[CERT-daily] Tageszusammenfassung - 16.12.2020

Wed Dec 16 18:10:01 CET 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 15-12-2020 18:00 − Mittwoch 16-12-2020 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Video: Sicher einkaufen im Amazon Marketplace ∗∗∗
---------------------------------------------
Auf Amazon können Sie direkt von Amazon, aber auch von unabhängigen Marketplace-Händlerinnen und Händlern bestellen. Vor allem im Marketplace treiben aber auch Kriminelle ihr Unwesen! In diesem Video erfahren Sie, was der Marketplace ist und vor allem wie Sie auch im Marketplace sicher bestellen.
---------------------------------------------
https://www.watchlist-internet.at/news/video-sicher-einkaufen-im-amazon-marketplace/

=====================
=  Vulnerabilities  =
=====================

∗∗∗ HPE discloses critical zero-day in server management software ∗∗∗
---------------------------------------------
Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux. While security updates are not yet available for this remote code execution (RCE) vulnerability, HPE has provided Windows mitigation info and is working on addressing the zero-day. ... The vulnerability ... is tracked as CVE-2020-7200 and it affects HPE Systems Insight Manager (SIM) 7.6.x.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/hpe-discloses-critical-zero-day-in-server-management-software/


∗∗∗ VMSA-2020-0028 VMware Carbon Black Cloud macOS Sensor installer file overwrite issue (CVE-2020-4008) ∗∗∗
---------------------------------------------
The installer of the macOS Sensor for VMware Carbon Black Cloud handles certain files in an insecure way. VMware has evaluated the severity of this issue to be in the Low severity range with a CVSSv3 base score of 3.6.
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2020-0028.html


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (firefox-esr), Fedora (mingw-openjpeg2, openjpeg2, and synergy), openSUSE (audacity and gdm), Oracle (libexif, libpq, and thunderbird), Red Hat (firefox, gnutls, go-toolset:rhel8, java-1.7.1-ibm, java-1.8.0-ibm, kernel, kernel-rt, linux-firmware, mariadb-connector-c, mariadb:10.3, memcached, net-snmp, nginx:1.16, nodejs:12, openssl, pacemaker, postgresql:10, python-django-horizon, python-XStatic-Bootstrap-SCSS, python-XStatic-jQuery, python-XStatic-jQuery224 and python-django-horizon), Scientific Linux (gd, kernel, pacemaker, python-rtslib, samba and targetcli), SUSE (PackageKit, openssh, spice and spice-gtk), Ubuntu (firefox and imagemagick).
---------------------------------------------
https://lwn.net/Articles/840398/


∗∗∗ ABB Central Licensing System Vulnerabilities, impact on Symphony Plus, Composer Harmony, Composer Melody, Harmony OPC Server ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123981&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ ABB Multiple Vulnerabilities in Symphony PlusHistorian ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ ABB Multiple Vulnerabilities in Symphony Plus Operations ∗∗∗
---------------------------------------------
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch


∗∗∗ Security Advisory - Improper Authentication Vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200318-01-authentication-en


∗∗∗ Security Advisory - Out of Bound Read Vulnerability in Huawei Product ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20201216-01-obr-en


∗∗∗ Security Advisory - Improper Authentication Vulnerability in Huawei Product ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20201216-01-vrp-en


∗∗∗ Security Advisory - Out Of Bound Read Vulnerability in Huawei Smartphone ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20201216-01-smartphone-en


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM QRadar SIEM ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-ibm-qradar-siem-2/


∗∗∗ Security Bulletin: PostgresSQL JDBC Driver as used in IBM QRadar SIEM is vulnerable to information disclosure (CVE-2020-13692) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-postgressql-jdbc-driver-as-used-in-ibm-qradar-siem-is-vulnerable-to-information-disclosure-cve-2020-13692/


∗∗∗ Security Bulletin: Open Source Security issues for NPS console. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-open-source-security-issues-for-nps-console/


∗∗∗ Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-ibm-websphere-application-server-in-ibm-cloud-4/


∗∗∗ Security Bulletin: Apache Santuario as used in IBM QRadar SIEM is vulnerable to improper input validation (CVE-2019-12400) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apache-santuario-as-used-in-ibm-qradar-siem-is-vulnerable-to-improper-input-validation-cve-2019-12400/


∗∗∗ Security Bulletin: IBM RackSwitch firmware products are affected by a vulnerability in the Kernel (CVE-2020-12464) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-a-vulnerability-in-the-kernel-cve-2020-12464/


∗∗∗ Security Bulletin: A security vulnerability in Node.js npm package affects IBM Cloud Pak for Multicloud Management Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-npm-package-affects-ibm-cloud-pak-for-multicloud-management-managed-service/


∗∗∗ Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to buffer overflows, Denial of Service or HTTP request smuggling ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-may-be-vulnerable-to-buffer-overflows-denial-of-service-or-http-request-smuggling/


∗∗∗ Security Bulletin: Netcool Operations Insight – Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-cloud-native-event-analytics-is-affected-by-an-apache-commons-codec-vulnerability-3/


∗∗∗ Security Bulletin: A security vulnerability in Node.js node-forge module affects IBM Cloud Pak for Multicloud Management Managed Service. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-node-forge-module-affects-ibm-cloud-pak-for-multicloud-management-managed-service/


∗∗∗ QEMU vulnerability CVE-2020-14364 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K09081535?utm_source=f5support&utm_medium=RSS


∗∗∗ QEMU vulnerability CVE-2020-25084 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K41301038?utm_source=f5support&utm_medium=RSS

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily