Tageszusammenfassung - 16.12.2020

End-of-Day report

Timeframe: Dienstag 15-12-2020 18:00 - Mittwoch 16-12-2020 18:00 Handler: Robert Waldner Co-Handler: n/a

News

Video: Sicher einkaufen im Amazon Marketplace

Auf Amazon können Sie direkt von Amazon, aber auch von unabhängigen Marketplace-Händlerinnen und Händlern bestellen. Vor allem im Marketplace treiben aber auch Kriminelle ihr Unwesen! In diesem Video erfahren Sie, was der Marketplace ist und vor allem wie Sie auch im Marketplace sicher bestellen.

https://www.watchlist-internet.at/news/video-sicher-einkaufen-im-amazon-marketplace/

Vulnerabilities

HPE discloses critical zero-day in server management software

Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux. While security updates are not yet available for this remote code execution (RCE) vulnerability, HPE has provided Windows mitigation info and is working on addressing the zero-day. ... The vulnerability ... is tracked as CVE-2020-7200 and it affects HPE Systems Insight Manager (SIM) 7.6.x.

https://www.bleepingcomputer.com/news/security/hpe-discloses-critical-zero-day-in-server-management-software/

VMSA-2020-0028 VMware Carbon Black Cloud macOS Sensor installer file overwrite issue (CVE-2020-4008)

The installer of the macOS Sensor for VMware Carbon Black Cloud handles certain files in an insecure way. VMware has evaluated the severity of this issue to be in the Low severity range with a CVSSv3 base score of 3.6.

https://www.vmware.com/security/advisories/VMSA-2020-0028.html

Security updates for Wednesday

Security updates have been issued by Debian (firefox-esr), Fedora (mingw-openjpeg2, openjpeg2, and synergy), openSUSE (audacity and gdm), Oracle (libexif, libpq, and thunderbird), Red Hat (firefox, gnutls, go-toolset:rhel8, java-1.7.1-ibm, java-1.8.0-ibm, kernel, kernel-rt, linux-firmware, mariadb-connector-c, mariadb:10.3, memcached, net-snmp, nginx:1.16, nodejs:12, openssl, pacemaker, postgresql:10, python-django-horizon, python-XStatic-Bootstrap-SCSS, python-XStatic-jQuery, python-XStatic-jQuery224 and python-django-horizon), Scientific Linux (gd, kernel, pacemaker, python-rtslib, samba and targetcli), SUSE (PackageKit, openssh, spice and spice-gtk), Ubuntu (firefox and imagemagick).

https://lwn.net/Articles/840398/

ABB Central Licensing System Vulnerabilities, impact on Symphony Plus, Composer Harmony, Composer Melody, Harmony OPC Server

https://search.abb.com/library/Download.aspx?DocumentID=2PAA123981&LanguageCode=en&DocumentPartId=&Action=Launch

ABB Multiple Vulnerabilities in Symphony PlusHistorian

https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch

ABB Multiple Vulnerabilities in Symphony Plus Operations

https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch

Security Advisory - Improper Authentication Vulnerability in Some Huawei Products

http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200318-01-authentication-en

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM QRadar SIEM

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-ibm-qradar-siem-2/

Security Bulletin: PostgresSQL JDBC Driver as used in IBM QRadar SIEM is vulnerable to information disclosure (CVE-2020-13692)

https://www.ibm.com/blogs/psirt/security-bulletin-postgressql-jdbc-driver-as-used-in-ibm-qradar-siem-is-vulnerable-to-information-disclosure-cve-2020-13692/

Security Bulletin: Open Source Security issues for NPS console.

https://www.ibm.com/blogs/psirt/security-bulletin-open-source-security-issues-for-nps-console/

Security Bulletin: Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-ibm-websphere-application-server-in-ibm-cloud-4/

Security Bulletin: Apache Santuario as used in IBM QRadar SIEM is vulnerable to improper input validation (CVE-2019-12400)

https://www.ibm.com/blogs/psirt/security-bulletin-apache-santuario-as-used-in-ibm-qradar-siem-is-vulnerable-to-improper-input-validation-cve-2019-12400/

Security Bulletin: IBM RackSwitch firmware products are affected by a vulnerability in the Kernel (CVE-2020-12464)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-a-vulnerability-in-the-kernel-cve-2020-12464/

Security Bulletin: A security vulnerability in Node.js npm package affects IBM Cloud Pak for Multicloud Management Managed Service.

https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-npm-package-affects-ibm-cloud-pak-for-multicloud-management-managed-service/

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to buffer overflows, Denial of Service or HTTP request smuggling

https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-may-be-vulnerable-to-buffer-overflows-denial-of-service-or-http-request-smuggling/

Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability

https://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-cloud-native-event-analytics-is-affected-by-an-apache-commons-codec-vulnerability-3/

Security Bulletin: A security vulnerability in Node.js node-forge module affects IBM Cloud Pak for Multicloud Management Managed Service.

https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-node-forge-module-affects-ibm-cloud-pak-for-multicloud-management-managed-service/

QEMU vulnerability CVE-2020-14364

https://support.f5.com/csp/article/K09081535?utm_source=f5support&utm_medium=RSS

QEMU vulnerability CVE-2020-25084

https://support.f5.com/csp/article/K41301038?utm_source=f5support&utm_medium=RSS