SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.02K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
Múltiples vulnerabilidades en VMware Workspace ONE Assist

Fecha de publicación: 09/11/2022
Identificador: INCIBE-2022-1010
Importancia: 5 - Crítica

Recursos afectados:
Workspace ONE Assist, versiones 21.x y 22.x ejecutadas en Windows.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-workspace-one-assist
INCIBE-CERT
Múltiples vulnerabilidades en VMware Workspace ONE Assist
Los investigadores Jasper Westerman, Jan van der Put, Yanick de Pater y Harm Blankers, de REQON IT-Security, han reportado 5 vulnerabilidades: 3 de severidad crítica y 2 moderadas, que podrían
611 views
SysAdmin 24x7
Actualización de seguridad de SAP de noviembre de 2022

Fecha de publicación: 09/11/2022
Identificador: INCIBE-2022-1007
Importancia: 5 - Crítica

Descripción:
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.

Solución:
Visitar el portal de soporte de SAP e instalar las actualizaciones o los parches necesarios, según indique el fabricante.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-noviembre-2022
INCIBE-CERT
Actualización de seguridad de SAP de noviembre de 2022
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
672 views
SysAdmin 24x7
Múltiples vulnerabilidades en Citrix Gateway y ADC

Fecha de publicación: 09/11/2022
Identificador: INCIBE-2022-1009
Importancia: 5 - Crítica

Descripción:
Citrix ha publicado 3 vulnerabilidades que afectan a sus productos, siendo 1 de severidad crítica, 1 alta y 1 media.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-citrix-gateway-y-adc
INCIBE-CERT
Múltiples vulnerabilidades en Citrix Gateway y ADC
Citrix ha publicado 3 vulnerabilidades que afectan a sus productos, siendo 1 de severidad crítica, 1 alta y 1 media.
703 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos de Cisco

Fecha de publicación: 10/11/2022
Identificador: INCIBE-2022-1011
Importancia: 4 - Alta

Recursos afectados:
Productos de Cisco si ejecutan una versión vulnerable de Cisco ASA (Adaptive Security Appliance) Software o Cisco FTD (Firepower Threat Defense) Software y se cumplen estas 3 condiciones:
acceso remoto SSL por VPN activado,
HostScan habilitado,
al menos un DAP (Dynamic Access Policies) personalizado está habilitado.
Cisco ASA Software y Cisco FTD Software si tienen habilitada la gestión remota de SNMP.
Productos de Cisco si están ejecutando una versión vulnerable de Cisco FMC Software o Cisco FTD Software que tienen la configuración por defecto.
Dispositivos que ejecuten Cisco FirePOWER Software para el módulo ASA FirePOWER, Cisco FMC Software o las versiones 7.0.0 a 7.0.4 del Cisco NGIPS Software si tienen alguna versión de SNMP habilitada.
Cisco FTD Software, versiones 6.3.0 y posteriores.
Cisco Secure Firewalls 3100 series si ejecutan una versión de Cisco ASA Software o Cisco FTD Software que incluya una versión vulnerable de firmware (anteriores a 1.0.22 o a 1.2.17).
Productos de Cisco si están ejecutando una versión vulnerable de Cisco ASA Software o Cisco FTD Software:
ASA 5500-X series,
Firepower 4100 series,
Firepower 9300 series.

Descripción:
Cisco ha publicado 7 vulnerabilidades de severidad alta en varios productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-84
www.incibe.es
Multiples Vulnerabilidades Productos Cisco 84 | INCIBE-CERT | INCIBE
Cisco ha publicado 7 vulnerabilidades de severidad alta en varios productos.
1.08K views
SysAdmin 24x7
Alert (AA22-228A)

Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

Original release date: August 16, 2022
Last revised: November 10, 2022

https://www.cisa.gov/uscert/ncas/alerts/aa22-228a
1.19K views
SysAdmin 24x7
Netatalk contains multiple error and memory management vulnerabilities

Vulnerability Note VU#709991
Original Release Date: 2022-11-16

Overview
There are six new vulnerabilities in the latest release of Netatalk (3.1.12) that could allow for Remote Code Execution as well as Out-of-bounds Read.

Solution
Netatalk has released version 3.1.13.

https://kb.cert.org/vuls/id/709991
kb.cert.org
CERT/CC Vulnerability Note VU#709991
Netatalk contains multiple error and memory management vulnerabilities
685 viewsedited  
SysAdmin 24x7
Vulnerabilidad de Cross-Site Scripting almacenado en productos TIBCO

Fecha de publicación: 16/11/2022
Identificador: INCIBE-2022-1016
Importancia: 5 - Crítica

Descripción:
Una vulnerabilidad de tipo Cross-Site Scripting almacenado (persistent XSS), podría permitir a un atacante ejecutar comandos con los privilegios del usuario afectado.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-cross-site-scripting-almacenado-productos-tibco
INCIBE-CERT
Vulnerabilidad de Cross-Site Scripting almacenado en productos TIBCO
Una vulnerabilidad de tipo Cross-Site Scripting almacenado (persistent XSS), podría permitir a un atacante ejecutar comandos con los privilegios del usuario afectado.
673 views
SysAdmin 24x7
Cisco Releases Security Updates for Identity Services Engine

Original release date: November 16, 2022

Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following advisories and apply the necessary updates:

Cisco Identity Services Engine Insufficient Access Control Vulnerability
Cisco Identity Services Engine Cross-Site Scripting Vulnerability

https://www.cisa.gov/uscert/ncas/current-activity/2022/11/16/cisco-releases-security-updates-identity-services-engine
www.cisa.gov
Cisco Releases Security Updates for Identity Services Engine | CISA
Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities,…
647 views
SysAdmin 24x7
Samba Releases Security Updates

Original release date: November 16, 2022

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Samba security announcement CVE-2022-42898 and apply the necessary updates.

https://www.cisa.gov/uscert/ncas/current-activity/2022/11/16/samba-releases-security-updates
www.cisa.gov
Samba Releases Security Updates | CISA
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Samba…
787 views
SysAdmin 24x7
[Actualización 17/11/2022] Inyección de comandos en InfoSphere de IBM

Fecha de publicación: 03/11/2022
Identificador: INCIBE-2022-0998
Importancia: 5 - Crítica

Recursos afectados:
InfoSphere Information Server, versión 11.7.

Descripción:
IBM ha corregido una vulnerabilidad de inyección de comandos en IBM InfoSphere DataStage de severidad crítica.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/inyeccion-comandos-infosphere-ibm
INCIBE-CERT
[Actualización 17/11/2022] Inyección de comandos en InfoSphere de IBM
IBM ha corregido una vulnerabilidad de inyección de comandos en IBM InfoSphere DataStage de severidad crítica.
690 views
SysAdmin 24x7
F5 fixed 2 high-severity Remote Code Execution bugs in its products.

Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products.

Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS. The experts also discovered several bypasses of security controls that the security vendor F5 does not recognize as exploitable vulnerabilities.

https://securityaffairs.co/wordpress/138631/security/2-rce-f5-products.html
Security Affairs
F5 fixed 2 high-severity RCE bugs in its products
Rapid7 researchers have discovered several vulnerabilities and bypasses of security controls affecting F5 products.
634 views
SysAdmin 24x7
Microsoft fixes bug behind Windows 10 freezes, desktop issues.

Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems.

The company also linked the same issue with instances where the users' devices would stop responding to input and freeze.

"You might experience an error in which the desktop or taskbar might momentarily disappear, or your device might become unresponsive," Microsoft explains on the Windows health dashboard.

The list of affected Windows platforms includes the following client releases: Windows 10 version 20H2, Windows 10 version 21H1, Windows 10 version 21H2, and Windows 10 version 22H2.

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-behind-windows-10-freezes-desktop-issues/
BleepingComputer
Microsoft fixes bug behind Windows 10 freezes, desktop issues
Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems.
864 views
SysAdmin 24x7
Bitbucket Server and Data Center- Command Injection Vulnerability - CVE-2022-43781

Summary of Vulnerability
This advisory discloses a critical severity security vulnerability introduced in version 7.0.0 of Bitbucket Server and Data Center. The following versions are affected by this vulnerability:

Bitbucket Data Center and Server 7.0 to 7.21

Bitbucket Data Center and Server 8.0 to 8.4 if mesh.enabled is set to false in bitbucket.properties

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to gain code execution and execute code on the system.

https://confluence.atlassian.com/bitbucketserver/bitbucket-server-and-data-center-security-advisory-2022-11-16-1180141667.html
777 views
SysAdmin 24x7
Crowd Security Advisory (November 2022)

CVE-2022-43782 - Critical security misconfiguration vulnerability

The vulnerability allows an attacker connecting from IP in the allow list to authenticate as the crowd application through bypassing a password check. This would allow the attacker to call privileged endpoints in Crowd's REST API under the usermanagement path. As explained above, it can only be exploited by IPs specified under the crowd application’s allowlist in the Remote Addresses configuration. To remediate the vulnerability, Atlassian recommends that you upgrade your instance to one of the fixed versions listed in the ‘Fixed Versions' section below.

https://confluence.atlassian.com/crowd/crowd-security-advisory-november-2022-1168866129.html
963 views
SysAdmin 24x7
Security advisory: IBEXA-SA-2022-009
Critical vulnerabilities in GraphQL, role assignment, CT editing, and drafts tooltips

Publication date: 10/11/2022, 16:10

Severity: High

Affected versions: Ibexa DXP v3.3.*, v4.2.*, eZ Platform v2.5.*
Resolving versions: Ibexa DXP v3.3.28, v4.2.3, eZ Platform v2.5.31

GraphQL exposes sensitive data of certain users (CVE-2022-41876)

https://developers.ibexa.co/security-advisories/ibexa-sa-2022-009-critical-vulnerabilities-in-graphql-role-assignment-ct-editing-and-drafts-tooltips
1.03K views
SysAdmin 24x7
Autenticación incorrecta en Velneo vClient

Fecha de publicación: 23/11/2022
Identificador: INCIBE-2022-1017
Importancia: 4 - Alta

Recursos afectados:
Velneo vClient, versión 28.1.3.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/autenticacion-incorrecta-velneo-vclient
INCIBE-CERT
Autenticación incorrecta en Velneo vClient
INCIBE ha coordinado la publicación de 1 vulnerabilidad en Velneo vClient, que ha sido descubierta por Jesús Ródenas Huerta, ‘Marmeus’. A esta vulnerabilidad se le ha asignado el código
1K views
SysAdmin 24x7
Múltiples vulnerabilidades en HPE Cloudline

Fecha de publicación: 23/11/2022
Identificador: INCIBE-2022-1026
Importancia: 5 - Crítica

Recursos afectados:
HPE Cloudline CL2200/CL2100 Gen10 Server, versiones anteriores a BMC 12.77.04.

Descripción:
Se han identificado 4 vulnerabilidades: 1 de severidad crítica, 2 altas y 1 media, en distintos modelos de HPE Cloudline

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-hpe-cloudline
INCIBE-CERT
Múltiples vulnerabilidades en HPE Cloudline
Se han identificado 4 vulnerabilidades: 1 de severidad crítica, 2 altas y 1 media, en distintos modelos de HPE Cloudline
1.25K views
SysAdmin 24x7
KB5020805: How to manage Kerberos protocol changes related to CVE-2022-37967

https://support.microsoft.com/en-us/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efb
1.06K views
SysAdmin 24x7
VMSA-2022-0029

CVSSv3 Range: 3.3
Issue Date: 2022-11-29

CVE(s): CVE-2022-31693

Synopsis:
VMware Tools for Windows update addresses a denial-of-service vulnerability (CVE-2021-31693)

https://www.vmware.com/security/advisories/VMSA-2022-0029.html
1.02K views
SysAdmin 24x7
Múltiples vulnerabilidades en Lansweeper

Fecha de publicación: 02/12/2022
Identificador: INCIBE-2022-1040
Importancia: 5 - Crítica

Recursos afectados:
Lansweeper 10.1.1.0.

Descripción:
Marcin ‘Icewall’ Noga, investigador de Cisco Talos, ha descubierto 6 vulnerabilidades de severidad crítica en Lansweeper, cuya explotación podría permitir lectura y subida de archivos aleatorios o inyección de código JavaScript.

Solución:
Actualizar Lansweeper a una versión superior a 10.1.1.0.
Las reglas de SNORT 59990-59992, 59999-60000, 60001-60002, 60054-60056, 60142-60144 y 60219 detectan intentos de explotación contra estas vulnerabilidades.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-lansweeper-0
INCIBE-CERT
Múltiples vulnerabilidades en Lansweeper
Marcin ‘Icewall’ Noga, investigador de Cisco Talos, ha descubierto 6 vulnerabilidades de severidad crítica en Lansweeper, cuya explotación podría permitir lectura y subida de archivos aleatorios o
1.09K views
SysAdmin 24x7
Bulletin (SB22-339)
Vulnerability Summary for the Week of November 28, 2022

https://www.cisa.gov/uscert/ncas/bulletins/sb22-339
www.cisa.gov
Vulnerability Summary for the Week of November 28, 2022 | CISA
 
797 views