The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.

Indusface's research on 1,400+ Web apps, mobile apps, and APIs revealed that open vulnerabilities remain cybercriminals' most significant attack vector.

According to the report, 829 million attacks were blocked on the AppTrana WAF in the fourth quarter of 2022, a 79% increase from the third quarter.

The alarming finding is that 61,713 open vulnerabilities were found, which is a 50% jump from the third quarter. The number of open vulnerabilities directly relates to the increased threat actors.

How can you protect them? The best option is to fix known vulnerabilities using virtual patching at the WAF level while blocking attacks.

**Critical Vulnerabilities Found on Applications**

While any vulnerability carries a risk to your business, here are the top 10 high/critical vulnerabilities that hackers attempted to exploit during the fourth quarter of 2022:

*   Server-side request forgery
*   HTML injection
*   Cross-site scripting (XSS)
*   TLS/SSL server certificate will expire soon
*   Script source code disclosure
*   SQL injection
*   SSL certificate common name mismatch
*   TLS/SSL server certificate expired
*   Untrusted TLS/SSL server certificate
*   Insecure Direct Object References

Prioritize addressing these vulnerabilities if you have not done so already.

**Cost of Vulnerabilities**

A single vulnerability can invite thousands of cybersecurity troubles. Poodle, Heartbleed, EternalBlue, and Shellshock are just a few of the vulnerabilities that open businesses to security threats.

The report found 31% of vulnerabilities have been open for 180+ days. And 1,700+ of these are rated as critical and high vulnerabilities.

So, what happens if you don't patch the vulnerabilities? A failure to maintain this responsibility could have severe effects, including potential security breaches.

Back in 2017, the massive Equifax security breach made headlines. Hackers exploited the known vulnerability CVE-2017-5638 in their app framework and gained access to the company's system.

This breach exposed the personally identifiable information (PII) of 147 million people. Two years after the breach, the company said it spent $1.4 billion on cleanup costs and revamping its security program. Equifax agreed to pay up to $700 million to settle claims related to the breach.

The breach's total cost is likely higher than the reported settlements and expenses. It also includes intangible costs such as loss of trust, brand reputation, and long-term impact on the business.

**Managing Vulnerabilities With Virtual Patching**

Security patches play a vital role in dealing with vulnerabilities. They patch up the security gaps and resolve the risks. After all, successful exploitation means an insecure configuration or missing security control.

The patching process can, at times, be challenging. Many companies turn to virtual patching to protect their apps on the Web application firewall (WAF) when a system can't be patched immediately.

Virtual patching is a vulnerability shield that secures apps during your risk window and beyond. It enables you to scale your coverage and responses accordingly with appropriate defense, which can be applied in minutes or hours. Thereby, it reduces the risk of exposure to vulnerabilities.

Virtual patching is attained by implementing a security policy layer in the WAF. It eliminates application vulnerabilities without changing the codebase.

Companies can leverage virtual patching in two ways to mitigate vulnerabilities:

1.  Core rules
2.  Custom rules

The Indusface report found that the WAF core rule set blocks 40% of requests, and custom rules block 60%.

**Why Are the Custom Rules Gaining Momentum?**

Core rules are predefined, standardized, based on industry best practices, and designed to protect against known vulnerabilities. Security experts typically create these rules. Core rules are easy to implement and can provide high protection.

Since most dev teams work on sprints that are a few weeks long, vulnerabilities keep getting added with the changing code.

Most companies leverage weekly scans and periodic penetration testing on applications. Since fixing these on code will be long and arduous, product owners rely on WAF's custom rules to plug these vulnerabilities while their dev team focuses on shipping features.

Whenever the teams get to a security-focused sprint, they fix these vulnerabilities in the code.

Virtual patching is also used as a risk mitigation mechanism. For instance, we have observed that geofencing is gaining popularity in the custom rule category as application owners look to limit traffic from geographies where the application is not designed to be used. The other example is blacklisting or whitelisting IPs that are used to allow traffic to the application.

**False Positive Monitoring**

While the power of custom rules is undisputed, they also add the burden of monitoring applications for false positives.

In talking to several security leaders, one consistent theme that we keep hearing about is the lack of skilled security practitioners who can manage a complex application like a WAF/WAAP.

The other challenge is the worsening economy; security teams are increasingly being asked to do more with less.

We are seeing an increased trend of product owners relying on managed services to help with virtual patches and guarantee no false positives.

**Conclusion**

If the attackers discover a piece of exploitable code, the next step is taking advantage of the vulnerability.

The sooner you deploy the virtual patching, the sooner attackers look elsewhere. Keep your WAF running to ensure your security and bottom line.

**About the Author**

    

Venky is an application security technologist who built the new-age Web application scanner and cloud WAF AppTrana at Indusface as a founding CTO. Currently, he spends his time on driving product road map, customer success, growth, and technology adoption for US businesses.

AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites

By Owais Sultan
What is a CDN? How can businesses benefit from a CDN? and What to look for in a CDN provider?
This is a post from HackRead.com Read the original post: Content Delivery Network (CDN) FAQs

Content Delivery Networks (CDNs) have become increasingly popular among businesses of all sizes in recent years. They offer a host of benefits to businesses, which can help to aid the smooth running of operations and boost reputation, efficiency, reliability, security, and the business’s bottom line. This is why they have gained such popularity among businesses in a wide variety of industries.

If you are considering investing in CDN services, you need to ensure you choose the right solution and provider for your business’s needs. Additionally, you should do thorough research to learn how these solutions can help your business.

You can learn about everything from the convenience of integrated CDN solutions to how CDN can help your business when you conduct research. Looking at FAQs about CDN services and solutions can also help; we have provided a sample of common questions and answers below.

**Some Common Questions**

If you want to get to grips with CDN solutions and how they could help your business, here are a few of the many common questions and answers:

**What Is a Content Delivery Network?**

A CDN is a collection of servers that are geographically distributed and work in tandem to ensure the speedy, efficient, and reliable delivery of internet content. It enables the swift transfer of assets required for loading Internet content, including javascript files, HTML pages, videos, images, and more.

The popularity of CDNs means that most web traffic is served through them, including for high-traffic sites such as Facebook and Amazon.

**Does a CDN Replace Web Hosting?**

Another common question is whether a CDN replaces web hosting; the answer is no. CDNs do not host content, but they do help to cache content to improve performance. Standard hosting services often do little to boost performance; this is where a CDN can help. By reducing hosting bandwidth through caching, the CDN can help improve performance, reduce interruptions, boost security, and even cut costs.

**How Can Businesses Benefit from a CDN?**

Following the previous question and answer, there are many ways in which businesses can benefit from CDNs, boosting their popularity. You will find that this is a cost-effective solution; it can reduce downtime, boost performance, provide greater security, and help to speed things up, among other things.

**What Do You Look for in a CDN Provider?**

Many people are eager to know what they should look for in a CDN service provider, and there are several key factors to keep in mind. Of course, the cost of the solution is an important factor to help keep your business within budget.

However, you also need to look at things such as DNS response times, network connectivity, throughput and wait times, and cache hit-or-miss ratios, among other things.

**Conclusion**

In conclusion, Content Delivery Networks are a powerful tool for businesses that need to improve their website’s performance, scalability and security. With the help of this FAQ, we hope that readers have been able to better understand the basics of CDNs and can now decide whether they should consider using one for their website.

As with any technology, there are both advantages and disadvantages that must be considered before investing in a Content Delivery Network.

1.  Cloud Hacking – Why API Remains the Biggest Threat?
2.  VPS Hosting Vs. Dedicated Servers – Which Is Better?
3.  Managed Cloud Hosting vs. Unmanaged Cloud Hosting
4.  5 WordPress Security Solutions with Free SSL Certificates
5.  How Web Application Firewall (WAF) protects your website

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

Content Delivery Network (CDN) FAQs

Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting vulnerability, due to a lack of JavaScript request string sanitization. Using this vulnerability, an authenticated attacker can execute arbitrary HTML and script code in the target browser against another Metasploit Pro user using a specially crafted request. Note that in most deployments, all Metasploit Pro users tend to enjoy privileges equivalent to local administrator.

*   Pro: We completed dependency updates required to support the latest Metasploit Framework version 6.3.
    
*   Pro: We completed a periodic update of the Java Runtime to maintain a good security posture.
    
*   PR 16685 - Updates the Kerberos Authentication support to include multiple new encryption types, which will allow Kerberos Authentication to work against newer targets that have older encryption types disabled.
    
*   PR 16689 - Adds support for host addresses in kerberos tickets.
    
*   PR 16700 - Updates LDAP modules to support Kerberos and NTLM authentication.
    
*   PR 16749 - Adds Kerberos Authentication support to WinRM modules.
    
*   PR 16760 - Updates WinRM sessions to support delegated Kerberos tickets, to be able to access additional network resources from the compromised server.
    
*   PR 16770 - This enables the reuse of previously obtained CCache files for MSSQL, SMB, WinRM, and LDAP authentication. After a successful authentication using Kerberos, tickets are stored in CCache files. They will be reused for subsequent authentications without having to renegotiate new Kerberos tickets.
    
*   PR 17025 - Adds a new USER_RID option to the Kerberos ticket forging module auxiliary/admin/kerberos/forge_ticket.
    
*   PR 17340 - The Python Meterpreter has been updated to warn that the bind information is ignored when a reverse port forward is created to prevent confusion when this information is supplied by a user.
    
*   PR 17343 - This makes performance improvements to the windows/local/unquoted_service_path module.
    
*   PR 17373 - Adds ticket flags when presenting krb5 ccaches on msfconsole.
    
*   PR 17374 - Adds klist command support to list Kerberos tickets in the database.
    
*   PR 17451 - This adds netntlm and netntlmv2 hashes support to auxiliary/analyze/crack_windows module.
    
*   PR 17456 - This PR adds a new KrbOfferedEncryptionTypes option that allows users to configure what encryption types are used with the KDC.
    
*   PR 17466 - This updates the auxiliary/scanner/smb/smb_version module to store additional service information in the database so it can be viewed later.
    
*   PR 17473 - Updates the docs site to have an edit link at the bottom of each page which will take you to the corresponding markdown file on Github for editing.
    
*   PR 17475 - Enables the datastore\_fallbacks feature flag by default. This is a rewrite of Metasploit's datastore to fix multiple bugs and edge-cases. The unset command will now consistently unset previously set datastore values, so that default values are used once again.
    
*   PR 17480 - A new alias has been added for payloads called exploit which will perform the same action as to_handler, to help users familiar with exploit modules to use the same familiar exploit method to open handlers when using payloads.
    
*   PR 17518 - A new adapter has been added to run Python payloads on Windows. This is notably useful for testing Python payloads as SYSTEM or delivered on demand through an exploit module such as psexec.
    
*   PR 17519 - Improves the SMTP delivery error handling for the auxiliary/client/smtp/emailer module.
    
*   PR 17526 - Updates the show options and show advanced command to visually group options with the same conditions together, such as options that require an action or datastore value to be set.
    
*   PR 17535 - This adds NTLM hash recover to the kerberos/get\_ticket module.
    
*   PR 17539 - Adds additional error handling for Kerberos error codes.
    

*   Pro: We addressed CVE-2023-0599, a stored XSS vulnerability on the individual host services page reported by Michael Caruso. Thank you for the coordinated disclosure.
    
*   Pro: We improved the CLI startup process to ensure running tasks are no longer interrupted by starting a Pro console.
    
*   PR 17385 - This PR fixes the file write and file append methods to return the expected Boolean values rather than nil.
    
*   PR 17455 - Fixes an issue where Kerberos responses could not be received in smaller chunks, such as in bandwidth restricted networks.
    
*   PR 17482 - Fixes a connection issue with reverse\_https stagers that are executed on Windows servers attempting to negotiate TLS1 when Metasploit was using OpenSSL3.
    
*   PR 17491 - A bug has been fixed in the lib/msf/core/exploit/remote/ldap.rb library that handles LDAP communications for several modules to ensure that failures use the right namespace when throwing errors to prevent crashes.
    
*   PR 17497 - This fixes an error where modules that issue certificates (icpr\_cert and now auxiliary/admin/dcerpc/cve\_2022\_26923\_certifried) would crash if the response from the server was that the certificate was submitted and no certificate was returned. This updates the code to check if the certificate is present before attempting to process it.
    
*   PR 17516 - The version of metasploit-payloads has been bumped up to add support for dual IPv4/IPv6 stacks to Python Meterpreter, add support for enumerating desktops with the enumdesktops command to Python Meterpreter, and also add support for binding to the specified localhost to compiled versions of Meterpreter.
    
*   PR 17525 - Fixes a deprecation warning when using socks proxy support in Metasploit.
    
*   PR 17541 - Fixes a crash that occurs when domain option is set to blank.
    
*   PR 17549 - Updates the inspect_ticket module to output a user friendly error if the ticket decryption has failed, i.e. due to an invalid decryption key.
    

*   PR 16625 - Adds a new scanner/kerberos/kerberos_login module for bruteforcing and verifying credentials against a Kerberos server. Accounts which do not require preauthnetication, i.e. AS-REP Roastable accounts, will have the hashes output for offline cracking.
    
*   PR 17348 - This PR adds a module that performs a DoS attack on Mirage Firewall versions 0.8.0-0.8.3.
    
*   PR 17407 - This adds an exploit that targets various versions of Cacti network-monitoring software. For versions 1.2.22 and below, there exists an unauthenticated command injection vulnerability in remote_agent.php that when exploited, will result in remote code execution as the user running the Cacti server.
    
*   PR 17449 - A new module has been added for CVE-2021-44529, an unauthenticated code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512. Successful exploitation requires sending a crafted cookie to the client endpoint at /client/index.php to get command execution as the nobody user.
    
*   PR 17479 - This adds an exploit module that leverages an unauthenticated SQLi against Wordpress plugin Paid Membership Pro. This vulnerability is identified as CVE-2023-23488 and affects versions prior to 2.9.8. This module retrieves Wordpress usernames and password hashes using Time-Based Blind SQL Injection technique.
    
*   PR 17533 - Enhances the auxiliary/admin/kerberos/get\_ticket module with PKINIT functionality.

CVE-2023-0599: Metasploit Release Notes

The Security Innovation Alliance (SIA) empowers customers to create holistic security programs by leveraging robust end-to-end integration partnerships.

**Los Altos, CA — February 1, 2023** — Contrast Security (Contrast), the code security platform built for developers and trusted by security,today announced the launch of its new partner program, theSecurity Innovation Alliance (SIA), which is a global ecosystem of system integrators (SIs), cloud, channel and technology alliances.

The goal of SIA is to provide customers with unmatched, fully integrated application security solutions from Contrast and its strategic alliance partners, which include leading multinationals like GitLab Inc., Amazon/Amazon Web Services (AWS), Microsoft, VMware, PagerDuty, Armor Code, Zimperium, Anchore, Neosec, Wallarm, Ermetic, Cloudwize, Noname Security, BLST Security, ProtectOnce, Scribe Security, Wiz, Wib and Legit Security. Additionally, the team will focus on building expanded partnerships with SIs, technology providers and independent software vendors (ISVs).

“We recognize that organizations cannot rely on a single security solution to fully protect customers from rising cyber threats. That is why it is critical to have strong, technical integrations between the tools that developers, operations and security teams use,” said Ben Goodman, Senior Vice President of Corporate Development and Strategic Alliances at Contrast Security. “Contrast has made significant investments in building an ecosystem, an engineering team, interfaces and tooling in order to launch SIA. I believe that technical partnerships start with technical integrations, and this new partner program will revolutionize the way customers scale their security solutions.”

SIA and the strong strategic partner integrations driven by Contrast will not only allow partners to easily integrate with the Contrast Secure Code Platform, but enable customers to achieve the following benefits:

*   Confidently use Contrast offerings as part of a larger application security (AppSec) program.
*   Enhanced security predictability and reduced risk of implementing new code and AppSec technologies.
*   Strengthened trust and confidence in the technologies that have already been deployed.

“When security solutions easily complement your DevSecOps toolchain, software engineers can deliver production grade software faster and more reliably,” said Nima Badiey, Global VP of Alliances at GitLab Inc. “As a launching member of Contrast’s new SIA ecosystem, we are helping customers discover and adopt more robust security practices. This enables companies to continually invest and innovate in modern and secure software supply chains.”

SIA is designed to improve its partners’ business capabilities to meet the needs of customers in AppSec. Contrast works with each partner to provide a custom experience that best fits their interests and business needs including a simple onboarding process, integration support, joint marketing campaigns and access to the company’s impressive install base.

“IDC has long recognized the importance of a robust ecosystem in AppSec. Customers can benefit when strategic partners work together for more holistic and integrated solutions for security. The Security Innovation Alliance enhances Contrast's portfolio by expanding its capabilities for customers and partners," said Jim Mercer, Research Vice President DevOps and DevSecOps at IDC.

SIA is led by Goodman, a successful Alliance professional, and other industry leaders, including Tracey Mead, Vice President, Strategic Alliances, System Integrators; Rachael Mott, Senior Director, Strategic Alliances, Technology Partners; Frank Gasparovic, Director, Ecosystem Engineering; Callie McCormick, Global Director of Channel Sales; and Ram Yonish, VP of EMEA Alliances.

To join the growing ecosystem of partners or to find out more about SIA, please visit our website, read our blog and listen to Goodman’s interview on Contrast’s Code Patrol podcast.

**About Contrast Security (Contrast):**

A world leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete software development life cycle (SDLC) with Contrast to protect against today’s targeted application security (AppSec) attacks. Contrast also makes security testing available to all developers for free with CodeSec.

Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today’s pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of common vulnerabilities and exposures (CVEs). This allows security teams to avoid spending time on focusing false positives and remediate true vulnerabilities faster. Contrast’s platform solutions for code assessment, testing, protection, serverless, supply chain, APIs and languages help enterprises achieve true DevSecOps transformation and compliance.

Contrast protects against major cybersecurity attacks for its customer base which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, SOMPO Japan and American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM Cloud, Guidepoint, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers.

The growing demand for the world’s only platform for code security has landed the company on some of the most prestigious lists including the Inc. 5000 List of America’s Fastest Growing Companies and has designated Contrast as one of the fastest growing companies on the Deloitte Technology Fast 500 List.

Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions

Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled.

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

CVE-2023-23130: GitHub - l00neyhacker/CVE-2023-23130: CVE-2023-23130

Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2023-23692

Dell before DDOS 7.9 has a vulnerability that may potentially allow escalation of privileges by authenticated user of lower privilege. This can lead to unauthorized privileged access into the system.

8.8

CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More information**

iDRAC9

CVE-2022-24422

See Dell KB article 199267: DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability

Intel BIOS

CVE-2021-0060

See Dell article 196007: DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

See Dell article 198065: DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities

CVE-2021-28210

CVE-2021-28211

OpenSSL

CVE-2022-0778

https://nvd.nist.gov/vuln/detail/CVE-2022-0778

OpenSSH

CVE-2021-41617

https://nvd.nist.gov/vuln/detail/CVE-2021-41617  
https://nvd.nist.gov/vuln/detail/CVE-2020-14145  
https://nvd.nist.gov/vuln/detail/CVE-2016-20012

CVE-2020-14145

CVE-2016-20012

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2023-23692

Dell before DDOS 7.9 has a vulnerability that may potentially allow escalation of privileges by authenticated user of lower privilege. This can lead to unauthorized privileged access into the system.

8.8

CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More information**

iDRAC9

CVE-2022-24422

See Dell KB article 199267: DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability

Intel BIOS

CVE-2021-0060

See Dell article 196007: DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

See Dell article 198065: DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities

CVE-2021-28210

CVE-2021-28211

OpenSSL

CVE-2022-0778

https://nvd.nist.gov/vuln/detail/CVE-2022-0778

OpenSSH

CVE-2021-41617

https://nvd.nist.gov/vuln/detail/CVE-2021-41617  
https://nvd.nist.gov/vuln/detail/CVE-2020-14145  
https://nvd.nist.gov/vuln/detail/CVE-2016-20012

CVE-2020-14145

CVE-2016-20012

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2022-24422

PowerProtect DD Appliance model: DD3300, DD6400, and DD6900, DD9400, and DD9900

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.2 and later to stay on LTS 7.7

For more details about DDOS versions available for download, see the links to Dell articles below (requires log in to Dell Support to view articles):

*   81247: Data Domain: DD OS Software Versions
*   14125: Data Domain Operating System Software Portal Availability Policy

CVE-2021-0060

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

CVE-2021-28210

CVE-2021-28211

CVE-2022-0778

PowerProtect DD  
DDOS and DDMC

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.3 and later to stay on LTS

CVE-2021-41617

CVE-2020-14145

LTS 7.7.1 to 7.7.2

7.7.3 and later

CVE-2016-20012

6.2.1.80 and earlier

6.2.1.90 and later

CVE-2023-23692

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2022-24422

PowerProtect DD Appliance model: DD3300, DD6400, and DD6900, DD9400, and DD9900

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.2 and later to stay on LTS 7.7

For more details about DDOS versions available for download, see the links to Dell articles below (requires log in to Dell Support to view articles):

*   81247: Data Domain: DD OS Software Versions
*   14125: Data Domain Operating System Software Portal Availability Policy

CVE-2021-0060

CVE-2021-0147

CVE-2021-0127

CVE-2021-0103

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0099

CVE-2021-0111

CVE-2021-0107

CVE-2021-0125

CVE-2021-0124

CVE-2021-0119

CVE-2021-0092

CVE-2021-0091

CVE-2021-0093

CVE-2019-14584

CVE-2021-28210

CVE-2021-28211

CVE-2022-0778

PowerProtect DD  
DDOS and DDMC

7.0 to 7.8

7.9.0.0 and later  
Or  
7.7.3 and later to stay on LTS

CVE-2021-41617

CVE-2020-14145

LTS 7.7.1 to 7.7.2

7.7.3 and later

CVE-2016-20012

6.2.1.80 and earlier

6.2.1.90 and later

CVE-2023-23692

**Versiohistoria**

**Revision**

**Date**

**Description**

1.0

2022-07-07

Initial Release

1.1

2022-07-12

Edited versions in Affected Products and Remediation Table Affected Version Column

1.2

2022-08-31

Added "7.7.3 and above" to Affected Products and Remediation Table

1.3

2022-01-12

Added CVE-2023-23692 to Proprietary Code Table. 

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Data Domain, Data Domain, Data Domain Boost, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, Data Domain Encryption, Data Domain Extended Retention, Data Domain GDA , Data Domain NDMP Tape Server, Data Domain Replicator, Data Domain Retention Lock, Data Domain Storage Migration, Data Domain Virtual Tape Library, Data Domain Virtual Tape Library for IBM I/OS, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, Product Security Information, Storage Direct for Data Domain ...

27 tammik. 2023

CVE-2023-23692: DSA-2022-187: Dell Technologies PowerProtect Data Domain Security Update for Multiple Third-Party Component Vulnerabilities

Printer exploit chain could be weaponized to fully compromise more than 100 models

Charlie Osborne 01 February 2023 at 12:18 UTC  
Updated: 01 February 2023 at 13:26 UTC

Printer exploit chain could be weaponized to fully compromise more than 100 models

A security researcher dropped a zero-day remote code execution (RCE) chain of vulnerabilities affecting Lexmark printers after claiming the disclosure reward he was offered was “laughable”.

Independent researcher Peter Geissler (@bl4sty) said that public disclosure of the bug, a zero-day flaw at the time of release but now patched, was preferable to the report being sold “for peanuts”.

In a tweet dated January 10, Geissler published a link to a GitHub repository containing information on the vulnerability chain.

The exploit was tested against firmware version CXLBL.081.225, and while entered into Pwn2Own Toronto 2022 – ran by the Zero Day Initiative (ZDI) – the attack was unsuccessful during demonstrations.

**‘Seemingly harmless’ functions**

However, according to the researcher’s writeup, several isolated or “seemingly harmless” functions could be exploited to “eventually fully compromise the device”.

These functions included file upload and file copy primitives, alongside a daemon related to SOAP web services that could be abused to make an HTTP callback to an attacker’s selected endpoint, resulting in server-side request forgery (SSRF).

DON’T MISS Deserialized roundup: ‘Catastrophic cyber events’ and T-Mobile, LastPass troubles

“When the callbacks are being made the software does not do any sanity-checking on the destination of the callbacks, thus it is possible to send callbacks to arbitrary hosts, including the printer itself,” Geissler explained.

Furthermore, a process called /auto-fwdebugd could be exploited due to a failure to sanitize inputs from a first-in, first-out system, causing a command injection bug.

By chaining the above, it was possible to achieve RCE.

**Patch available**

In a security advisory released on January 23, Lexmark said the issue, tracked as CVE-2023-23560 (CVSSv3 9.0) and released under one CVE assignment, impacts over 100 models but has now been patched.

The company said there is no evidence of malicious use in the wild. When approached for comment, Lexmark said: “Lexmark became aware of details of this vulnerability when it was publicly disclosed. We have provided a patch to our customers.

“We encourage anyone who identifies a vulnerability which may affect a Lexmark product to report it to Lexmark Security Advisories. This vulnerability management approach is one reason Lexmark is consistently named a leader in print security by industry analysts.”

Geissler says that while the exploit chain didn’t fully function during the competition – potentially due to different configurations on the test printer – ZDI did offer to purchase the security flaws. However, the amount was “laughable” and Geissler “promptly forgot about their offer”.

Read more news about the latest web security vulnerabilities

Speaking to The Daily Swig, Geissler explained that the amount offered by ZDI was a “small fraction” of the original reward as someone else during the competition successfully targeted the printer with a different chain of bugs.

When asked for his motivation beyond securing a payout to release his findings, Geissler commented: “If you sell to them you cannot publish anything until the bug(s) have been fixed by \[the\] vendor, afaik \[as far as I know\] that’s the only real (reasonable) restriction for publication.”

**Disclosure**

According to the researcher, Lexmark was not notified before the zero-day’s release for two reasons.

First, Geissler wished to highlight how the Pwn2Own contest is “broken” in some regards, as shown when low monetary rewards are offered for “something with a potentially big impact” – such as an exploit chain that can compromise over 100 printer models.

Furthermore, he said that official disclosure processes are often long-winded and arduous.

“In my experience, patching efforts by the vendor are greatly accelerated by publishing turnkey solutions in the public domain without any heads up whatsoever,” Geissler noted.

“Lexmark might reconsider partnering with similar competitions in the future and opt to launch their own vulnerability bounty/reward program.”

YOU MAY ALSO LIKE Facebook two-factor authentication bypass bug earns researchers $27k

Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’

True Anomaly, a startup backed by US senator JD Vance's VC firm, plans to launch prototype pursuit satellites on a SpaceX flight later this year.

Former US Air Force major Even “Jolly” Rogers is worried about a space war. “Conflict exists on a continuum that begins with competition and ultimately leads into full-scale conflict like what you’re seeing in Ukraine,” he says. The US, he adds, is already “in active competition with Russia and China for freedom of action and dominance of the space domain. And it’s evolving very quickly.”

So on January 26 last year, the former US Air Force major incorporated True Anomaly, Inc to “solve the most challenging orbital warfare problems for the US Space Force,” he later tweeted.

According to a recent filing with the US Federal Communication Commission (FCC), True Anomaly is now gearing up for its first orbital mission. In October, True Anomaly hopes to launch two Jackal “orbital pursuit” spacecraft aboard a SpaceX rocket to low earth orbit. The Jackals will not house guns, warheads, or laser blasters, but they will be capable of rendezvous proximity operations (RPO)—the ability to maneuver close to other satellites and train a battery of sensors upon them. This could reveal their rivals’ surveillance and weapons systems, or help intercept communications. 

In their first mission, dubbed Demo-1, the Jackals will merely spy on each other, using thrusters, radar, and multi-spectral cameras to approach within a few hundred meters. If that goes well, Rogers envisages deploying thousands of autonomous spacecraft in service of the US military, controlled by a team of human operators and AI “to pursue adversaries wherever they fly, and to provide the tools of accountability.”

Those tools start with understanding what technologies America’s adversaries are deploying in space. “But an active defense is going to be required,” says Rogers, now True Anomaly’s CEO. “If you take the job of defense and protection of the domain seriously, you have to have the ability to do the joint functions of maneuver and fires.” In military speak, “fires” means kinetic weapons like guns and shells, as well as jamming, electronic warfare, and cyberattacks.  

Nothing on True Anomaly’s website suggests that it is developing its own offensive weapons. However, in a series of posts last summer, Rogers tweeted: “Tactically disabling enemy spacecraft can be the difference between the loss of an entire Carrier Strike Group or its survival … And there are many ways to destroy spacecraft that don’t ruin the environment. After all, they are just floating computers.”

RPO itself is nothing new. In a report last September, the Secure World Foundation, a private foundation promoting cooperative solutions in space, detailed dozens of military RPO operations in geostationary and low earth orbits since the Cold War. Most of these involve American, Russian, or Chinese spacecraft sidling up to each other’s satellites, presumably to see what they look like or to eavesdrop on their communications.

There are also emerging peaceful uses of RPO, such as space tugs that can repair or relocate failed satellites, or remove dangerous space junk. The Secure World Foundation helps run an organization called Confers that is setting voluntary technical standards for commercial RPO. True Anomaly is one of around 60 Confers members. “If we ever want to do things like cleaning up space debris, we have to develop these technologies,” says Brian Weeden, the foundation’s director of planning. However, True Anomaly is the first RPO startup explicitly focusing on the military market, he says.  

Rogers’s last job for the government was leading teams within US Space Command that planned how and when to deploy defensive and offensive military space systems. He and his cofounders, Dan Brunski, Tom Nichols, and Kyle Zakrzewski, also former Air Force and Space Force officers, “knew the problem better than anybody else, dealt with the limitations of technology on a day-to-day basis, and were frustrated with those limitations,” Rogers says. Rather than wait for a large industrial defense contractor to get around to it, they decided to solve the problem themselves. The deployment of space weapons, he says, “is much closer than most people would think.”

According to US Security Exchange Commission filings, True Anomaly has already raised over $23 million from investors. This includes a December investment from Narya, a venture capital firm cofounded by US senator JD Vance, a MAGA-leaning Ohio Republican. (Rogers says that True Anomaly itself has no political affiliation.) 

The company recently signed a lease on a 35,000-square-foot factory in the suburbs of Denver, Colorado. As well as manufacturing the Jackal satellites, True Anomaly engineers are designing a cloud-based control system to integrate autonomous agents and human operators, using commercial game engines like Unity to build interactive real-time applications and developing high-fidelity physics software to help the Jackals maneuver in space. True Anomaly has already applied for a trademark covering, among other things, hardware and software for “orbital space-to-space imagery, rendezvous proximity, and target acquisition systems.” 

“What is different about True Anomaly is the way it seems to be presenting its satellite as more of a pursuit system, than an imaging or an intelligence gathering system,” says Kaitlyn Johnson, deputy director of the Aerospace Security Project at the Center for Strategic & International Studies. “This does concern me because it could cause unintentional escalation. Especially with the founder’s Air Force background, it might be read by our adversaries as a military-directed company that was starting to pursue this capability.”

The company’s first challenge could be keeping its own floating computers intact. “Cooperative RPO is already hard,” says Johnson. “You can see that from the demonstrations by Astroscale and Northrop with their servicing satellites, which were years in the planning.” A cooperative RPO mission by NASA in 2005 called DART failed when the spacecraft malfunctioned, crashed into its target satellite, and was destroyed. 

Pursuit missions of adversarial satellites are likely to be much riskier still, says Johnson: “You don’t have the same data coming from the other satellite. You maybe don’t have the diagrams and diagnostics of what the satellite looks like so that you know what you’re about to encounter.”

Any collision in orbit can generate many thousands of pieces of space junk, each of which could damage other satellites, creating yet more debris. Researchers worry about increasing orbital debris ultimately triggering a catastrophic cascade known as the Kessler Syndrome. Rogers says that collision avoidance is a possibility “that we track very closely and aggressively. We’re committed to acting responsibly and sustainably in the space domain.”

Rogers himself is no stranger to risk. Before starting True Anomaly, he founded and led a crypto hedge fund called Phobos Capital. And prior to that, he incorporated a company called 3720 to 1, Inc—a reference to the odds of Han Solo successfully navigating an asteroid field in _The Empire Strikes Back_, according to C-3PO. 

Whether Rogers’ pursuit of a satellite venture is more likely to succeed, or just another piece of gung-ho science fiction, should be a lot clearer after SpaceX’s rocket launches in October.

Enter the Hunter Satellites Preparing for Space War

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Artikkelin numero: 000206943

**DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities****Yhteenveto: Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.**

**Artikkelin sisältö**

**Vaikutus**

Critical

**Tiedot**

**Third-party Component**

**CVEs**

**More Information**

VMware ESXi

CVE-2022-31696

For more information, see VMSA-2022-0030

CVE-2022-31699

CVE-2022-31705

For more information, see VMSA-2022-0033

VMware vCenter

CVE-2021-22048

For more information, see VMSA-2021-0025.6

CVE-2022-31697

For more information, see VMSA-2022-0030

CVE-2022-31698

CVE-2020-28196

 

VMware Tools

CVE-2022-31676

For more information, see VMSA-2022-0024.1

VxRail Manager

CVE-2022-46756

 

Dell iDRAC9

CVE-2022-0778

Open SSL vulnerability, see DSA-2022-154 for more information

CVE-2022-34435

For more information, see DSA-2022-265

PowerEdge BIOS 13G

CVE-2022-22558

 

CVE-2019-14584

 

CVE-2021-28210

 

CVE-2021-28211

 

CVE-2021-0060

For more information, see Intel-SA-00470

CVE-2021-0147

CVE-2021-0127

For more information, see Intel-SA-00532

CVE-2021-0091

For more information, see Intel-SA-00527

CVE-2021-0092

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0119

CVE-2021-0124

CVE-2021-0125

CVE-2021-0153

For more information, see Intel-SA-00601

CVE-2021-0154

CVE-2021-0155

CVE-2021-0159

CVE-2021-0188

CVE-2021-0189

CVE-2021-0190

CVE-2021-33103

CVE-2021-33122

CVE-2021-33123

CVE-2021-33124

CVE-2022-0004

For more information, see Intel-SA-00613

CVE-2022-0005

For more information, see Intel-SA-00614

CVE-2021-21131

For more information, see Intel-SA-00616

CVE-2021-21136

CVE-2022-21123

For more information, see DSA-2022-161 and Intel-SA-00615

CVE-2022-21125

CVE-2022-21127

CVE-2022-21166

PowerEdge BIOS 13G, 15G

CVE-2022-21233

For more information, see Intel-SA-00657

CVE-2021-33060

For more information, see Intel-SA-00686

CVE-2022-26074

For more information, see Intel-SA-00669

PowerEdge BIOS 14G, 15G

CVE-2022-34376

For more information, see DSA-2022-204

CVE-2022-34377

CVE-2022-34406

CVE-2022-34407

CVE-2022-34408

CVE-2022-34409

CVE-2022-34410

CVE-2022-34411

CVE-2022-34412

CVE-2022-34413

CVE-2022-34414

CVE-2022-34415

CVE-2022-34416

CVE-2022-34417

CVE-2022-34418

CVE-2022-34419

CVE-2022-34420

CVE-2022-34421

CVE-2022-34422

CVE-2022-34423

PowerEdge BIOS

CVE‑2021‑26316

For more information, see DSA-2023-002

CVE-2021-26328

CVE-2021-26343

CVE-2021-26353

CVE-2021-26355

CVE-2021-26396

CVE-2021-26398

CVE-2021-26402

CVE-2021-26403

CVE-2021-26404

CVE-2021-26407

CVE-2021-26409

CVE-2021-39298

CVE-2021-46767

CVE-2021-46768

CVE-2021-46779

CVE-2021-46791

CVE-2022-23813

CVE-2022-23814

CVE-2023-20522

CVE-2023-20523

CVE-2023-20525

CVE-2023-20527

CVE-2023-20528

CVE-2023-20529

CVE-2023-20530

CVE-2023-20531

CVE-2023-20532

SUSE

CVE-2015-20107

www.SUSE.com

CVE-2016-3695

CVE-2017-17087

CVE-2019-13224

CVE-2019-16163

CVE-2019-19203

CVE-2019-19204

CVE-2019-19246

CVE-2019-19377

CVE-2019-19906

CVE-2019-20454

CVE-2020-25657

CVE-2020-26159

CVE-2020-26541

CVE-2020-27784

CVE-2020-36516

CVE-2020-36557

CVE-2020-36558

CVE-2021-20321

CVE-2021-26341

CVE-2021-26401

CVE-2021-28861

CVE-2021-31799

CVE-2021-31810

CVE-2021-32066

CVE-2021-33061

CVE-2021-33655

CVE-2021-33656

CVE-2021-3572

CVE-2021-3695

CVE-2021-3696

CVE-2021-3697

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3875

CVE-2021-3903

CVE-2021-3927

CVE-2021-3928

CVE-2021-3968

CVE-2021-3973

CVE-2021-3974

CVE-2021-3984

CVE-2021-4019

CVE-2021-4069

CVE-2021-4136

CVE-2021-4155

CVE-2021-4157

CVE-2021-4166

CVE-2021-41817

CVE-2021-4192

CVE-2021-4193

CVE-2021-4203

CVE-2021-43527

CVE-2021-43565

CVE-2021-46059

CVE-2021-46828

CVE-2022-0001

CVE-2022-0002

CVE-2022-0128

CVE-2022-0168

CVE-2022-0213

CVE-2022-0261

CVE-2022-0318

CVE-2022-0319

CVE-2022-0351

CVE-2022-0359

CVE-2022-0361

CVE-2022-0392

CVE-2022-0407

CVE-2022-0413

CVE-2022-0561

CVE-2022-0562

CVE-2022-0696

CVE-2022-0865

CVE-2022-0891

CVE-2022-0908

CVE-2022-0909

CVE-2022-0924

CVE-2022-1011

CVE-2022-1012

CVE-2022-1056

CVE-2022-1116

CVE-2022-1158

CVE-2022-1184

CVE-2022-1271

CVE-2022-1292

CVE-2022-1304

CVE-2022-1353

CVE-2022-1381

CVE-2022-1420

CVE-2022-1462

CVE-2022-1516

CVE-2022-1552

CVE-2022-1586

CVE-2022-1587

CVE-2022-1616

CVE-2022-1619

CVE-2022-1620

CVE-2022-1652

CVE-2022-1679

CVE-2022-1720

CVE-2022-1729

CVE-2022-1733

CVE-2022-1734

CVE-2022-1735

CVE-2022-1771

CVE-2022-1785

CVE-2022-1796

CVE-2022-1851

CVE-2022-1897

CVE-2022-1898

CVE-2022-1927

CVE-2022-1966

CVE-2022-1968

CVE-2022-1974

CVE-2022-1975

CVE-2022-20132

CVE-2022-20141

CVE-2022-20154

CVE-2022-20166

CVE-2022-20368

CVE-2022-20369

CVE-2022-2068

CVE-2022-2097

CVE-2022-21123

CVE-2022-21125

CVE-2022-21127

CVE-2022-21166

CVE-2022-21180

CVE-2022-2124

CVE-2022-2125

CVE-2022-2126

CVE-2022-2129

CVE-2022-21426

CVE-2022-21434

CVE-2022-21443

CVE-2022-21476

CVE-2022-21496

CVE-2022-21505

CVE-2022-21540

CVE-2022-21541

CVE-2022-2175

CVE-2022-2182

CVE-2022-2183

CVE-2022-2206

CVE-2022-2207

CVE-2022-2208

CVE-2022-2210

CVE-2022-2231

CVE-2022-2257

CVE-2022-2264

CVE-2022-2284

CVE-2022-2285

CVE-2022-2286

CVE-2022-2287

CVE-2022-22967

CVE-2022-2304

CVE-2022-2318

CVE-2022-23308

CVE-2022-2343

CVE-2022-2344

CVE-2022-2345

CVE-2022-23648

CVE-2022-23960

CVE-2022-24769

CVE-2022-24903

CVE-2022-2509

CVE-2022-2522

CVE-2022-2571

CVE-2022-2580

CVE-2022-2581

CVE-2022-2588

CVE-2022-2598

CVE-2022-2625

CVE-2022-26365

CVE-2022-26373

CVE-2022-2639

CVE-2022-2663

CVE-2022-26691

CVE-2022-27191

CVE-2022-27239

CVE-2022-27404

CVE-2022-27405

CVE-2022-27406

CVE-2022-27781

CVE-2022-27782

CVE-2022-2816

CVE-2022-2817

CVE-2022-2819

CVE-2022-2845

CVE-2022-2849

CVE-2022-2862

CVE-2022-28733

CVE-2022-28734

CVE-2022-28735

CVE-2022-28736

CVE-2022-28739

CVE-2022-2874

CVE-2022-2889

CVE-2022-28893

CVE-2022-2905

CVE-2022-29154

CVE-2022-29155

CVE-2022-29162

CVE-2022-2923

CVE-2022-2946

CVE-2022-29581

CVE-2022-2977

CVE-2022-29824

CVE-2022-29900

CVE-2022-29901

CVE-2022-3016

CVE-2022-3028

CVE-2022-30594

CVE-2022-31030

CVE-2022-31676

CVE-2022-31741

CVE-2022-32206

CVE-2022-32208

CVE-2022-32250

CVE-2022-32742

CVE-2022-33068

CVE-2022-33740

CVE-2022-33741

CVE-2022-33742

CVE-2022-33981

CVE-2022-34169

CVE-2022-34903

CVE-2022-36879

CVE-2022-36946

CVE-2022-37434

CVE-2022-39188

  

**Third-party Component**

**CVEs**

**More Information**

VMware ESXi

CVE-2022-31696

For more information, see VMSA-2022-0030

CVE-2022-31699

CVE-2022-31705

For more information, see VMSA-2022-0033

VMware vCenter

CVE-2021-22048

For more information, see VMSA-2021-0025.6

CVE-2022-31697

For more information, see VMSA-2022-0030

CVE-2022-31698

CVE-2020-28196

 

VMware Tools

CVE-2022-31676

For more information, see VMSA-2022-0024.1

VxRail Manager

CVE-2022-46756

 

Dell iDRAC9

CVE-2022-0778

Open SSL vulnerability, see DSA-2022-154 for more information

CVE-2022-34435

For more information, see DSA-2022-265

PowerEdge BIOS 13G

CVE-2022-22558

 

CVE-2019-14584

 

CVE-2021-28210

 

CVE-2021-28211

 

CVE-2021-0060

For more information, see Intel-SA-00470

CVE-2021-0147

CVE-2021-0127

For more information, see Intel-SA-00532

CVE-2021-0091

For more information, see Intel-SA-00527

CVE-2021-0092

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0119

CVE-2021-0124

CVE-2021-0125

CVE-2021-0153

For more information, see Intel-SA-00601

CVE-2021-0154

CVE-2021-0155

CVE-2021-0159

CVE-2021-0188

CVE-2021-0189

CVE-2021-0190

CVE-2021-33103

CVE-2021-33122

CVE-2021-33123

CVE-2021-33124

CVE-2022-0004

For more information, see Intel-SA-00613

CVE-2022-0005

For more information, see Intel-SA-00614

CVE-2021-21131

For more information, see Intel-SA-00616

CVE-2021-21136

CVE-2022-21123

For more information, see DSA-2022-161 and Intel-SA-00615

CVE-2022-21125

CVE-2022-21127

CVE-2022-21166

PowerEdge BIOS 13G, 15G

CVE-2022-21233

For more information, see Intel-SA-00657

CVE-2021-33060

For more information, see Intel-SA-00686

CVE-2022-26074

For more information, see Intel-SA-00669

PowerEdge BIOS 14G, 15G

CVE-2022-34376

For more information, see DSA-2022-204

CVE-2022-34377

CVE-2022-34406

CVE-2022-34407

CVE-2022-34408

CVE-2022-34409

CVE-2022-34410

CVE-2022-34411

CVE-2022-34412

CVE-2022-34413

CVE-2022-34414

CVE-2022-34415

CVE-2022-34416

CVE-2022-34417

CVE-2022-34418

CVE-2022-34419

CVE-2022-34420

CVE-2022-34421

CVE-2022-34422

CVE-2022-34423

PowerEdge BIOS

CVE‑2021‑26316

For more information, see DSA-2023-002

CVE-2021-26328

CVE-2021-26343

CVE-2021-26353

CVE-2021-26355

CVE-2021-26396

CVE-2021-26398

CVE-2021-26402

CVE-2021-26403

CVE-2021-26404

CVE-2021-26407

CVE-2021-26409

CVE-2021-39298

CVE-2021-46767

CVE-2021-46768

CVE-2021-46779

CVE-2021-46791

CVE-2022-23813

CVE-2022-23814

CVE-2023-20522

CVE-2023-20523

CVE-2023-20525

CVE-2023-20527

CVE-2023-20528

CVE-2023-20529

CVE-2023-20530

CVE-2023-20531

CVE-2023-20532

SUSE

CVE-2015-20107

www.SUSE.com

CVE-2016-3695

CVE-2017-17087

CVE-2019-13224

CVE-2019-16163

CVE-2019-19203

CVE-2019-19204

CVE-2019-19246

CVE-2019-19377

CVE-2019-19906

CVE-2019-20454

CVE-2020-25657

CVE-2020-26159

CVE-2020-26541

CVE-2020-27784

CVE-2020-36516

CVE-2020-36557

CVE-2020-36558

CVE-2021-20321

CVE-2021-26341

CVE-2021-26401

CVE-2021-28861

CVE-2021-31799

CVE-2021-31810

CVE-2021-32066

CVE-2021-33061

CVE-2021-33655

CVE-2021-33656

CVE-2021-3572

CVE-2021-3695

CVE-2021-3696

CVE-2021-3697

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3875

CVE-2021-3903

CVE-2021-3927

CVE-2021-3928

CVE-2021-3968

CVE-2021-3973

CVE-2021-3974

CVE-2021-3984

CVE-2021-4019

CVE-2021-4069

CVE-2021-4136

CVE-2021-4155

CVE-2021-4157

CVE-2021-4166

CVE-2021-41817

CVE-2021-4192

CVE-2021-4193

CVE-2021-4203

CVE-2021-43527

CVE-2021-43565

CVE-2021-46059

CVE-2021-46828

CVE-2022-0001

CVE-2022-0002

CVE-2022-0128

CVE-2022-0168

CVE-2022-0213

CVE-2022-0261

CVE-2022-0318

CVE-2022-0319

CVE-2022-0351

CVE-2022-0359

CVE-2022-0361

CVE-2022-0392

CVE-2022-0407

CVE-2022-0413

CVE-2022-0561

CVE-2022-0562

CVE-2022-0696

CVE-2022-0865

CVE-2022-0891

CVE-2022-0908

CVE-2022-0909

CVE-2022-0924

CVE-2022-1011

CVE-2022-1012

CVE-2022-1056

CVE-2022-1116

CVE-2022-1158

CVE-2022-1184

CVE-2022-1271

CVE-2022-1292

CVE-2022-1304

CVE-2022-1353

CVE-2022-1381

CVE-2022-1420

CVE-2022-1462

CVE-2022-1516

CVE-2022-1552

CVE-2022-1586

CVE-2022-1587

CVE-2022-1616

CVE-2022-1619

CVE-2022-1620

CVE-2022-1652

CVE-2022-1679

CVE-2022-1720

CVE-2022-1729

CVE-2022-1733

CVE-2022-1734

CVE-2022-1735

CVE-2022-1771

CVE-2022-1785

CVE-2022-1796

CVE-2022-1851

CVE-2022-1897

CVE-2022-1898

CVE-2022-1927

CVE-2022-1966

CVE-2022-1968

CVE-2022-1974

CVE-2022-1975

CVE-2022-20132

CVE-2022-20141

CVE-2022-20154

CVE-2022-20166

CVE-2022-20368

CVE-2022-20369

CVE-2022-2068

CVE-2022-2097

CVE-2022-21123

CVE-2022-21125

CVE-2022-21127

CVE-2022-21166

CVE-2022-21180

CVE-2022-2124

CVE-2022-2125

CVE-2022-2126

CVE-2022-2129

CVE-2022-21426

CVE-2022-21434

CVE-2022-21443

CVE-2022-21476

CVE-2022-21496

CVE-2022-21505

CVE-2022-21540

CVE-2022-21541

CVE-2022-2175

CVE-2022-2182

CVE-2022-2183

CVE-2022-2206

CVE-2022-2207

CVE-2022-2208

CVE-2022-2210

CVE-2022-2231

CVE-2022-2257

CVE-2022-2264

CVE-2022-2284

CVE-2022-2285

CVE-2022-2286

CVE-2022-2287

CVE-2022-22967

CVE-2022-2304

CVE-2022-2318

CVE-2022-23308

CVE-2022-2343

CVE-2022-2344

CVE-2022-2345

CVE-2022-23648

CVE-2022-23960

CVE-2022-24769

CVE-2022-24903

CVE-2022-2509

CVE-2022-2522

CVE-2022-2571

CVE-2022-2580

CVE-2022-2581

CVE-2022-2588

CVE-2022-2598

CVE-2022-2625

CVE-2022-26365

CVE-2022-26373

CVE-2022-2639

CVE-2022-2663

CVE-2022-26691

CVE-2022-27191

CVE-2022-27239

CVE-2022-27404

CVE-2022-27405

CVE-2022-27406

CVE-2022-27781

CVE-2022-27782

CVE-2022-2816

CVE-2022-2817

CVE-2022-2819

CVE-2022-2845

CVE-2022-2849

CVE-2022-2862

CVE-2022-28733

CVE-2022-28734

CVE-2022-28735

CVE-2022-28736

CVE-2022-28739

CVE-2022-2874

CVE-2022-2889

CVE-2022-28893

CVE-2022-2905

CVE-2022-29154

CVE-2022-29155

CVE-2022-29162

CVE-2022-2923

CVE-2022-2946

CVE-2022-29581

CVE-2022-2977

CVE-2022-29824

CVE-2022-29900

CVE-2022-29901

CVE-2022-3016

CVE-2022-3028

CVE-2022-30594

CVE-2022-31030

CVE-2022-31676

CVE-2022-31741

CVE-2022-32206

CVE-2022-32208

CVE-2022-32250

CVE-2022-32742

CVE-2022-33068

CVE-2022-33740

CVE-2022-33741

CVE-2022-33742

CVE-2022-33981

CVE-2022-34169

CVE-2022-34903

CVE-2022-36879

CVE-2022-36946

CVE-2022-37434

CVE-2022-39188

  

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

**Product**

**Affected Versions**

**Updated Versions**

Dell VxRail Appliance

7.0.x versions before 7.0.410

7.0.410

**Product**

**Affected Versions**

**Updated Versions**

Dell VxRail Appliance

7.0.x versions before 7.0.410

7.0.410

**Versiohistoria**

**Revision**

**Date**

**Description**

1.0

2022-12-22

Initial Release

1.1

2022-01-06

Added CVE

1.2

2023-01-11

Added PowerEdge BIOS CVE.

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

**Artikkelin ominaisuudet**

**Tuote, johon asia vaikuttaa**

VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series , VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VXRAIL P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F ...

**Edellinen julkaisupäivä**

11 tammik. 2023

**Versio**

4

**Artikkelin tyyppi**

Dell Security Advisory

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function.

**Command Injection Affecting is-http2 package, versions **\*****

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

*   Snyk ID **SNYK-JS-ISHTTP2-3153878**
*   published **31 Jan 2023**
*   disclosed **5 Dec 2022**
*   credit **JHU System Security Lab**

**How to fix?**

There is no fixed version for is-http2.

**Overview**

Affected versions of this package are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function.

**PoC**

    var root = require("is-http2")
    root("./",{openssl:"touch JHU"})

Tag

#ssl