Much-anticipated plan criticized as “too little, too late”
Daily Archives: May 3, 2023
Dark Web Bust Leads to Arrest of 288 Suspects
Oracle WebLogic Server Vulnerability (CVE-2023-21839) added to CISA Known Exploited Vulnerabilities (KEV) Catalog
What is Oracle WebLogic?
Oracle WebLogic is an enterprise
application server developed by Oracle. According to 6sense.com, the
application server is used by thousands of companies namely AT&T, NTT
Data, Verizon, etc.
What is the attack?
The attack targets
vulnerable Oracle WebLogic Server specifically in Oracle Fusion Middleware. The vulnerability is tracked under CVE-2023-21839 and exploits the flaw that allows unauthorized access to the
vulnerable servers via T3 and IIOP (Oracle proprietary protocol). The affected
versions are: 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
The vulnerability has a CVSS base score of 7.5 and attack
complexity is rated “low” in the vendor advisory.
Why this is significant?
On May 1st, 2023, CISA
(Cybersecurity & Infrastructure Security Agency) added the Oracle
WebLogic Server vulnerability (CVE-2023-21839) to their Known Exploited
Vulnerabilities Catalog. Successful exploitation of the vulnerability allows
unauthenticated attacker to compromise vulnerable Oracle WebLogic Server.
What is the vendor solution?
Oracle released a critical patch
last January.
What is the FortiGuard Coverage?
FortiGuard Labs is currently
investigating coverage for CVE-2023-21839.
SEC Consult SA-20230502-0 :: Bypassing cluster isolation through insecure defaults and shared storage in Databricks Platform
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 02
SEC Consult Vulnerability Lab Security Advisory < 20230502-0 >
=======================================================================
title: Bypassing cluster isolation through insecure defaults and
shared storage
product: Databricks Platform
vulnerable version: PaaS version as of 2023-01-26
fixed version: Current PaaS version
CVE number: –
impact: critical…
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
tinyproxy-1.8.4-2.el7
FEDORA-EPEL-2023-c1088e0644
Packages in this update:
tinyproxy-1.8.4-2.el7
Update description:
This updates tinyproxy to version 1.8.4, which as released by upstream fixes CVE-2012-3505. It also included a backport from a newer upstream release to fix CVE-2017-11747.
DSA-5396 webkit2gtk – security update
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
DSA-5397 wpewebkit – security update
The following vulnerabilities have been discovered in the WebKitGTK
web engine: