Tageszusammenfassung - 18.01.2022

End-of-Day report

Timeframe: Montag 17-01-2022 18:00 - Dienstag 18-01-2022 18:00 Handler: Robert Waldner Co-Handler: Stephan Richter

News

Microsoft releases emergency fixes for Windows Server, VPN bugs

Microsoft has released emergency out-of-band (OOB) updates to address multiple issues caused by Windows Updates issued during the January 2022 Patch Tuesday.

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-fixes-for-windows-server-vpn-bugs/


Telenot-Schließanlage: Schwacher Zufall sorgt für offene Türen

Ein Alarmanlagen- und Schließsystem erstellte Zufallszahlen mit einer dafür nicht geeigneten C-Funktion.

https://www.golem.de/news/telenot-schliessanlage-schwacher-zufall-sorgt-fuer-offene-tueren-2201-162473-rss.html


Understanding Website SQL Injections

SQL injection is one of the most common types of web hacking techniques used today. As data breaches continue to happen to some of the most high-profile corporations and brands, it-s become more important for web users to adapt to these increased breaches with changes in behavior like system generated passwords and 2FA. In this post, we-ll be discussing SQL Injections in further detail, and why, as a website owner, you should care about this kind of attack.

https://blog.sucuri.net/2022/01/understanding-website-sql-injections.html


Zoho Patches Critical Vulnerability in Endpoint Management Solutions

Zoho Corp on Monday said it has released patches for a critical vulnerability affecting Desktop Central and Desktop Central MSP, the endpoint management solutions from ManageEngine.

https://www.securityweek.com/zoho-patches-critical-vulnerability-endpoint-management-solutions


Kreditbetrug auf globalekredit-fin.com & darlehenexpert.com

Sie möchten einen Kredit aufnehmen und suchen im Internet nach günstigen Konditionen? Wir raten zur Vorsicht. In den Suchergebnissen lauern auch betrügerische Angebote wie globalekredit-fin.com oder darlehenexpert.com. Wer dort eine Anfrage stellt, läuft Gefahr viel Geld zu verlieren. Und: Kredite gibt es hier keine!

https://www.watchlist-internet.at/news/kreditbetrug-auf-globalekredit-fincom-darlehenexpertcom/

Vulnerabilities

VMSA-2022-0002

VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability (CVE-2022-22938)

https://www.vmware.com/security/advisories/VMSA-2022-0002.html


Security updates for Tuesday

Security updates have been issued by Debian (slurm-llnl), openSUSE (apache2, ghostscript, and watchman), Red Hat (kernel and telnet), SUSE (apache2, ghostscript, and kernel), and Ubuntu (clamav).

https://lwn.net/Articles/881648/


Security Bulletin: IBM Rational Software Architect RealTime Edition (RSA RT) is is vulnerable to arbitrary code execution and denial of service due to Apache Log4j (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-software-architect-realtime-edition-rsa-rt-is-is-vulnerable-to-arbitrary-code-execution-and-denial-of-service-due-to-apache-log4j-cve-2021-44228-cve-2021-45046-and/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2341)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2341/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2388-cve-2021-2369-cve-2021-2432/


Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j (CVE-2021-44832)

https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-44832/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-36160)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-36160/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-34798)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-34798/


Security Bulletin: Vulnerability in Apache Log4j affects Cloud Pak for Security (CVE-2021-44228)

https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-affects-cloud-pak-for-security-cve-2021-44228-2/


Security Bulletin: Host header injection vulnerability in Business Automation Studio in Cloud Pak for Automation (CVE-2021-29872)

https://www.ibm.com/blogs/psirt/security-bulletin-host-header-injection-vulnerability-in-business-automation-studio-in-cloud-pak-for-automation-cve-2021-29872/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-39275)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-39275/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-42013)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-42013/


Security Bulletin: Log4j remote code execution vulnerability in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2021-44228)

https://www.ibm.com/blogs/psirt/security-bulletin-log4j-remote-code-execution-vulnerability-in-apache-solr-and-logstash-shipped-with-ibm-operations-analytics-log-analysis-cve-2021-44228-2/


Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j (CVE-2021-45105)

https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-45105/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-33193)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-33193/


Security Bulletin: Cloudera Data Platform is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

https://www.ibm.com/blogs/psirt/security-bulletin-cloudera-data-platform-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44228-2/


Security Bulletin: A vulnerability in Apache log4j (CVE-2021-45105) affects IBM Operations Analytics Predictive Insights

https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-cve-2021-45105-affects-ibm-operations-analytics-predictive-insights/


Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to Apache Log4j CVE-2021-45046

https://www.ibm.com/blogs/psirt/security-bulletin-automation-assets-in-ibm-cloud-pak-for-integration-is-vulnerable-to-denial-of-service-due-to-apache-log4j-cve-2021-45046/


Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-tomcat-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-44224)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-44224/


Security Bulletin: Multiple security vulnerabilities fixed in Cloud Pak for Automation components

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-fixed-in-cloud-pak-for-automation-components/


Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046) and denial of service due to Apache Log4j (CVE-2021-45105)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterprise-certified-container-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-45046-and-denial-of-service-due-to-apache-log4j-cve-2021-451/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-31618-cve-2020-13950-cve-2019-17567-cve-2020-26691-cve-2021-26690-cve-2020-13938/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-40438)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-apache-http-server-version-used-in-it-cve-2021-40438/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2161)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-2161/


Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-build-forge-8-0-x-is-affected-by-java-version-used-in-it-cve-2021-35560-cve-2021-35586-cve-2021-35578-cve-2021-35564-cve-2021-35559-cve-2021-35556-cve-2021-3556/