Tanzania Computer Emergency Response Team

Red Hat Security Update

25th August 2022

Red Hat has released security updates to address vulnerability in Red Hat OpenShift Workload Availability 1 x86_64. Exploitation of this vulnerability may allow an attacker to cause Denial of Service condition to an affected system. Users and Administrators are encouraged to review Red Hat Security Advisory and apply necessary updates.

Authentication Bypass and Directory Traversal vulnerabilities for Zimbra email platform (CVE-2022-27925, CVE-2022-37042)

19th August 2022

Advisory No: TZCERT/SA/2022/08/17 Date of First Release: 17th August 2022 Source: Zimbra Software Affected: Zimbra 8.8.15 and 9.0 Overview: Zimbra is affected by two high severity vulnerabilities ( CVSS score 7.2) due to weakness in Zimbra Collaboration, both of which could be chained to allow unauthenticated remote code execution on the affected email servers. …

Ubuntu Security Update

18th August 2022

Ubuntu has released security updates to address vulnerabilities in zlib and PyJWT. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Ubuntu Security Advisories USN-5570-1 and USN-5526-2 and apply necessary updates.

Cisco Security Update

18th August 2022

Cisco has released security updates to address vulnerabilities in Cisco Secure Web Appliance and Cisco Adaptive Security Device Manager. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Cisco Security Advisories cisco-sa-wsa and cisco–sa-asa-asdm and apply necessary updates.

Apple Security Update

18th August 2022

Apple has released security updates to address vulnerabilities in macOS, iOS and iPadOS. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Apple Security Advisories HT213413 and HT213412 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

Red Hat Security Update

Authentication Bypass and Directory Traversal vulnerabilities for Zimbra email platform (CVE-2022-27925, CVE-2022-37042)

Ubuntu Security Update

Cisco Security Update

Apple Security Update

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)