A vulnerability has been discovered in Cisco Unity Connection that could allow for arbitrary code execution on a targeted host. Cisco Unity Connection is a unified messaging and voicemail solution that allows users access and manage messages from an email inbox, web browser, Cisco Jabber, Cisco Unified IP Phone, smartphone, or tablet. Successful exploitation could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Monthly Archives: January 2024
Two Ivanti Zero-Days Actively Exploited in the Wild
Ivanti has released mitigation steps after reports of active exploitation of Connect Secure and Policy Secure vulnerabilities
sos-4.6.1-1.fc38
FEDORA-2024-2fb8991c68
Packages in this update:
sos-4.6.1-1.fc38
Update description:
Rebase on upstream 4.6.1: see https://github.com/sosreport/sos/releases/tag/4.6.1 for full changelog.
sos-4.6.1-1.fc39
FEDORA-2024-a2129a4eb5
Packages in this update:
sos-4.6.1-1.fc39
Update description:
Rebase on upstream 4.6.1: see https://github.com/sosreport/sos/releases/tag/4.6.1 for full changelog.
sos-4.6.1-1.fc40
FEDORA-2024-d8aa604880
Packages in this update:
sos-4.6.1-1.fc40
Update description:
Automatic update for sos-4.6.1-1.fc40.
Changelog
* Thu Jan 11 2024 Sandro Bonazzola <sbonazzo@redhat.com> – 4.6.1-1
– Update to 4.6.1
– Resolves: fedora#2257777
– Resolves: fedora#2244214
ZDI-24-074: Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 6.1. The following CVEs are assigned: CVE-2023-52329.
ZDI-24-053: Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2023-46262.
ZDI-24-054: Ivanti Avalanche decode XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2023-46265.
ZDI-24-055: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2023-46264.
ZDI-24-056: Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2023-46263.