È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS, Erizone 3.x e Erizone 5.x.
A tale vulnerabilità è stata assegnata una criticità di livello alto.
Al fine di garantire la sicurezza del sistema è consigliabile de-registrare il modulo Installer.pm.
Per farlo sarà sufficiente editare il file /opt/erizone/otrs/Kernel/Config.pm ed inserire le seguenti righe:
Synopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Synopsis Important: Elasticsearch and Logstash security mitigation Type/Severity Security Advisory: Important Topic A mitigation for Logstash and Elasticsearch is now available for NetEye 3. NetEye Product Security has rated this mitigation as having a security impact of Important. A Common Read More
Synopsis Important: Elasticsearch and Logstash security updates Type/Severity Security Advisory: Important Topic An update for Logstash and Elasticsearch is now available for NetEye 4.20 and 4.21. NetEye Product Security has rated this update as having a security impact of Important. Read More
Synopsis Important impact: httpd security update Type/Severity Security Advisory: Important impact Topic An update for httpd is now available for NetEye 4.17. NetEye Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Read More
Synopsis Critical: NeDi security update Type/Severity Security Advisory: Critical Topic An update for NeDi is now available for NetEye. NetEye Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base Read More