A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site

Alerts

Remote Unauthenticated API Access Vulnerability

11th August 2023

Advisory No: TZCERT/SA/2023/08/11

Date of First Release: 11th August 2023

Source: Ivanti

Overview:

Ivanti has released security patches to address a critical vulnerability affecting multiple versions of Ivanti End Point Manager Mobile (EPMM). This vulnerability could allow an attacker to obtain sensitive information and take control of an affected system.

Description:

Ivanti End Point Manager Mobile (EPMM) formerly known as MobileIron Core affected by a remote unauthenticated API Access vulnerability. The vulnerability allows an authenticated attacker to access restricted functionality or resources of the application without proper authentication.

Impact:

Successful exploitation of this vulnerability allows an attacker to take control of an affected system.

Solution:

Ivanti has released security patches for this vulnerability. Users and Administrators are encouraged to apply necessary updates.

Reference:

  1. https://forums.ivanti.com/s/article/CVE-2023-35078-Remote-unauthenticated-API-access-vulnerability?language=en_US
  2. https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/

Siemens Security Update

10th August 2023

Siemens has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Siemens Security Advisories dated 8th August 2023 and apply necessary updates.

Amazon Linux Security Update

10th August 2023

Amazon has released security updates to address vulnerabilities affecting Amazon Linux. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service conditions to an affected system.

Users and Administrators are encouraged to review Amazon Linux Security Advisory ALAS-2023-1790 and apply necessary updates.

Zoom Security Update

10th August 2023

Zoom has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Zoom Security Bulletins dated 8th August 2023 and apply necessary updates.

Intel Security Update

10th August 2023

Intel has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Intel Security Advisories dated 8th August 2023 and apply necessary updates.

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.