Tanzania Computer Emergency Response Team

TZCERT-SU-24-0426 (Palo Alto Security Update)

20th April 2024

Palo Alto Networks has released security updates to address a vulnerability in GlobalProtect feature of Palo Alto Network PAN-OS software. Exploitation of this vulnerability may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Palo Alto Security Advisory and apply necessary updates.

TZCERT-SU-24-0425 (Oracle Linux Security Update)

20th April 2024

Oracle Linux has released security updates to address vulnerabilities in Oracle Linux OS. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Oracle Linux Security Advisories dated 18th April 2024 and apply necessary updates.

TZCERT-SU-24-0424 (InsightVM Security Update)

20th April 2024

Rapid7 has released security updates to address vulnerabilities in InsightVM. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review InsightVM Releases and apply necessary updates.

TZCERT-SU-24-0423 (GitLab Security Update)

20th April 2024

GitLab has released security updates to address vulnerabilities in in GitLab prior to version 16.11. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review GitLab Released and apply necessary updates.

TZCERT-SU-24-0422 (MongoDB Security Update)

20th April 2024

MongoDB has released security updates to address vulnerabilities in multiple versions of MongoDB. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review MongoBD Alert and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0426 (Palo Alto Security Update)

TZCERT-SU-24-0425 (Oracle Linux Security Update)

TZCERT-SU-24-0424 (InsightVM Security Update)

TZCERT-SU-24-0423 (GitLab Security Update)

TZCERT-SU-24-0422 (MongoDB Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)