marzo 2022 – Página 2 – Javier García

24 marzo, 202224 marzo, 2022

K21406935: Oracle WebLogic Server vulnerability CVE-2022-21371

Oracle WebLogic Server vulnerability CVE-2022-21371 Security Advisory Security Advisory Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web ... More info: https://support.f5.com/csp/article/K21406935?utm_source=f5support&utm_medium=RSS

24 marzo, 202224 marzo, 2022

K14492558: PHP vulnerability CVE-2021-21708

PHP vulnerability CVE-2021-21708 Security Advisory Security Advisory Description In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with ... More info: https://support.f5.com/csp/article/K14492558?utm_source=f5support&utm_medium=RSS

24 marzo, 202224 marzo, 2022

JSA11176 – 2021-04 Security Bulletin: Junos Space: Multiple vulnerabilities resolved in 21.1R1

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11176&actp=RSS

23 marzo, 202223 marzo, 2022

K31323265: OpenSSL vulnerability CVE-2022-0778

OpenSSL vulnerability CVE-2022-0778 Security Advisory Security Advisory Description The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop ... More info: https://support.f5.com/csp/article/K31323265?utm_source=f5support&utm_medium=RSS

23 marzo, 202223 marzo, 2022

Defending Against Destructive Attacks Targeting Energy and Utilities

Since the Colonial Pipeline attack last year, we have known that additional cyberattacks targeting the energy sector were likely. Against the backdrop of today’s geopolitical crisis, however, VMware believes that all critical infrastructure providers should operate under the assumption that targeted attacks using destructive malware are imminent. Securing internet-facing systems and testing incident response readiness … ContinuedThe post Defending Against Destructive Attacks More info: https://blogs.vmware.com/security/2022/03/defending-against-destructive-attacks-targeting-energy-and-utilities.html?utm_source=rss&utm_medium=rss&utm_campaign=defending-against-destructive-attacks-targeting-energy-and-utilities

23 marzo, 2022

JSA11139 – 2021-04 Security Bulletin: Junos OS: SRX1500/4100/4200/4600/5000 Series with SPC2/SPC3: In a multi-tenant env., a tenant host admin may jailbreak out of their network impacting other tenant

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11139&actp=RSS

23 marzo, 2022

JSA11130 – 2021-04 Security Bulletin: Junos OS: SRX1500/4100/4200/4600/5000 Series with SPC2/SPC3, vSRX Series: In a multi-tenant environment, a tenant host administrator may configure logical firewal

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11130&actp=RSS

23 marzo, 2022

JSA11162 – 2021-04 Security Bulletin: Junos OS: EX2200-C/3200/3300/4200/4500/4550/6210/8208/8216 Series: Receipt of a crafted ARP packet by an adjacent attacker will cause the sfid process to core. (C

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11162&actp=RSS

23 marzo, 2022

Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-006

Project: Drupal coreDate: 2022-March-21Security risk: Moderately critical 11∕25 AC:Complex/A:None/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Third-party librariesCVE IDs: CVE-2022-24775Description: Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released a security update which may affect some Drupal sites.We are issuing this security advisory outside our regular Drupal security release window schedule More info: https://www.drupal.org/sa-core-2022-006

22 marzo, 2022

K54184111: Kibana vulnerability CVE-2019-7609

Kibana vulnerability CVE-2019-7609 Security Advisory Security Advisory Description Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An ... More info: https://support.f5.com/csp/article/K54184111?utm_source=f5support&utm_medium=RSS