Tanzania Computer Emergency Response Team
Advisory No: TZCERT/SA/2021/10/06 Date of First Release: 06th October 2021 Source: Apache Software Affected: Apache HTTP Server 2.4.49 Overview The vulnerability exists in the Apache web servers running version 2.4.49. The exploitation of this vulnerability could allow an attacker to use a path traversal attack to map URLs to files outside the expected document root. …
Read More »A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Azure Cosmos DB Jupyter Notebook Feature vulnerability
Advisory No: TZCERT/SA/2021/08/31 Date of First Release: 31st August 2021 Source: Microsoft Software Affected: Azure Cosmos DB Overview: The vulnerability exists in the Azure Cosmos DB Jupyter Notebook feature. The exploitation of this vulnerability could allow a user to gain access to another customer’s resources by using the account’s primary read-write key. Description: The vulnerability …
Read More »ProxyShell Attacks targeting Microsoft Exchange Servers – CVE-2021-31207, CVE-2021-34473, CVE-2021-34523
Advisory No: TZCERT/SA/2021/08/24 Date of First Release: 24th August 2021 Source: Microsoft Software Affected: Microsoft Exchange Server 2019Microsoft Exchange Server 2016Microsoft Exchange Server 2013 Overview: Microsoft Exchange Server contains remote code execution vulnerabilities as a result of improper input validation. Exploitation attempts leverage the latest line of “ProxyShell” Microsoft Exchange vulnerabilities. Description: Vulnerabilities exist in a way Microsoft Exchange Servers …
Read More »Microsoft Windows Print Spooler RCE vulnerability
Advisory No: TZCERT/SA/2021/07/01 Date of First Release: 01st July 2021 Source: Microsoft Software Affected: Microsoft Windows Print Spooler Service Overview: Vulnerability exists in Microsoft Windows Print Spooler service due to failure in restricting access to the RpcAddPrinterDriverEx() function, which could allow a remote attacker to execute arbitrary code with SYSTEM privileges on a …
Read More »CYBER ATTACKS ON CRITICAL INFORMATION INFRASTRUCURE (CII)
Tanzania Computer Emergency Response Team (TZ-CERT), established under Tanzania Communications Regulatory Authority (TCRA), is aware of a cyber-attack targeting organizations with Critical Information Infrastructure (CII). The threat actors are reported to use a new variant of ransomware referred to as “DarkSide” to lock down computer systems and ask the victims …
Read More »VULNERABILITIES IN MICROSOFT EXCHANGE SERVER
Tanzania Computer Emergency Response Team (TZ-CERT), established under Tanzania Communications Regulatory Authority (TCRA), is aware of the multiple vulnerabilities being capitalized by threat actors to attack Microsoft Exchange Servers. A successful exploitation of the vulnerabilities may allow an unauthenticated attacker to execute arbitrary code on vulnerable Exchange Servers, thereby gaining …
Read More »VMware Remote Code Execution and Authentication Vulnerability (CVE-2021-21985, CVE-2021-21986)
Advisory No: TZCERT/SA/2021/05/27 Date of First Release: 27th May 2021 Source: VMware Software Affected: VMware vCenter Server (vCenter Server)VMware Cloud Foundation (Cloud Foundation) Overview: Multiple vulnerabilities exist in vSphere Client (HTML5) that could cause remote code execution (CVE-2021-21985) and perform actions allowed by Virtual SAN Health Check plug-in without authentication (CVE-2021-21986). Description: The vSphere Client …
Read More »Google Chrome Zero-Day remote code execution vulnerability (CVE-2021-21220)
Advisory No: TZCERT/SA/2021/04/15 Date of First Release: 15th April 2021 Source: Google Software Affected: Google Chrome (Desktop version) prior to 89.0.4389.128 Overview: The vulnerability is caused by insufficient validation of untrusted input in google chrome’s V8 javascript rendering engine. Description: A remote attacker could entice a user to open a web page with specially crafted …
Read More »Microsoft Exchange Server Zero-Day remote code execution vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Advisory No: TZCERT/SA/2021/03/04 Date of First Release: 04th March 2021 Source: Microsoft Software Affected: Microsoft Exchange Server 2013Microsoft Exchange Server 2016Microsoft Exchange Server 2019 Overview: The four Microsoft Exchange vulnerabilities are part of an attack chain that may cause an unauthenticated attacker to execute arbitrary code remotely. These vulnerabilities are Server-Side Request Forgery (SSRF) …
Read More »VMware Remote Code Execution Vulnerability – CVE-2021-21972, CVE-2021-21973 and CVE-2021-21974
Advisory No: TZCERT/SA/2021/02/25 Date of First Release: 25th February 2021 Source: VMware Software Affected: VMware vCenter Server version 6.5, 6.7 and 7.0VMware ESXi version 6.5, 6.7 and 7.0VMware Cloud Foundation (vCenter Server) version 3.x and 4.xVMware Cloud Foundation (ESXi) version 3.x and 4.x Overview: The vSphere Client (HTML5) contains a remote code execution vulnerability …
Read More »