A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems.
This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk.
To guarantee the security of your system, we recommend applying last released patches.
For EriZone 5.2:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade the packages strictly in the following sequence:
EriZoneCore
EriZoneServiceDeskEnhancement
EriZoneTheme
For EriZone 3.6:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade package:
EriZoneCore
For both systems, after previous procedure use a console to launch following commands:
Type/Severity Security Advisory: High Topic There is a security update for GLPI Agent Description This version specifically fixes 2 critical security issues related to MSI packaging on Windows: CVE-2024-28240: A local user could modify the GLPI Agent configuration to gain Read More
Synopsis Important: GLPI security update Type/Severity Security Advisory: Important Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System Read More
Synopsis Important: lampod security update Type/Severity Security Advisory: Important Topic An update for the package lampod is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System Read More
Synopsis Important: grafana-panel-renderer security update Type/Severity Security Advisory: Important Topic An update for the package grafana-panel-renderer is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Synopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More