TTCSIRT-321.07.08.20: TT-CSIRT ADVISORY- CITRIX MULTIPLE VULNERABILITIES

  • Home
  • Archive for category "Security Advisories"
TTCSIRT-321.07.08.20: TT-CSIRT ADVISORY- CITRIX MULTIPLE VULNERABILITIES
By

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including: Attacks that are limited to the management interface System compromise by an unauthenticated user on the management network. System compromise through Cross […]

Read More
TTCSIRT-320.07.06.20: TT-CSIRT ADVISORY- F5 BIG-IP VULNERABILITY
By

The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create or delete files, disable […]

Read More
TTCSIRT-319.06.30.20: TT-CSIRT ADVISORY – PAN-OS AUTHENTICATION BYPASS IN SAML AUTHENTICATION
By

Paloalto reported a very critical (Severity 10) authentication vulnerability release which affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. The Trinidad and Tobago Cyber Security Incident Response […]

Read More
TTCSIRT-317.051520: TT-CSIRT ADVISORY – CISCO RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS
By

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. For further reference please […]

Read More
TTCSIRT-316.051520: TT-CSIRT ADVISORY –MICROSOFT RELEASES MAY 2020 SECURITY UPDATES
By

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review Microsoft’s May 2020 Security Update Summary and Deployment Information and apply the necessary updates. For further […]

Read More
TTCSIRT-315.050420: TT-CSIRT ADVISORY – MICROSOFT RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS
By

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review Microsoft Advisory ADV200004 and apply […]

Read More
TTCSIRT-314.050420: TT-CSIRT ADVISORY – JUNIPER RELEASES SECURITY UPDATES FOR JUNOS OS
By

Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system. TTCSIRT encourages users and administrators to review Juniper Security Advisory JSA 11021 and apply the necessary updates: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11021

Read More
TTCSIRT-313.050420: TT-CSIRT ADVISORY – SUSE SECURITY UPDATE FOR APACHE2
By

Suse has released security update for Apache2 to address three vulnerabilities such as CVE-2020-1927, CVE-2020-1934 and CVE-2020-1938. This update fixes the following issues: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). CVE-2020-1938: mod_proxy_ajp: Add “secret” parameter to proxy workers to implement […]

Read More
TTCSIRT-312.050420: TT-CSIRT ADVISORY – VMWARE ESXI STORED CROSS-SITE SCRIPTING (XSS) VULNERABILITY
By

A Stored Cross-Site Scripting (XSS) vulnerability in VMware ESXi was privately reported to VMware. Patches are available to address this vulnerability in affected VMware products. VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955). The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the […]

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram