security intelligence advisory - sattrix

1

SECURITY INTELLIGENCE

ADVISORY

26th OCT – 24th NOV 2020

OUR LOCATIONS

Intent

This report is intended to help quantify the scope of that risk as organizations’ struggle to balance their cyber

security policies and protections against the needs of their employees for access to the Web and its resources.

Background

Every organization – large, medium and small has a huge risk and a typical challenge of managing vulnerabilities

present in the operating systems, Vulnerabilities that are not attended possess a very high risk and can cost your

organization various threats and damage. There is threat from users within the system, competitors who want

to know accurate details about your business model etc. There is a certain way to identify and update patches

for your vulnerabilities to avoid all these serious threats and curb the damage thereof. There’s also a method in

which specialists get into your system and run a check to identify how strong the system is. Performing

vulnerability assessments guarantee all normal system vulnerabilities are taken into consideration. When

assessments are conducted regularly, new threats are identified quickly.

What does the Vulnerability Advisory cover?

1. We monitor around 2000 applications, appliances and operating systems, and tests and verifies the

vulnerabilities reported in them.

2. We are focusing each vulnerability disclosed in those 2000 products.

3. The systems and applications monitored by Sattrix Research Team are those in use in the environment

of the customers.

4. In the instance of customers using products that aren’t already being monitored by our team, these

products can be submitted to us and we will initiate monitoring them the next business day. We only

monitor public or commercially available solutions.

5. The Vulnerability Database covers vulnerabilities that can be exploited in all types of products –

software, hardware, firmware, etc.

6. The vulnerabilities verified by our team are described in client database as an Advisory and listed in the

Sattrix Vulnerability Reports, detailing what IT Security teams need to know to mitigate the risk posed

by the vulnerability in their environment.

7. The Vulnerability Database covers vulnerabilities that can be exploited in all types of products

and also, we cover zero days and EOS/EOL.

8. We create daily and weekly reports including all the details of that vulnerability and total vulnerability

count in last week and provide it to customer as well.

9. The Sattrix Advisory descriptions include severity, under investigation product, Affected Product, cve

id, Sattrix score, reference links and remediations.

10. Sattrix researchers monitor the vulnerabilities within 5 business working days.

2

www.sattrix.com Copyright 2020 Sattrix. All Rights Reserved

https://www.sattrix.com/


EXECUTIVE SUMMARY

➢ Overall Monthly Vulnerability Trend Chart

➢ Released Vulnerabilities and severity wise count

• This graph present threat levels based on vulnerability identified.

0

50

100

26

-Oct

28

-Oct

30

-Oct

01

-No

v

03

-No

v

05

-No

v

07

-No

v

09

-No

v

11

-No

v

13

-No

v

15

-No

v

17

-No

v

19

-No

v

21

-No

v

23

-No

v

Trend Chart For One MonthWith CVE No CVE EOS/EOL

Linear (With CVE) Linear (No CVE) Linear (EOS/EOL)

Critical, 34, 2%

High, 1076, 65%

Medium, 500, 31%

Low, 36, 2%

Severity Count

Critical High Medium Low

3


http://www.sattrix.com/

➢ This graph present total released vulnerabilities including Zero-day vulnerability and EOS/EOL

with their count.

.

➢ Date wise Released Vulnerabilities Count, fortnightly summarized

With CVE, 1646, 97%

No CVE, 20, 1%

EOS/EOL, 35, 2%

With CVE No CVE EOS/EOLTotal Counts Table:With CVE: 1646(97%)No CVE: 20(1%)EOS / EOL: 35(2%)

0

10

20

30

40

50

60

70

80

90

100

26-Oct

27-Oct

28-Oct

29-Oct

30-Oct

02-Nov

03-Nov

04-Nov

05-Nov

06-Nov

09-Nov

10-Nov

11-Nov

12-Nov

13-Nov

17-Nov

18-Nov

19-Nov

20-Nov

23-Nov

24-Nov

Total 74 88 84 92 94 65 85 80 80 84 81 85 93 85 67 87 64 89 68 49 73

Datewise Count Table

4




➢ Product wise Released EOS/EOL count.

➢ Product wise Released Non-CVE ID or Zero Day vulnerabilities count.

0

2

4

6

8

10

RSA PostgreSQL

CentOS

Node.js

CheckPoint

PaloAlto

IBM Oracle

VMWar

e

TrendMicro

Adobe

Microsof

t

McAfee

Count 1 1 1 1 1 1 2 2 3 3 3 7 9

Productwise chart for EOL\EOS

0

0.5

1

1.5

2

2.5

3

Boxoft

CentOS

RedHat

Teneble

Apple

IDM Polipo

GOMO

IBM Trend

Micro

Vtiger

ZTE UiPath

SUSE

Count 1 1 1 1 1 1 1 1 1 1 2 2 3 3

Productwise chart for Non-CVE

5




➢ Product wise Released vulnerabilities count.

➢ Top 10 Vulnerabilities product wise critical vulnerabilities

050

100150200250300350400450500

Drupal

CheckPoint

No

de.js

Tenable

Micro

Focus

FortiNet

Apple

Len

ovo

Citrix

Huawei

F5 McAfee

VMWare

Ado

be

SAP Fo

xit

TrendMicro

Go

ogle

HPE

Oracle

Mozilla

Cisco

Microsoft

IBM

Intel

Ubuntu

SUSE

RedHat

Count 1 1 1 2 2 3 5 5 6 8 9 14 15 17 22 22 29 37 45 48 48 50 65 10 16 20 24 47

Productwise chart for CVE

0

2

4

6

8

10

McAfee Oracle Mozilla IBM HPE SUSE VMWare

SAP

Count 1 1 1 2 2 3 6 10

Critical CVE count

6




Top Vulnerabilities of the Week

Date Sr. #

CVE ID Vendor Product Summary Recommendation

26-10-2020

1 CVE-2020-8178 IBM IBM Cloud Pak for Multicloud

Management-2.0

A security vulnerability in Node.js jison affects

IBM Cloud Pak for Multicloud Management

Managed Service.

Updates are available please see below reference link https://www.ibm.com/support/pages/node/6356103

27-10-2020

2 CVE-2020-11984 IBM IBM Rational Build Forge-

8.0.0.16

There are multiple vulnerabilities in Apache HTTP Server affecting

IBM Rational Build Forge

Updates are available please see below reference link https://www.ibm.com/support/pages/node/6351395

29-10-2020

3 CVE-2020-7197 HPE

HPE 3PAR StoreServ

Management and Core Software

Media All versions prior to

3.7.1.1

HPE 3Par and Primera StoreServ Management

Console (SSMC) is an off node multiarray manager

web application and remains isolated from data on the managed

arrays. SSMC is vulnerable to remote

authentication bypass.

Updates are available please see below reference link https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04045en_us

29-10-2020

4 CVE-2020-6703 McAfee

Data Exchange Layer-5.x,4.x

Data Loss Prevention -

Monitor 11.x,Prevent 11.x McAfee Active Response-2.x

McAfee Agent-5.5.x

Threat Intelligence

Exchange Server-2.3.x,2.2.x

Use After Free in remote logging (which is

disabled by default) in McAfee Agent (MA) 5.x earlier than 5.6.0 allows remote unauthenticated

attackers to cause a Denial of Service and

potentially a remote code execution via a specially

crafted HTTP header sent to the remote

logging service.

Updates are available please see below reference link https://kc.mcafee.com/corporate/index?page=content&id=SB10258&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US

7

02-11-2020

5 CVE-2020-

11900 HPE

HPE ProLiant m510 Server

Cartridge -Prior to iLO 4 2.60 for

Moonshot HPE ProLiant m710x Server Blade -Prior to iLO 4 2.60 for

Moonshot HPE ProLiant

m710x-L Server Blade -Prior to iLO 4 2.60 for

Moonshot HPE Moonshot

Chassis Management

Firmware - Prior to Moonshot iLO Chassis Manager

1.62

Multiple security vulnerabilities have been identified in

Integrated Lights-Out 4 (iLO 4) firmware for

Moonshot and Edgeline cartridges and blades,

and Moonshot iLO Chassis Manager

firmware. The vulnerabilities could be remotely exploited to execute code, cause

denial of service, and expose sensitive

information. HPE has released updated

firmware to mitigate these vulnerabilities.

Updates are available please see below

reference link https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04

021en_us

02-11-2020

6 CVE-2020-

14750 Oracle

Oracle WebLogic Server, versions

10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Oracle Security Alert Advisory - CVE-2020-

14750

Updates are available please see below reference link https://www.oracle.com/security-alerts/alert-cve-2020-14750.html

09-11-2020

7 CVE-2020-

26950 Mozilla

Firefox -82.0.3, Firefox ESR -

78.4.1, Thunderbird -

78.4.2

Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and

Thunderbird 78.4.2

Updates are available please see below reference link https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/

12-11-2020

8

CVE-2020-16846

CVE-2020-17490

CVE-2020-25592

SUSE SUSE Enterprise

Storage 5

An update that fixes three vulnerabilities is now

available.

Updates are available please see below reference link https://www.suse.com/support/update/announcement/2020/suse-su-20203171-1/




Disclaimer: The information in this document is subject to change without notice and should not be construed as a commitment by Sattrix Information Security Pvt. Ltd. Sattrix provides

no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no

responsibility for any errors that may appear in this document. In no event shall Sattrix or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages

of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if Sattrix or its suppliers have been advised of

the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Sattrix, and the contents hereof must not be

imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners

© Copyright 2019 Sattrix. All rights reserved.

Limitation of Liability: IN NO EVENT SHALL SATTRIX, SATTRIX AFFILIATES, OR THEIR OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, SUPPLIERS, LICENSORS AND THIRD PARTY PARTNERS,

BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER, EVEN IF SATTRIX HAS BEEN

PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, WHETHER IN AN ACTION UNDER CONTRACT, TORT, OR ANY OTHER THEORY ARISING FROM YOUR ACCESS TO, OR USE

OF, THE MATERIALS. Because some jurisdictions do not allow limitations on how long an implied warranty lasts, or the exclusion or limitation of liability for consequential or incidental

damages, some of the above limitations may not apply to you

13-11-2020

9

CVE-2020-26821,

CVE-2020-26822,

CVE-2020-26823,

CVE-2020-26824,

CVE-2020-6207,

CVE-2019-0230,

CVE-2019-0233, CVE-2020-

26808, CVE-2020-

26820, CVE-2020-6284

SAP

SAP Solution Manager (JAVA stack), Version - 7.2,

SAP Solution Manager (User Experience

Monitoring), Version - 7.2, SAP Data Services,

Versions - 4.2, SAP AS ABAP(DMIS),

Versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752,

2020 SAP NetWeaver AS JAVA, Versions - 7.20, 7.30, 7.31,

7.40, 7.50 SAP NetWeaver

(Knowledge Management); Versions - 7.30, 7.31, 7.40,

7.50 SAP S4 HANA(DMIS),

Versions - 101, 102, 103, 104, 105

SAP Security Patch Day –

November 2020

Updates are available please see below reference link https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571

24-11-2020

10

CVE-2020-3981,

CVE-2020-3982,

CVE-2020-3992,

CVE-2020-3993,

CVE-2020-3994,

CVE-2020-3995

VMWare

Multiple vulnerabilities in VMware ESXi,

Workstation, Fusion and NSX-T were privately reported to VMware.

Updates are available to remediate these

vulnerabilities in affected VMware products.

Multiple vulnerabilities in

VMware ESXi, Workstation,

Fusion and NSX-T were privately

reported to VMware. Updates

are available to remediate these vulnerabilities in affected VMware

products.

Updates are available please see below reference link https://www.vmware.com/security/advisories/VMSA-2020-0023.html

9


For more information contact us at [email protected]



security intelligence advisory - sattrix

Documents