[CERT-daily] Tageszusammenfassung - 17.04.2018

Daily end-of-shift report team at cert.at
Tue Apr 17 18:05:53 CEST 2018 

=====================
= End-of-Day report =
=====================

Timeframe:   Montag 16-04-2018 18:00 − Dienstag 17-04-2018 18:00
Handler:     Robert Waldner
Co-Handler:  Alexander Riepl


=====================
=       News        =
=====================


∗∗∗ Cisco Best Practices to Harden Devices Against Cyber Attacks Targeting Network Infrastructure ∗∗∗
---------------------------------------------
Cisco is aware of the recent joint technical alert from US-CERT (TA18-106A) that details known issues which require customers take steps to protect their networks against cyber-attacks. Providing transparency and guidance to help customers best protect their network is a top priority. Cisco security teams have been actively informing customers about the ..
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180416-tsa18-106a


∗∗∗ Wichtige Sicherheitsupdates für VMware vRealize Automation ∗∗∗
---------------------------------------------
Aktualisierte Versionen von vRealize Automation schließen mehrere Sicherheitslücken. Davon gilt keine als kritisch.
---------------------------------------------
https://www.heise.de/meldung/Wichtige-Sicherheitsupdates-fuer-VMware-vRealize-Automation-4025580.html


∗∗∗ Kreditkartenklau, DDoS-Angriffe: Facebook löscht 117 Cybercrime-Gruppen ∗∗∗
---------------------------------------------
Von Forscher gemeldet – Waren teils seit vielen Jahren aktiv, größter Auftritt hatte 47.000 Mitglieder
---------------------------------------------
http://derstandard.at/2000078122065


=====================
=  Vulnerabilities  =
=====================


∗∗∗ 2018-04-17: Vulnerability in Relion® 630 series version 1.3 and earlier - MMS Path Traversal ∗∗∗
---------------------------------------------
2018-04-17: Vulnerability in Relion® 630 series version 1.3 and earlier - MMS Path Traversal
---------------------------------------------
http://search.abb.com/library/Download.aspx?DocumentID=1MRS758878&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ 2018-04-17: Vulnerability in Relion® 630 series version 1.3 and earlier - Weak Database Encryption ∗∗∗
---------------------------------------------
2018-04-17: Vulnerability in Relion® 630 series version 1.3 and earlier - Weak Database Encryption
---------------------------------------------
http://search.abb.com/library/Download.aspx?DocumentID=1MRS758877&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ SSA-845879 (Last Update: 2018-04-17): Firmware Downgrade Vulnerability in EN100 Ethernet Communication Module for SIPROTEC 4, SIPROTEC Compact and Reyrolle ∗∗∗
---------------------------------------------
The EN100 Ethernet communication module, which is an optional extension for SIPROTEC 4, SIPROTEC Compact and Reyrolle devices, allows an unauthenticated upload of firmware updates to the communication module in affected versions.Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf


∗∗∗ SSA-203306 (Last Update: 2018-04-17): Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families ∗∗∗
---------------------------------------------
SIPROTEC 4 and SIPROTEC Compact devices could allow access authorization passwords to be reconstructed or overwritten via engineering mechanisms that involve DIGSI 4 and EN100 Ethernet communication modules.Siemens has released updates for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.
---------------------------------------------
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf


∗∗∗ IBM Security Bulletin: IBM i is affected by DHCP vulnerabilities CVE-2018-5732 and CVE-2018-5733. ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=nas8N1022543


∗∗∗ IBM Security Bulletin: API Connect Developer Portal is affected by Drupal vulnerability (CVE-2018-7600) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015105


∗∗∗ IBM Security Bulletin: IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability from PHP. ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015535


∗∗∗ IBM Security Bulletin: Security vulnerability affects IBM® Rational® Team Concert ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22015454

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily

More information about the Daily mailing list