Tanzania Computer Emergency Response Team

IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework (CVE-2023-20883 and CVE-2016-1000027)

8th February 2024

Advisory No: TZCERT/SA/2024/02/08-2 Date of First Release: 8th February 2024 Source: IBM Software Affected: IBM Sterling Control Center Overview: IBM has disclosed the remote code vulnerabilities affecting IBM Sterling Control Center. The vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Description: The vulnerabilities …

Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities (CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255)

8th February 2024

Advisory No: TZCERT/SA/2024/02/08-1 Date of First Release: 8th February 2024 Source: Cisco Software Affected: Cisco Expressway Series Overview: Cisco Expressway Series are affected by vulnerabilities tracked as CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255 which could allow remote attacker to perform arbitrary actions via cross-site request forgery vulnerability affecting the system. Description: Following …

TZCERT-SU-24-0149 (Elasticsearch Security Update)

8th February 2024

Elasticsearch has released security updates to address vulnerabilities in APM server, Elastic Network Drive Connector and Kibana. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Elasticsearch Security Advisories apm-server, elastic-network-drive-connector, kibana-8-12-1 and kibana-8-12-1-7-17-18 and apply necessary updates.

TZCERT-SU-24-0148 (Chrome Security Update)

8th February 2024

Google has released security updates to address vulnerabilities in Chrome for iOS and ChromeOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Security Advisories update-for-ios and update-for-chromeos and apply necessary updates.

TZCERT-SU-24-0147 (Ubuntu Security Update)

8th February 2024

Ubuntu has released security updates to address vulnerabilities in kernel and Firefox. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Ubuntu Security Advisories USN-6626-1 and USN-6610-2 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework (CVE-2023-20883 and CVE-2016-1000027)

Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities (CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255)

TZCERT-SU-24-0149 (Elasticsearch Security Update)

TZCERT-SU-24-0148 (Chrome Security Update)

TZCERT-SU-24-0147 (Ubuntu Security Update)

Subscribe to Receive Regular Updates

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Critical vulnerabilities affecting IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector (CVE-2022-42920, CVE-2023-51385 and CVE-2023-39410)

AIKit 4.14.1 Authenticated SQL Injection (CVE-2024-31370)

Critical remote code execution vulnerability in XZ Library (CVE-2024-3094)