SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.02K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
Múltiples vulnerabilidades en productos de HPE Aruba

Fecha 27/07/2023
Importancia 5 - Crítica

Recursos Afectados
Se encuentran afectados los siguientes productos y versiones:

ArubaOS 10.4.xx: 10.4.0.1 y anteriores;
InstantOS 8.11.xx: 8.11.1.0 y anteriores;
InstantOS 8.10.xx: 8.10.0.6 y anteriores;
InstantOS 8.6.xx: 8.6.0.20 y anteriores;
InstantOS 6.5.xx: 6.5.4.24 y anteriores;
InstantOS 6.4.xx: 6.4.4.8-4.2.4.21 y anteriores;
También esta afectados los siguientes productos EOL sin soporte:
ArubaOS 10.3.xx;
InstantOS 8.9.xx;
InstantOS 8.8.xx;
InstantOS 8.7.xx;
InstantOS 8.5.xx;
InstantOS 8.4.xx.

Descripción
HPE Aruba ha informado de varias vulnerabilidades en puntos de acceso que ejecuten InstantOS y ArubaOS 10. La explotación de estas vulnerabilidades podría permitir a un atacante realizar ejecuciones arbitrarias de código por desbordamientos de búfer, o fugas de información.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-hpe-aruba

https://www.arubanetworks.com/support-services/end-of-life/
www.incibe.es
Multiples Vulnerabilidades En Productos De Hpe Aruba | INCIBE-CERT | INCIBE
HPE Aruba ha informado de varias vulnerabilidades en puntos de acceso que ejecuten InstantOS y ArubaOS
764 views
SysAdmin 24x7
Feliz SysAdminDay a tod@s
Día del Administrador/a de Sistemas Informáticos
Viernes 28 de julio de 2023
http://t.me/sysadmin24x7
787 views
SysAdmin 24x7
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required

Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an "extremely severe" flaw that could result in pre-authenticated remote code execution on affected installations.

Tracked as CVE-2023-38646, the issue impacts open-source editions prior to 0.46.6.1 and Metabase Enterprise versions before 1.46.6.1.

https://thehackernews.com/2023/07/major-security-flaw-discovered-in.html
848 views
SysAdmin 24x7
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

Release DateJuly 28, 2023

https://www.cisa.gov/news-events/alerts/2023/07/28/ivanti-releases-security-updates-epmm-address-cve-2023-35081
Cybersecurity and Infrastructure Security Agency CISA
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 | CISA
Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM).
850 views
SysAdmin 24x7
QNAP ha publicado actualizaciones que corrigen varias vulnerabilidades

Fecha 31/07/2023
Importancia 4 - Alta

Recursos Afectados
QTS 5.0.1.2277 anterior a la versión 20230112;
QTS 4.5.4.2280 anterior a la versión 20230112;
QuTS hero h5.0.1.2277 anterior a la versión 20230112;
 QuTS hero h4.5.4.2374 anterior a la versión 20230417;
QuTScloud c5.0.1.2374 anterior a la versión 20230419;
QVR Pro Appliance anterior a la versión 2.3.1.0476;
QVPN para Windows anterior a la versión 2.0.0.1316.

Descripción
QNAP ha informado de dos vulnerabilidades que afectan a varios de los productos QNAP y QVPN para Windows. Su explotación podría permitir ejecutar código o una denegación de servicio. 

http://www.incibe.es/empresas/avisos/qnap-ha-publicado-actualizaciones-que-corrigen-varias-vulnerabilidades
www.incibe.es
Qnap Ha Publicado Actualizaciones Que Corrigen Varias Vulnerabilidades | Empresas | INCIBE
QNAP ha informado de dos vulnerabilidades que afectan a varios de los productos QNAP y QVPN para Windo
897 views
SysAdmin 24x7
Vulnerabilidad de inyección SQL en ConacWin de Setelsa Security

Fecha 01/08/2023
Importancia 5 - Crítica

Recursos Afectados
ConacWin, versión 3.7.1.2.

Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad que afecta a ConacWin de Setelsa Security, una plataforma de control de acceso, la cual ha sido descubierta por David Cámara Galindo, de Telefónica Tech.
A esta vulnerabilidad se le ha asignado el siguiente código:
CVE-2023-4037 :
Puntuación base CVSS v3.1: 9.9.
Cálculo del CVSS: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Tipo de vulnerabilidad: CWE-89: inyección SQL.

Solución
Setelsa Security ha liberado la versión 3.9.1.1, la cual resuelve la vulnerabilidad reportada.

https://www.incibe.es/incibe-cert/alerta-temprana/avisos/vulnerabilidad-de-inyeccion-sql-en-conacwin-de-setelsa-security
www.incibe.es
Vulnerabilidad De Inyeccion Sql En Conacwin De Setelsa Security | INCIBE-CERT | INCIBE
INCIBE ha coordinado la publicación de una vulnerabilidad que afecta a ConacWin de Setelsa Security, u
1.11K views
SysAdmin 24x7
Microsoft Releases August 2023 Security Updates

https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug
684 views
SysAdmin 24x7
Actualización de seguridad para Adobe Commerce y Magento Open Source

Fecha de publicación: 09/08/2023
Importancia: 5 - Crítica

Recursos Afectados
Adobe Commerce, versiones 2.4.6-p1, 2.4.5-p3, 2.4.4-p4, 2.4.3-ext-3, 2.4.2-ext-3, 2.4.1-ext-3, 2.4.0-ext-3, 2.3.7-p4-ext-3 y anteriores.
Magento Open Source, versiones 2.4.6-p1, 2.4.5-p3, 2.4.4-p3 y anteriores.

Descripción
Adobe ha publicado una actualización de seguridad para Adobe Commerce y Magento Open Source que resuelve múltiples vulnerabilidades de severidad crítica e importante. La explotación exitosa de estas vulnerabilidades podría conllevar la ejecución de código arbitrario, la omisión de características de seguridad y la lectura arbitraria del sistema de archivos.

https://www.incibe.es/empresas/avisos/actualizacion-de-seguridad-para-adobe-commerce-y-magento-open-source
www.incibe.es
Actualización de seguridad para Adobe Commerce y Magento Open Source
Adobe ha publicado una actualización de seguridad para Adobe Commerce y Magento Open Source que resuel
658 views
SysAdmin 24x7
Microsoft Releases August 2023 Security Updates

Release DateAugust 08, 2023

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s August 2023 Security Update Guide and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/08/08/microsoft-releases-august-2023-security-updates
564 views
SysAdmin 24x7
Fortinet Releases Security Update for FortiOS

Release DateAugust 08, 2023

Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the Fortinet security release [FG-IR-23-149] and apply the necessary updates.

https://www.cisa.gov/news-events/alerts/2023/08/08/fortinet-releases-security-update-fortios
587 views
SysAdmin 24x7
Adobe Releases Security Updates for Multiple Products

Release DateAugust 08, 2023

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

Adobe Acrobat and Reader: APSB23-30
Adobe Commerce: APSB23-42
Adobe Dimension: APSB23-44
Adobe XMP Toolkit SDK: APSB23-45

https://www.cisa.gov/news-events/alerts/2023/08/08/adobe-releases-security-updates-multiple-products
595 views
SysAdmin 24x7
Actualización de seguridad de SAP de agosto de 2023

Fecha 09/08/2023
Importancia 5 - Crítica

Recursos Afectados
SAP PowerDesigner, versión 16.7.
El resto de productos afectados por vulnerabilidades no críticas se pueden consultar en el aviso del fabricante.

Descripción
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-agosto-de-2023
www.incibe.es
Actualizacion De Seguridad De Sap De Agosto De 2023 | INCIBE-CERT | INCIBE
SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual.
610 views
SysAdmin 24x7
Múltiples vulnerabilidades en HPE Unified Correlation Analyzer

Fecha 09/08/2023
Importancia 5 - Crítica

Recursos Afectados
HPE Unified Correlation Analyzer (UCA) 4.3.x anterior a 4.3.27.

Descripción
HPE ha informado de 21 vulnerabilidades en su producto Unified Correlation Analyzer (UCA), siendo 5 de ellas críticas, 9 altas y 7 calificadas como medias o bajas.

http://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-hpe-unified-correlation-analyzer
www.incibe.es
Multiples Vulnerabilidades En Hpe Unified Correlation Analyzer | INCIBE-CERT | INCIBE
HPE ha informado de 21 vulnerabilidades en su producto Unified Correlation Analyzer (UCA), siendo 5 de
720 views
SysAdmin 24x7
NIST Drafts Major Update to Its Widely Used Cybersecurity Framework

NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework
NIST
NIST Drafts Major Update to Its Widely Used Cybersecurity Framework
NIST has revised the framework to help benefit all sectors, not just critical infrastructure.
999 views
SysAdmin 24x7
https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.ipd.pdf
991 views
SysAdmin 24x7
MaginotDNS attacks exploit weak checks for DNS cache poisoning

A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.

https://www.bleepingcomputer.com/news/security/maginotdns-attacks-exploit-weak-checks-for-dns-cache-poisoning/
BleepingComputer
MaginotDNS attacks exploit weak checks for DNS cache poisoning
A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,' that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.
809 views
SysAdmin 24x7
CVE-2023-24489 Detail

CNA: Citrix Systems, Inc.
Base Score: 9.8

Description
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.

https://nvd.nist.gov/vuln/detail/CVE-2023-24489

https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489
769 views
SysAdmin 24x7
Cisco Releases Security Advisories for Multiple Products

Release DateAugust 17, 2023

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition.

CISA encourages users and administrators to review the following advisories and apply the necessary updates.

ThousandEyes Enterprise Agent
Duo Device Health Application
Unified CM
ClamAV HFS+
ClamAV

https://www.cisa.gov/news-events/alerts/2023/08/17/cisco-releases-security-advisories-multiple-products
750 views
SysAdmin 24x7
Atlassian Releases Security Update for Confluence Server and Data Center

Release DateAugust 17, 2023

Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition.

CISA encourages users and administrators to review Atlassian’s August 2003 Security Bulletin and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

https://www.cisa.gov/news-events/alerts/2023/08/17/atlassian-releases-security-update-confluence-server-and-data-center
805 views
SysAdmin 24x7
Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS

Release DateAugust 18, 2023

Juniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to cause a denial-of service condition.

https://www.cisa.gov/news-events/alerts/2023/08/18/juniper-releases-security-advisory-multiple-vulnerabilities-junos-os
713 views
SysAdmin 24x7
WinRAR flaw lets hackers run programs when you open RAR archives

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.

The vulnerability was discovered by researcher "goodbyeselene" of Zero Day Initiative, who reported the flaw to the vendor, RARLAB, on June 8th, 2023.

"The specific flaw exists within the processing of recovery volumes," reads the security advisory released on ZDI's site.

https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/

https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
BleepingComputer
WinRAR flaw lets hackers run programs when you open RAR archives
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.
779 views