17. 04. 2024 Alessandro Mizzaro Bug Fixes, NetEye

NetEye 4 – Security Advisory

Synopsis

Important: geomap security update

Type/Severity

Security Advisory: High

Topic

An update for the package geomap is now available for NetEye 4.

NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating.

Description

geomap is a NetEye package used for maps visualization.

An improper input validation causes Cross Site Scripting when the layers is displayed in maps (CWE-79)

Security Fix for NetEye 4.35:

  • geomap 1.19.1-1

CVSS: 8.1 (high) – CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed in the References section.

Solution

Update geomap to latest version (1.19.1-1).

For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section inside the User Guide.

Affected Products

All NetEye 4.x versions prior to and including 4.35

References

Alessandro Mizzaro

Alessandro Mizzaro

Security Software Engineer at Wuerth Phoenix

Author

Alessandro Mizzaro

Latest posts by Alessandro Mizzaro

24. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
24. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
12. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
10. 03. 2025 Bug Fixes, NetEye
NetEye 4 – Security Advisory
26. 02. 2025 Bug Fixes, NetEye
Bug Fixes for NetEye 4.40,4.39 and 4.38
See All

Related Content

Tags:

27. 03. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.40

Fix “Invalid OAuth State” error – Login not working We fixed an issue with the authentication, occurring refreshing NetEye after the session expires. The user is now brought to the login page instead of being stuck in an “Invalid OAuth Read More
24. 03. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: Icingaweb2 Module Geomap security update Type/Severity NetEye Product Security has rated this update as having a security impact of Low Topic An update for the package icingaweb2-module-geomap is now available for NetEye 4. Security Fix for NetEye 4.40 1.22.1-1 For Read More
24. 03. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a security impact of Low Topic An update for the package glpi is now available for NetEye 4. Security Fix for NetEye 4.40 10.0.18_neteye1.17.1-1 For more details about Read More
21. 03. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.39+

Fix for icinga2 check processing We fixed a race-condition in icinga2, where a lock was not held long enough, causing threads to overwrite local state when processing two simultaneous check results for the same object. List of updated packages To Read More
12. 03. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory

Important: GeoMap update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the package icingaweb2-module-geomap is now available for NetEye 4. Security Fix for NetEye 4.40 1.22.4 - 1 CVSSv3.1: 7.3(High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N For Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive