en
Feedback
SysAdmin 24x7

SysAdmin 24x7

Open in Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Show more
Spain12 276Technologies & Applications20 587
4 394
Subscribers
No data24 hours
+47 days
+2230 days
Posts Archive
SysAdmin 24x7
SysAdmin 24x7
4 394
Critical Vulnerability Impacts Over 120 Lexmark Printers. [...] The issue, tracked as CVE-2023-23560 (CVSS score of 9.0), is described as a server-side request forgery (SSRF) flaw in the Web Services feature of newer Lexmark devices, which could be exploited to execute arbitrary code. https://www.securityweek.com/critical-vulnerability-impacts-over-120-lexmark-printers/

SysAdmin 24x7
SysAdmin 24x7
4 394
Ruby on Rails apps vulnerable to data theft through Ransack search. Several applications were vulnerable to brute-force attacks; hundreds more could be at risk Poor integration of the Ransack library into Ruby on Rails (RoR) applications could allow attackers to steal information from backend databases, security firm Positive Security has warned. https://portswigger.net/daily-swig/ruby-on-rails-apps-vulnerable-to-data-theft-through-ransack-search

SysAdmin 24x7
SysAdmin 24x7
4 394
Múltiples vulnerabilidades en BIND Fecha de publicación: 26/01/2023 Identificador: INCIBE-2023-0026 Importancia: 4 - Alta Descripción: Se han notificado 4 vulnerabilidades de severidad alta en BIND y BIND Supported Preview Edition. Solución: Internet Systems Consortium (ISC) recomienda actualizar las versiones de BIND afectadas a la última versión disponible. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-bind-4

SysAdmin 24x7
SysAdmin 24x7
4 394
.NET Framework Remote Code Execution Vulnerability CVE-2022-41089 Microsoft is releasing this security advisory to provide information about a vulnerability in the versions of .NET used in PowerShell 7.2 and 7.3. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A remote code execution vulnerability exists in .NET 6.0 which is used in PowerShell 7.2, and .NET 7.0 which is used in PowerShell 7.3, where a malicious actor could cause a user to run arbitrary code as a result of parsing maliciously crafted xps files. The vulnerability affects PowerShell 7 prior to the following versions: PowerShell 7 Version Fixed in 7.2 7.2.9 7.3 7.3.2 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41089

SysAdmin 24x7
SysAdmin 24x7
4 394

SysAdmin 24x7
SysAdmin 24x7
4 394
VMSA-2023-0001 CVSSv3 Range:5.3-9.8 Issue Date:2023-01-24 CVE(s): CVE-2022-31703, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711 Synopsis: VMware vRealize Log Insight latest updates address multiple security vulnerabilities (CVE-2022-31703, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711) https://www.vmware.com/security/advisories/VMSA-2023-0001.html

SysAdmin 24x7
SysAdmin 24x7
4 394
Over 19,000 end-of-life Cisco routers exposed to RCE attacks. Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain. By chaining two security flaws disclosed last week, threat actors can bypass authentication (CVE-2023-20025) and execute arbitrary commands (CVE-2023-2002) on the underlying operating system of Cisco Small Business RV016, RV042, RV042G, and RV082 routers. Unauthenticated attackers can exploit the critical severity auth bypass flaw remotely via specially crafted HTTP requests sent to the vulnerable routers' web-based management interface to gain root access. https://www.bleepingcomputer.com/news/security/over-19-000-end-of-life-cisco-routers-exposed-to-rce-attacks/

SysAdmin 24x7
SysAdmin 24x7
4 394
Cisco Unified Communications Manager SQL Injection Vulnerability Advisory ID: cisco-sa-cucm-sql-rpPczR8n First Published: 2023 January 18 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwb37205 CSCwb37563 CVE-2023-20010 CVSS Score: Base 8.1 Summary A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. Vulnerable Products This vulnerability affects the following Cisco products: Unified CM Unified CM SME For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-sql-rpPczR8n

SysAdmin 24x7
SysAdmin 24x7
4 394
EmojiDeploy: Smile! Your Azure web service just got RCE’d ._. Ermetic's research team discovered a remote code execution vulnerability affecting Azure cloud services and other cloud sovereigns including Function Apps, App Service and Logic Apps. https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced

SysAdmin 24x7
SysAdmin 24x7
4 394
Researchers found a new critical remote code execution (RCE) flaw impacting multiple services related to Microsoft Azure. https://securityaffairs.com/141007/hacking/microsoft-azure-emojideploy-rce.html

SysAdmin 24x7
SysAdmin 24x7
4 394
Vulnerabilidad crítica en Drupal Fecha de publicación: 19/01/2023 Identificador: INCIBE-2023-0023 Importancia: 5 - Crítica Recursos afectados: Versiones comprendidas entre la 8.0.0 (incluida) hasta la 9.4.10 (no incluida). Versiones comprendidas entre la 9.5.0 (incluida) hasta la 9.5.2 (no incluida). Versiones comprendidas entre la 10.0.0 (incluida) hasta la 10.0.2 (no incluida). Descripción: El equipo de seguridad de Drupal ha publicado una actualización para Drupal 10.0, 9.5 y 9.4 que corrige una vulnerabilidad crítica en el núcleo. Solución: Se recomienda actualizar a la última versión: Para Drupal 10.0, actualiza a Drupal 10.0.2. Para Drupal 9.5, actualiza a Drupal 9.5.2. Para Drupal 9.4, actualiza a Drupal 9.4.10. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-critica-drupal

SysAdmin 24x7
SysAdmin 24x7
4 394
Edición arbitraria de ficheros con sudo Fecha de publicación: 19/01/2023 Identificador: INCIBE-2023-0022 Importancia: 4 - Alta Recursos afectados: Versiones de Sudo 1.8.0 a 1.9.12p1, ambas incluidas. Descripción: Se ha conocido un fallo en la opción -e de sudo (también conocida como sudoedit), que permite a un usuario malicioso con privilegios de sudoedit editar archivos arbitrarios, pudiendo permitir una escalada de privilegios. Solución: Se recomienda actualizar a la versión 1.9.12p2 https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/edicion-arbitraria-ficheros-sudo

SysAdmin 24x7
SysAdmin 24x7
4 394
Múltiples vulnerabilidades en GitLab Fecha de publicación: 18/01/2023 Identificador: INCIBE-2023-0020 Importancia: 5 - Crítica Recursos afectados: Versiones anteriores a 15.7.5, 15.6.6 y 15.5.9 de GitLab Community Edition (CE) y Enterprise Edition (EE). Todos los tipos de despliegue (omnibus, source code, helm chart, etc.) están afectados. Descripción: GitLab ha informado de dos vulnerabilidades que afectan a GitLab Community Edition (CE) y Enterprise Edition (EE) que permitirían en ambos casos un desbordamiento de enteros, lo que podría provocar una ejecución remota de código. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab-3

SysAdmin 24x7
SysAdmin 24x7
4 394
Actualizaciones críticas en Oracle (enero 2023) Fecha de publicación: 18/01/2023 Identificador: INCIBE-2023-0019 Importancia: 5 - Crítica Descripción: Oracle ha publicado una actualización crítica con parches para corregir vulnerabilidades que afectan a múltiples productos. Solución: Aplicar los parches correspondientes, según los productos afectados. La información para descargar las actualizaciones puede obtenerse del boletín de seguridad publicado por Oracle. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-enero-2023

SysAdmin 24x7
SysAdmin 24x7
4 394
Juniper Networks Releases Security Updates for Multiple Products Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2023/01/12/juniper-networks-releases-security-updates-multiple-products

SysAdmin 24x7
SysAdmin 24x7
4 394
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update. https://www.cisa.gov/uscert/ncas/current-activity/2023/01/12/drupal-releases-security-update-address-vulnerability-private

SysAdmin 24x7
SysAdmin 24x7
4 394
Múltiples vulnerabilidades en productos de Cisco Fecha de publicación: 12/01/2023 Identificador: INCIBE-2023-0009 Importancia: 5 - Crítica Recursos afectados: Cisco RV Series Small Business Routers: RV016 Multi-WAN VPN, RV042 Dual WAN VPN, RV042G Dual Gigabit WAN VPN, RV082 Dual WAN VPN. IP Phone 7800 y 8800 Series. Cisco Industrial Network Director (IND). Cisco BroadWorks Application Delivery Platform Device Management Software. Cisco BroadWorks Xtended Services Platform. Descripción: Cisco ha publicado 6 vulnerabilidades, 1 de severidad crítica, 3 alta y 2 medias, que afectan a varios productos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-85

SysAdmin 24x7
SysAdmin 24x7
4 394
Control Web Panel or CentOS Web Panel - CVE-2022-44877 Base Score: 9.8 CRITICAL Description login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. https://nvd.nist.gov/vuln/detail/CVE-2022-44877 Current Versions: CWP6: 0.9.8.943 (EOL) / CWP7: 0.9.8.1148 CWP for CentOS 7 is recommended version. CWP7+ compatible with CentOS Linux 8, CentOS Stream, Alma Linux , Rocky Linux and Oracle Linux https://control-webpanel.com/changelog#1669855527714-450fb335-6194

SysAdmin 24x7
SysAdmin 24x7
4 394
Actualización de seguridad de SAP de enero de 2023 Fecha de publicación: 11/01/2023 Identificador: INCIBE-2023-0007 Importancia: 5 - Crítica Descripción: SAP ha publicado varias actualizaciones de seguridad en diferentes productos en su comunicado mensual. Solución: Visitar el portal de soporte de SAP e instalar las actualizaciones o los parches necesarios, según indique el fabricante. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-enero-2023

SysAdmin 24x7
SysAdmin 24x7
4 394