È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS 3.3.*, Erizone 3.x ed Erizone 5.x.
Tale vulnerabilità sfrutta una falla nel sistema di statistiche lato agente e gli è stata assegnata una criticità di livello alto.
Al fine di garantire la sicurezza del sistema è consigliabile applicare le ultime patch rilasciate.
Per EriZone 5.2:
Via Admin >> Package Manager
Cliccare su “Update repository information” ed aggiornare i pacchetti in questo esatto ordine:
EriZoneCore
EriZoneServiceDeskEnhancement
EriZoneTheme
Per EriZone 3.6:
Via Admin >> Package Manager
Cliccare su “Update repository information” ed aggiornare il pacchetto:
EriZoneCore
Per entrambi i sistemi, collegarsi poi in SSH sulla macchina ed eseguire I seguenti comandi:
Type/Severity Security Advisory: High Topic There is a security update for GLPI Agent Description This version specifically fixes 2 critical security issues related to MSI packaging on Windows: CVE-2024-28240: A local user could modify the GLPI Agent configuration to gain Read More
Synopsis Important: GLPI security update Type/Severity Security Advisory: Important Topic An update for the package glpi is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System Read More
Synopsis Important: lampod security update Type/Severity Security Advisory: Important Topic An update for the package lampod is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System Read More
Synopsis Important: grafana-panel-renderer security update Type/Severity Security Advisory: Important Topic An update for the package grafana-panel-renderer is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Synopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More