Advisory No: TZCERT/SA/2024/03/13-01 Date of First Release: 14th July 2023 Previous Advisory Number: TZCERT/SA/2023/07/14-03 Source: Cisco Software Affected: Cisco SD-WAN vManage software Overview: Cisco has released security patches to address a critical vulnerability affecting Cisco SD-WAN vManage software. The vulnerability could allow an attacker to attain unauthenticated access to REST …

Ubuntu has released security updates to address vulnerabilities in Linux kernel, libxml2 and accountsservice. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Ubuntu Security Advisories USN-6681-2, USN-6688-1, USN-6658-2 and USN-6687-1 and apply necessary updates.

Dell has released security updates to address vulnerabilities in Dell NetWorker vProxy and Dell NetWorker (NRE). Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Dell Security Advisories dsa-2024-091 and dsa-2023-126 and apply necessary updates.

NetApp has released security updates to address vulnerabilities in ISC Bind, libexpat, curl and Apache Commons. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition. Users and administrators are encouraged to review NetApp Security Advisories ntap-20240307-0007, ntap-20240307-0005, ntap-20240307-0004 and ntap-20240307-0010 and apply necessary updates.

Oracle has released security updates to address vulnerabilities in ChromeOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Security Advisories update-for-chromeos and update-for-chromeos-1 and apply necessary updates.

IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review IBM Security Advisories dated 11th March 2024 and apply necessary updates.

Mageia has released security updates to address vulnerabilities in libtiff and thunderbird. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition. Users and administrators are encouraged to review Mageia Security Advisories MGASA-2024-0055 and MGASA-2024-0054 and apply necessary updates.

Wordfence has released security updates to address vulnerabilities in Essential Addons for Elementor, Tutor LMS, WP Statistics and News Announcement Scroll. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review Wordfence Security Advisories essential-addons-for-elementor, tutor-lms, wp-statistics and news-announcement-scroll …

Shielder has released security update to address a vulnerability in pgAdmin. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review Shielder Security Advisory and apply necessary updates.

Google has released security updates to address vulnerabilities in Chrome products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Chrome Releases dated 7th March 2024 and apply necessary updates.