SysAdmin 24x7

Workaround for security issue in 7-Zip until it is fixed. Recent versions of the open source archiver 7-Zip have a vulnerability that has not been fixed yet. Successful exploitation of the vulnerability allows privilege escalation and the execution of commands; it appears that the issue can be exploited locally only. ttps://www.ghacks.net/2022/04/18/workaround-for-security-issue-in-7-zip-until-it-is-fixed/

Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover Cisco fixed a critical flaw in Cisco Wireless LAN Controller (WLC) that could allow an unauthenticated, remote attacker to take control affected devices. Cisco has released security patches to fix a critical vulnerability (CVSS score 10), tracked as CVE-2022-20695, in Cisco Wireless LAN Controller (WLC). A remote, unauthenticated attacker could exploit the flaw to bypass authentication and log in to the device through the management interface. https://securityaffairs.co/wordpress/130217/security/auth-bypass-cisco-wireless-lan-controller.html

Cisco Releases Security Updates for Multiple Products Original release date: April 14, 2022 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2022/04/14/cisco-releases-security-updates-multiple-products

Juniper Networks Releases Security Updates for Multiple Products Original release date: April 14, 2022 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2022/04/14/juniper-networks-releases-security-updates-multiple-products

VMSA-2022-0010.5 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-14 CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965) Impacted Products VMware Tanzu Application Service for VMs (TAS) VMware Tanzu Operations Manager (Ops Manager) VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) https://www.vmware.com/security/advisories/VMSA-2022-0010.html

VMSA-2022-0013 CVSSv3 Range: 9.1 Issue Date: 2022-04-14 CVE(s): CVE-2022-22966 Synopsis: VMware Cloud Director update addresses remote code execution vulnerability (CVE-2022-22966) Impacted Products VMware Cloud Director https://www.vmware.com/security/advisories/VMSA-2022-0013.html

Vulnerabilidad RCE en Apache Struts Fecha de publicación: 13/04/2022 Importancia: 4 - Alta Recursos afectados: Struts, versiones desde la 2.0.0 hasta la 2.5.29. Descripción: El investigador Chris McCown ha reportado una vulnerabilidad de ejecución remota de código (RCE) con severidad alta, cuya explotación podría permitir a un atacante tomar el control del sistema afectado. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-rce-apache-struts

SAP Security Patch Day –April2022 https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10

Microsoft Patch Tuesday includes most vulnerabilities since Sept. 2020 Microsoft released its latest security update Tuesday, disclosing more than 140 vulnerabilities across its array of products. This is a departure from past Patch Tuesdays this year, which have only featured a few dozen vulnerabilities, and is the largest amount of issues in a single Patch Tuesday since September 2020. [...] Windows Hyper-V contains three of the critical vulnerabilities patched this month [...] [...] There are also two critical remote code execution vulnerabilities in the Windows Network File System[...] [...] CVE-2022-24500 is another critical remote code execution vulnerability that exists in Windows SMB.[...] https://blog.talosintelligence.com/2022/04/microsoft-patch-tuesday-includes-most.html

USN-5371-1: nginx vulnerabilities 12 APRIL 2022 Several security issues were fixed in nginx. Releases Ubuntu 21.10  Ubuntu 20.04 LTS  Ubuntu 18.04 LTS  Ubuntu 16.04 ESM Packages nginx - small, powerful, scalable web/proxy server https://ubuntu.com/security/notices/USN-5371-1

Windows Network File System Remote Code Execution Vulnerability CVE-2022-24497 Released: Apr 5, 2022 Assigning CNA:Microsoft MITRE CVE-2022-24497 CVSS:3.1 9.8 / 8.5 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24497

Windows Network File System Remote Code Execution Vulnerability CVE-2022-24491 Released: Apr 12, 2022 Assigning CNA:Microsoft MITRE CVE-2022-24491 CVSS:3.1 9.8 / 8.5 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491

Apache Releases Security Advisory for Struts 2 Original release date: April 12, 2022 The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Apache’s security advisory S2-062 and upgrade to the latest released version. https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/apache-releases-security-advisory-struts-2 https://cwiki.apache.org/confluence/plugins/servlet/mobile?contentId=210079428#content/view/210079428

Citrix Releases Security Updates for Multiple Products Original release date: April 12, 2022 Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary updates. CTX370550 CTX377814 CTX370551 CTX341455 https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/citrix-releases-security-updates-multiple-products

Latest Servicing Stack Updates ADV990001 Security Advisory Released: Nov 13, 2018 Last updated: Apr 12, 2022 https://msrc.microsoft.com/update-guide/vulnerability/ADV990001

Google Releases Security Updates for Chrome https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/google-releases-security-updates-chrome

Microsoft Releases April 2022 Security Updates Original release date: April 12, 2022 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/microsoft-releases-april-2022-security-updates

VMSA-2022-0010.4 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-08 CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965) Impacted Products VMware Tanzu Application Service for VMs (TAS) VMware Tanzu Operations Manager (Ops Manager) VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) https://www.vmware.com/security/advisories/VMSA-2022-0010.html

https://t.me/sysadmin24x7/4927 Actualización de contenido sobre vulnerabilidad VMSA-2022-0010.2 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-06 CVE(s):CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965) Impacted Products VMware Tanzu Application Service for VMs (TAS) VMware Tanzu Operations Manager (Ops Manager) VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) https://www.vmware.com/security/advisories/VMSA-2022-0010.html

ICS Medical Advisory (ICSMA-21-187-01) Philips Vue PACS (Update B) CVSS v3: 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Improper Authentication, Improper Initialization, Use of a Broken or Risky Cryptographic Algorithm, Protection Mechanism Failure, Use of a Key Past its Expiration Date, Insecure Default Initialization of Resource, Improper Handling of Unicode Encoding, Insufficiently Protected Credentials, Data Integrity Issues, Cross-site Scripting, Improper Neutralization, Use of Obsolete Function, Relative Path Traversal https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01