A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems.
This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk.
To guarantee the security of your system, we recommend applying last released patches.
For EriZone 5.2:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade the packages strictly in the following sequence:
EriZoneCore
EriZoneServiceDeskEnhancement
EriZoneTheme
For EriZone 3.6:
Via Admin >> Package Manager
Click on “Update repository information” and upgrade package:
EriZoneCore
For both systems, after previous procedure use a console to launch following commands:
Synopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System Read More
Synopsis Important: Elasticsearch and Logstash security mitigation Type/Severity Security Advisory: Important Topic A mitigation for Logstash and Elasticsearch is now available for NetEye 3. NetEye Product Security has rated this mitigation as having a security impact of Important. A Common Read More
Synopsis Important: Elasticsearch and Logstash security updates Type/Severity Security Advisory: Important Topic An update for Logstash and Elasticsearch is now available for NetEye 4.20 and 4.21. NetEye Product Security has rated this update as having a security impact of Important. Read More
Thanks to automation, migration between NetEye 3 and NetEye 4 can be easily performed for a lot of entities such as hosts and services. But additional elements like parent-child relationships can be missed. So we implemented a procedure for mass-migration Read More
Recently I was asked why alerting in a NetEye 4 environment isn't run via the central master, but instead via the satellites. The background to this is that the NetEye Master is located in Italy, which controls various satellites in Read More