Tanzania Computer Emergency Response Team

Red Hat Security Update

11th August 2023

Red Hat has released security updates to address vulnerabilities in Red Hat Update Infrastructure (RHUI). Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Red Hat Security Advisory RHSA-2023:4591 and apply necessary updates.

Debian Security Update

11th August 2023

Debian has released security updates to address vulnerabilities affecting the orthanc and cjose packages. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Debian Security Advisories DSA-5472-1 and DSA-5473-1 and apply necessary updates.

Remote Unauthenticated API Access Vulnerability

11th August 2023

Advisory No: TZCERT/SA/2023/08/11 Date of First Release: 11th August 2023 Source: Ivanti Overview: Ivanti has released security patches to address a critical vulnerability affecting multiple versions of Ivanti End Point Manager Mobile (EPMM). This vulnerability could allow an attacker to obtain sensitive information and take control of an affected system. …

Siemens Security Update

10th August 2023

Siemens has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Siemens Security Advisories dated 8th August 2023 and apply necessary updates.

Amazon Linux Security Update

10th August 2023

Amazon has released security updates to address vulnerabilities affecting Amazon Linux. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service conditions to an affected system. Users and Administrators are encouraged to review Amazon Linux Security Advisory ALAS-2023-1790 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

Red Hat Security Update

Debian Security Update

Remote Unauthenticated API Access Vulnerability

Siemens Security Update

Amazon Linux Security Update

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)