[CERT-daily] Tageszusammenfassung - 18.01.2022

Daily end-of-shift report team at cert.at
Tue Jan 18 18:35:25 CET 2022


=====================
= End-of-Day report =
=====================

Timeframe:   Montag 17-01-2022 18:00 − Dienstag 18-01-2022 18:00
Handler:     Robert Waldner
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Microsoft releases emergency fixes for Windows Server, VPN bugs ∗∗∗
---------------------------------------------
Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2022 Patch Tuesday.
---------------------------------------------
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-fixes-for-windows-server-vpn-bugs/


∗∗∗ Telenot-Schließanlage: Schwacher Zufall sorgt für offene Türen ∗∗∗
---------------------------------------------
Ein Alarmanlagen- und Schließsystem erstellte Zufallszahlen mit einer dafür nicht geeigneten C-Funktion.
---------------------------------------------
https://www.golem.de/news/telenot-schliessanlage-schwacher-zufall-sorgt-fuer-offene-tueren-2201-162473-rss.html


∗∗∗ Understanding Website SQL Injections ∗∗∗
---------------------------------------------
SQL injection is one of the most common types of web hacking techniques used today. As data breaches continue to happen to some of the most high-profile corporations and brands, it’s become more important for web users to adapt to these increased breaches with changes in behavior like system generated passwords and 2FA. In this post, we’ll be discussing SQL Injections in further detail, and why, as a website owner, you should care about this kind of attack.
---------------------------------------------
https://blog.sucuri.net/2022/01/understanding-website-sql-injections.html


∗∗∗ Zoho Patches Critical Vulnerability in Endpoint Management Solutions ∗∗∗
---------------------------------------------
Zoho Corp on Monday said it has released patches for a critical vulnerability affecting Desktop Central and Desktop Central MSP, the endpoint management solutions from ManageEngine.
---------------------------------------------
https://www.securityweek.com/zoho-patches-critical-vulnerability-endpoint-management-solutions


∗∗∗ Kreditbetrug auf globalekredit-fin.com & darlehenexpert.com ∗∗∗
---------------------------------------------
Sie möchten einen Kredit aufnehmen und suchen im Internet nach günstigen Konditionen? Wir raten zur Vorsicht. In den Suchergebnissen lauern auch betrügerische Angebote wie globalekredit-fin.com oder darlehenexpert.com. Wer dort eine Anfrage stellt, läuft Gefahr viel Geld zu verlieren. Und: Kredite gibt es hier keine!
---------------------------------------------
https://www.watchlist-internet.at/news/kreditbetrug-auf-globalekredit-fincom-darlehenexpertcom/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ VMSA-2022-0002 ∗∗∗
---------------------------------------------
VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability (CVE-2022-22938)
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2022-0002.html


∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (slurm-llnl), openSUSE (apache2, ghostscript, and watchman), Red Hat (kernel and telnet), SUSE (apache2, ghostscript, and kernel), and Ubuntu (clamav).
---------------------------------------------
https://lwn.net/Articles/881648/


∗∗∗ Security Bulletin: IBM Rational Software Architect RealTime Edition (RSA RT) is is vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-software-architect-realtime-edition-rsa-rt-is-is-vulnerable-to-arbitrary-code-execution-and-denial-of-service-due-to-apache-log4j-cve-2021-44228-cve-2021-45046-and/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2341) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2341/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2388, CVE-2021-2369, CVE-2021-2432) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2388-cve-2021-2369-cve-2021-2432/


∗∗∗ Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j (CVE-2021-44832) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-44832/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-36160) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-36160/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-34798) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-34798/


∗∗∗ Security Bulletin: Vulnerability in Apache Log4j affects Cloud Pak for Security (CVE-2021-44228) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-cloud-pak-for-security-cve-2021-44228-2/


∗∗∗ Security Bulletin: Host header injection vulnerability in Business Automation Studio in Cloud Pak for Automation (CVE-2021-29872) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-host-header-injection-vulnerability-in-business-automation-studio-in-cloud-pak-for-automation-cve-2021-29872/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-39275) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-39275/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-42013) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-42013/


∗∗∗ Security Bulletin: Log4j remote code execution vulnerability in Apache Solr and Logstash shipped with IBM Operations Analytics – Log Analysis (CVE-2021-44228) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-log4j-remote-code-execution-vulnerability-in-apache-solr-and-logstash-shipped-with-ibm-operations-analytics-log-analysis-cve-2021-44228-2/


∗∗∗ Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j (CVE-2021-45105) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-45105/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-33193) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-33193/


∗∗∗ Security Bulletin: Cloudera Data Platform is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cloudera-data-platform-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228-2/


∗∗∗ Security Bulletin: A vulnerability in Apache log4j (CVE-2021-45105) affects IBM Operations Analytics Predictive Insights ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-cve-2021-45105-affects-ibm-operations-analytics-predictive-insights/


∗∗∗ Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j CVE-2021-45046 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-45046/


∗∗∗ Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-tomcat-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-44224) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-44224/


∗∗∗ Security Bulletin: Multiple security vulnerabilities fixed in Cloud Pak for Automation components ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-fixed-in-cloud-pak-for-automation-components/


∗∗∗ Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046) and denial of service due to Apache Log4j (CVE-2021-45105) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterprise-certified-container-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-45046-and-denial-of-service-due-to-apache-log4j-cve-2021-451/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-31618-cve-2020-13950-cve-2019-17567-cve-2020-26691-cve-2021-26690-cve-2020-13938/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-40438) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-40438/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2161) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2161/


∗∗∗ Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-35560-cve-2021-35586-cve-2021-35578-cve-2021-35564-cve-2021-35559-cve-2021-35556-cve-2021-3556/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list