SysAdmin 24x7

Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability Advisory ID: cisco-sa-nxos-bfd-dos-wGQXrzxn First Published: 2022 February 23 16:00 GMT Workarounds: No workarounds available CVSS Score: Base 8.6 CVE-2022-20623 Summary A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-bfd-dos-wGQXrzxn

VMSA-2022-0006 CVSSv3 Range: 6.6 Issue Date: 2022-02-23 VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944) Impacted Products VMware Workspace ONE Boxer https://www.vmware.com/security/advisories/VMSA-2022-0006.html

Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html

Wireshark 3.6.2 and 3.4.12 Released https://www.wireshark.org/news/20220210.html

Unsafe client-side session storage leading to authentication bypass / instance takeover via Zabbix Frontend with configured SAML (CVE-2022-23131) https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-20350

Cisco Releases Security Updates for Email Security Appliance https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/cisco-releases-security-updates-email-security-appliance

Drupal Releases Security Updates Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal security advisories SA-CORE-2022-003 and SA-CORE-2022-004 and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2022/02/17/drupal-releases-security-updates

Múltiples vulnerabilidades en productos de TIBCO Fecha de publicación: 16/02/2022 Importancia: 5 - Crítica Recursos afectados: TIBCO BusinessConnect Container Edition versión 1.1.0 y anteriores; TIBCO AuditSafe versión 1.1.0 y anteriores. Componentes Database, Auth Server y Web Server. Descripción: TIBCO ha reportado 3 vulnerabilidades: 2 de severidad crítica y 1 de severidad alta por las que un atacante no autenticado con acceso a la red podría ejecutar métodos de la API en el sistema afectado y obtener nombres y contraseñas de los usuarios. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-4

Múltiples vulnerabilidades en productos VMware Fecha de publicación: 16/02/2022 Importancia: 5 - Crítica Recursos afectados: ESXi, versiones: 7.0 U3; 7.0 U2; 7.0 U1; 7.0; 6.7; 6.5. Fusion, versiones 12.x. Workstation, versiones 16.x. Cloud Foundation (ESXi), versiones: 4.x; 3.x. NSX Data Center para vSphere, todas las versiones. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-24

VMSA-2022-0005 CVSSv3 Range: 8.8 Issue Date: 2022-02-15 CVE(s): CVE-2022-22945 Synopsis: VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945) Impacted Products VMware NSX Data Center for vSphere (NSX-V) https://www.vmware.com/security/advisories/VMSA-2022-0005.html

VMSA-2022-0004 CVSSv3 Range: 5.3-8.4 Issue Date: 2022-02-15 CVE(s):CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050 Synopsis: VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050) Impacted Products VMware ESXi VMware Workstation Pro / Player (Workstation) VMware Fusion Pro / Fusion (Fusion) VMware Cloud Foundation (Cloud Foundation) https://www.vmware.com/security/advisories/VMSA-2022-0004.html

VMSA-2022-0001.2 CVSSv3 Range: 7.7 Issue Date: 2022-01-04 Updated On: 2022-02-14 CVE(s): CVE-2021-22045 Synopsis: VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045) Impacted Products VMware ESXi VMware Workstation Pro / Player (Workstation) VMware Fusion VMware Cloud Foundation https://www.vmware.com/security/advisories/VMSA-2022-0001.html

pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available https://www.netgate.com/blog/pfsense-plus-software-version-22.01-and-ce-2.6.0-are-now-available

Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild. CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates. Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8) macOS Monterey 12.2.1 iOS 15.3.1 and iPadOS 15.3.1 https://www.cisa.gov/uscert/ncas/current-activity/2022/02/11/apple-releases-security-updates-multiple-products

VMSA-2021-0028.12 CVSSv3 Range:9.0-10.0 Issue Date:2021-12-10 Updated On:2022-02-10 2021/12/10: Exploitation attempts in the wild of CVE-2021-44228 have been confirmed by VMware. https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Vulnerabilidad de ejecución remota de código en Tapo C200 de TP-LINK Fecha de publicación: 11/02/2022 Importancia: 5 - Crítica Recursos afectados: Tapo C200 versión 1.15 y anteriores. Descripción: INCIBE ha coordinado la publicación de una vulnerabilidad en TP-Link Tapo C200, con el código interno INCIBE-2021-0601, que ha sido descubierta por Víctor Fresco Perales. A esta vulnerabilidad se le ha asignado el código CVE-2021-4045. Se ha calculado una puntuación base CVSS v3.1 de 9,8, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-remota-codigo-tapo-c200-tp-link

Vodafone Portugal hit by a massive cyberattack Portugal causing severe outages in the country of its communication and television services. https://securityaffairs.co/wordpress/127799/cyber-crime/vodafone-portugal-massive-cyberattack.html

Citrix Releases Security Updates for Hypervisor https://www.cisa.gov/uscert/ncas/current-activity/2022/02/08/citrix-releases-security-updates-hypervisor

February 2022 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2022-Feb

Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM) https://www.cisa.gov/uscert/ncas/current-activity/2022/02/08/critical-vulnerabilities-affecting-sap-applications-employing