An update for the package geomap is now available for NetEye 4.
NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating.
Description
geomap is a NetEye package used for maps visualization.
An improper input validation causes Cross Site Scripting when the layers is displayed in maps (CWE-79)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed in the References section.
Solution
Update geomap to latest version (1.19.1-1).
For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section inside the User Guide.
Affected Products
All NetEye 4.x versions prior to and including 4.35
We have resolved an issue that prevented Elastic Agents from successfully connecting to the Fleet Server when their requests were excessively large. Additionally, we addressed a bug in the neteye update and neteye upgrade processes, which was incorrectly initiating a Read More
We fixed a bug which was causing Elastic Agents to disconnect themselves at regular intervals from Fleet. We updated the following packages: elastic-agent, elastic-agent-autosetup, elastic-agent-neteye-config, filebeat, filebeat-autosetup, filebeat-neteye-config, logstash, logstash-neteye-config, logstash-autosetup, logstash-neteye-config-autosetup, kibana, kibana-autosetup, kibana-neteye-config, elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, elasticsearch-xpack-license to Read More
We fixed a bug which was causing the Elasticsearch upgrade procedure to fail in a race condition. In particular, after the upgrade of the Elasticsearch RPM and before the restart of the service, the running Elasticsearch service could possibly fail Read More
Hello everyone! Today, I'd like to briefly discuss an improvement to the update and upgrade procedures that we've started to adopt with NetEye 4.39! What we wanted to improve One aspect that made quite an impact was that whenever the Read More
Hello everyone! Today, I’d like to share an exciting improvement we’ve made to the installation and upgrade procedures in NetEye, introducing a faster and more efficient parallel architecture! Why Modernize the Installation and Upgrade Processes? At Würth Phoenix, we strive Read More