È stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS 3.3.*, Erizone 3.x ed Erizone 5.x.
Tale vulnerabilità sfrutta una falla nel sistema di statistiche lato agente e gli è stata assegnata una criticità di livello alto.
Al fine di garantire la sicurezza del sistema è consigliabile applicare le ultime patch rilasciate.
Per EriZone 5.2:
Via Admin >> Package Manager
Cliccare su “Update repository information” ed aggiornare i pacchetti in questo esatto ordine:
EriZoneCore
EriZoneServiceDeskEnhancement
EriZoneTheme
Per EriZone 3.6:
Via Admin >> Package Manager
Cliccare su “Update repository information” ed aggiornare il pacchetto:
EriZoneCore
Per entrambi i sistemi, collegarsi poi in SSH sulla macchina ed eseguire I seguenti comandi:
Synopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Synopsis Important: Elasticsearch and Logstash security mitigation Type/Severity Security Advisory: Important Topic A mitigation for Logstash and Elasticsearch is now available for NetEye 3. NetEye Product Security has rated this mitigation as having a security impact of Important. A Common Read More
Synopsis Important: Elasticsearch and Logstash security updates Type/Severity Security Advisory: Important Topic An update for Logstash and Elasticsearch is now available for NetEye 4.20 and 4.21. NetEye Product Security has rated this update as having a security impact of Important. Read More
Thanks to automation, migration between NetEye 3 and NetEye 4 can be easily performed for a lot of entities such as hosts and services. But additional elements like parent-child relationships can be missed. So we implemented a procedure for mass-migration Read More
Recently I was asked why alerting in a NetEye 4 environment isn't run via the central master, but instead via the satellites. The background to this is that the NetEye Master is located in Italy, which controls various satellites in Read More