ISG Positions Basefarm as leader in next generation private and hybrid cloud solutions

CPU in socket

CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability

Published by Microsoft: 02/11/2020
MITRE CVE-2020-0618

“A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.”

There exists a proof of concept and write-up.

Basefarm considers this a Base CVSS Score: 9.8 (Critical) – but there exists an official fix from Microsoft, bringing the Temporal CVSS Score down to a 9.4 (Critical).

And we consider most of our users do not expose Microsoft SQL Server Reporting Service directly to the internet, so this CVSS Environmental Score can be lowered down to a 7.6 (High).

Per Basefarm Vulnerability process we still consider this a priority 1 (of 3) issue, and we will not wait until normal patch window to mitigate this issue. Internally we are tracking this progress in BF-VLN-1990987, registered 2020-02-18.

Wordpress

ThemeREX Addons – Remote Code Execution (0day, Being Exploited)

Published by Wordfence: 2020-02-18
No known CVE

“This flaw allows attackers to remotely execute code on a site with the plugin installed, including the ability to execute code that can inject administrative user accounts.
This vulnerability has not yet been patched. We are only trying to get the word out so people can remove the plugin temporarily as the vulnerability is being actively exploited. ”

Basefarm considers this a Base CVSS Score: 9.8 (Critical) – there is no fix and it is currently being actively exploited.

Basefarm has done some initial investigations regarding the use of this WordPress Theme, but has not identified any customers or internal usage. Basefarm has decided not to track this vulnerability further internally, but want to make it visible by posting this vulnerability bulletin.

Black network swtich with cables.

VMSA-2020-0003 vRealize Operations for Horizon Adapter updates address multiple security vulnerabilities (CVE-2020-3943, CVE-2020-3944, CVE-2020-3945)

Published by VMware: 2020-02-18
MITRE CVE-2020-3943

“vRealize Operations for Horizon Adapter uses a JMX RMI service which is not securely configured. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.0.”

“vRealize Operations for Horizon Adapter has an improper trust store configuration leading to authentication bypass. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.6.”

“vRealize Operations for Horizon Adapter contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.”

The issue has been evaluated by our VMware technicians and Basefarm has concluded that we do not use Horizon Adapter and our systems are therefor not affected by these vulnerabilities.

Golden Gate bridge during sunset

CVE-2020-3158 – Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability

Published by Cisco: 2020-02-19
MITRE CVE-2020-3158

“A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account.”

The vulnerability has a CVSS Base score of 9.8, Critical.

Basefarm has triaged this vulnerability and found that we are not using the Cisco Smart Software Manager On-Prem software. Basefarm will not track this vulnerability further.

Basefarm security news

This blog post is a short summary of this week’s Information Security News put together by SecOps team.

Basefarm have started to publish vulnerability bulletin in the blog posts, feel free to share this with our customers:

https://blog.basefarm.com/blog/category/security-blog/vuln-bullet/feed/

 

Top 3 Security News:

CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability

Critical Cisco Bug Opens Software Licencing Manager to Remote Attack

You are never secure with a WordPress

CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert

 

 

 

Happy Birthday, CVE!

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

It was October 1999. Macs had just got embedded Wi-Fi, Napster had launched, and Yahoo had purchased Geocities for $3.6bn. Something else happened that escaped most computer users at the time: CVE posted its first bug. The Common Vulnerabilities and Exposures (CVE) system is 20 years old this week.

Created by the non-profit Mitre Corporation, which oversees several federal government programs, CVE provides common identifiers for cybersecurity bugs, making them easier to track and fix.

Read more

Top 5 Security News

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!

DNS over HTTPS Will Give You Back Privacy that Big ISPs Fought to Take Away

32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant

Breaches at NetworkSolutions, Register.com, and Web.com

Fake Voicemail/Office 365 Attack Targets Enterprise Execs

Grey and white long fured cat

CVE-2020-1938 – Apache Tomcat AJP Request Injection and potential Remote Code Execution

Published by Apache: 2020-02-24
MITRE CVE-2020-3158

“When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising.”

There is not enough details available yet, but the vulnerability has at least a CVSS Base score of 8.1, High. This depends on how hard it is to exploit, etc.

There is proof of concept published, but as of writing no known public exploitation of this vulnerability.

Basefarm customers will be upgraded as part of normal patching routines.