
Released: Aug 9, 2022 Last updated: Aug 19, 2022

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include additional detection signatures.

CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations.

https://www.cisa.gov/uscert/ncas/current-activity/2022/08/22/cisa-updates-advisory-threat-actors-exploiting-multiple-cves

Ejecución remota de comandos en productos GitLab

Fecha de publicación: 23/08/2022
Identificador: INCIBE-2022-0891
Importancia: 5 - Crítica

Recursos afectados:
GitLab Community Edition (CE) y Enterprise Edition (EE), versiones anteriores a la 15.3.1, 15.2.3 y 15.1.5.

Descripción:
GitLab ha lanzado nuevas versiones que corrigen vulnerabilidades que podrían permitir a un atacante la ejecución remota de comandos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-comandos-productos-gitlab