Page 16 - Threat Intelligence 10-18-2019
P. 16

Threat Alerts




           And Advisories








            Multiple Vulnerabilities in Pulse Secure VPN
            The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities affecting
            Pulse Secure Virtual Private Network (VPN). An attacker could exploit these vulnerabilities to take control
            of an affected system. These vulnerabilities have been targeted by advanced persistent threat (APT)
            actors.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
            review the following resources for more information and to apply the necessary updates:
            • CERT/CC Vulnerability Note VU#927237 Multiple Vulnerabilities in Pulse Secure VPN
            • Pulse Secure Security Advisory SA44101 Out-of-Cycle Advisory: Multiple vulnerabilities resolved in
              Pulse Connect Secure / Pulse Policy Secure 9.0RX
            • National Security Agency (NSA) Cybersecurity Advisory Mitigating Recent VPN Vulnerabilities
            • CISA Current Activity Vulnerabilities in Multiple VPN Applications


            VMware Releases Security Update for Harbor Container Registry for PCF
            VMware has released a security update to address a vulnerability affecting Harbor Container
            Registry for Pivotal Cloud Foundry (PCF). An attacker could exploit this vulnerability to take
            control of an affected system.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
            administrators to review VMware Security Advisory VMSA-2019-0016 and apply the necessary
            update.


            Oracle Releases October 2019 Security Bulletin
            Oracle has released its Critical Patch Update for October 2019 to address 219 vulnerabilities
            across multiple products. A remote attacker could exploit some of these vulnerabilities to take
            control of an affected system.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
            administrators to review the Oracle October 2019 Critical Patch Update and apply the necessary
            updates.


            Adobe Releases Security Updates for Multiple Products
            Adobe has released security updates to address vulnerabilities in multiple Adobe products. An
            attacker could exploit some of these vulnerabilities to take control of an affected system.
            The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
            administrators to review the following Adobe Security Bulletins and apply the necessary updates:
            •Experience Manager APSB19-48
            •Acrobat and Reader APSB19-49
            •Experience Manager Forms APSB19-50
            •Download Manager APSB19-51







                                                    www.accumepartners.com
                                                                                                                    16
   11   12   13   14   15   16   17   18   19   20