New Alerts for SolarWinds, Microsoft Edge (exploit), HPE, NetApp, IBM, MongoDB, and Linux.

TGIF!

SolarWinds 

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. This vulnerability allows access to the RabbitMQ management console. CVSSv3 score of 8.6
More info.

Microsoft Exploit

Microsoft has updated Edge with the latest chromium fixes and one Edge specific patch.
More info.

HPE 

Potential security vulnerabilities have been identified in HPE SAN switches with Brocade Fabric OS. These vulnerabilities could be remotely exploited to execute arbitrary code and gain elevated privilege. CVSSv3 score of 8.6
More info.

NetApp 

NetApp has published 10 bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 9.8
More info.

IBM 

IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks. Highest CVSSv3 score of 9.8
More info.

MongoDB 

A remote attacker can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. CVSSv3 score of 5.3
More info.

Linux 

Ubuntu has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts