È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS, Erizone 3.x e Erizone 5.x.
A tale vulnerabilità è stata assegnata una criticità di livello alto.
Al fine di garantire la sicurezza del sistema è consigliabile de-registrare il modulo Installer.pm.
Per farlo sarà sufficiente editare il file /opt/erizone/otrs/Kernel/Config.pm ed inserire le seguenti righe:
Synopsis Critical: NeDi security update Type/Severity Security Advisory: Critical Topic An update for NeDi is now available for NetEye. NetEye Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base Read More
Synopsis Critical: Icinga Web 2 security update Type/Severity Security Advisory: Critical Topic An update for Icinga Web 2 is now available for NetEye 4.12 and 4.13. NetEye Product Security has rated this update as having a security impact of Critical. Read More
A vulnerability has been detected on the Nagios web interface. Attackers may exploit this vulnerability to gain access to sensitive information or crash the affected application, denying service to legitimate users. To guarantee the security of your system, we recommend Read More
A vulnerability has been detected on EriZone - OTRS systems. This vulnerability is classified with a severity of 7.2 (high). Further information regarding this topic can be found at https://community.otrs.com/security-advisory-2018-03-security-update-for-otrs-framework/ To guarantee the security of your system, we recommend applying last Read More
A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and Read More