Synopsis Important: Elasticsearch and Logstash security mitigation Type/Severity Security Advisory: Important Topic A mitigation for Logstash and Elasticsearch is now available for NetEye 3. NetEye Product Security has rated this mitigation as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for…
Read MoreA bug has been discovered on NetEye modules logmanagement and SIEM. If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check….
Read MoreDepending on your network configuration it might be useful to import reachable devices in NetEye 4. This operation can be accomplished using the Nmap tool (already installed on your machine) and an Icingaweb module. Follow these steps to install the module: Download the archive from here Put the contents of the archive in the NetEye…
Read MoreA manual user configuration migration is required before upgrading to 4.10. Starting in version 4.9, NetEye supports Grafana user management, which is completely integrated into NetEye via its existing roles mechanism. NetEye administrators can create new roles that map to Grafana roles (admin, editor or viewer) at the level of organizations and teams. NetEye users must then be…
Read MoreA vulnerability has been detected on the Nagios web interface. Attackers may exploit this vulnerability to gain access to sensitive information or crash the affected application, denying service to legitimate users. To guarantee the security of your system, we recommend applying last released patch: neteye-3.12.1-3.5.1p8.nagios.1.x86_64.rpm . Update your system using following commands: yum clean all…
Read MoreA vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…
Read MoreA vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…
Read MoreA vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high). To guarantee the security of your system,…
Read MoreÈ stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS 3.3.*, Erizone 3.x ed Erizone 5.x. Tale vulnerabilità sfrutta una falla nel sistema di statistiche lato agente e gli è stata assegnata una criticità di livello alto. Al fine di garantire la sicurezza del sistema è consigliabile…
Read MoreA vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk. To guarantee the security of your system,…
Read MoreA vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems. This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk. To guarantee the security of your system,…
Read MoreÈ stata scoperta una vulnerabilità nell’interfaccia agente dei sistemi EriZone – OTRS che coinvolge tutti i sistemi OTRS, Erizone 3.x e Erizone 5.x. A tale vulnerabilità è stata assegnata una criticità di livello alto. Al fine di garantire la sicurezza del sistema è consigliabile de-registrare il modulo Installer.pm. Per farlo sarà sufficiente editare il file…
Read MoreIt was detected a vulnerability on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS, Erizone 3.x and EriZone 5.x systems The severity of this vulnerability has been categorized with “high”. To guarantee the security of your system, we recommend to disable the Installer.pm module. Modify the file /opt/erizone/otrs/Kernel/Config.pm…
Read MoreAuf dem Agent-Interface der EriZone – OTRS Systeme wurde eine Sicherheitslücke entdeckt. Nachfolgendes gilt für alle OTRS Systeme, sowie EriZone 3.x und EriZone 5.x Der Vulnerabilität wurde Wichtigkeit “hoch” zugewiesen. Um die Sicherheit Ihres Systems zu garantieren, empfehlen wir Ihnen das Installer.pm Modul zu deaktivieren. Ändern Sie dafür das File /opt/erizone/otrs/Kernel/Config.pm und fügen Sie folgende…
Read More