Ubuntu has released security updates to address vulnerabilities in WebKitGTK and Glance_Store. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Ubuntu Security Advisories USN-6631-1 and USN-6630-1 and apply necessary updates.

Advisory No: TZCERT/SA/2024/02/08-2

Date of First Release: 8^th February 2024

Source: IBM

Software Affected: IBM Sterling Control Center

Overview:

IBM has disclosed the remote code vulnerabilities affecting IBM Sterling Control Center. The vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

Description:

The vulnerabilities with CVEID CVE-2016-1000027 and CVE-2023-20883 result from unsafe deserialization flaw in library under Pivota Spring Framework and the flaw VMware Tanzu Spring boot when Spring MVC is used together with a reverse proxy cache respectively. From the two vulnerabilities, the first one can be leveraged by using the specially crafted input to execute arbitrary code on the affected system whilst the other through the specially crafted request can result into denial-of-service condition.

Impact:

Successful exploitation of these vulnerabilities may allow the remote attacker to take control of the affected system or cause a denial-of-service condition to the affected system.

Solution:

IBM has released security updates to resolve these vulnerabilities. Users and administrations are encouraged to update as soon as possible.

References:

1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-KnnZDMj3

Advisory No: TZCERT/SA/2024/02/08-1

Date of First Release: 8^th February 2024

Source: Cisco

Software Affected: Cisco Expressway Series

Overview:

Cisco Expressway Series are affected by vulnerabilities tracked as CVE-2024-20252, CVE-2024-20254 and CVE-2024-20255 which could allow remote attacker to perform arbitrary actions via cross-site request forgery vulnerability affecting the system.

Description:

Following insufficient CSRF protection for the web-based management interface, the API for Cisco Expressway devices is vulnerable to CSRF attacks. Remote attacker can use a crafted link to deceive authenticated user into clinking and then perform arbitrary actions with the privilege of the affected user. Also, CVE-2024-20255 can be used to alter vulnerable systems’ configuration and trigger denial of service conditions.

Impact:

Successful exploitation of these vulnerabilities may allow the remote attacker to take control of the affected system.

Solution:

Cisco has released security updates to resolve these vulnerabilities. Users and administrations are encouraged to update as soon as possible.

References:

1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-KnnZDMj3
2. https://securityaffairs.com/158830/security/cisco-fixes-critical-expressway-series-csrf-vulnerabilities.html

Elasticsearch has released security updates to address vulnerabilities in APM server, Elastic Network Drive Connector and Kibana. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Elasticsearch Security Advisories apm-server, elastic-network-drive-connector, kibana-8-12-1 and kibana-8-12-1-7-17-18 and apply necessary updates.

Google has released security updates to address vulnerabilities in Chrome for iOS and ChromeOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Chrome Security Advisories update-for-ios and update-for-chromeos and apply necessary updates.