Source URL: https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/
Source: Cisco Talos Blog
Title: Whatsup Gold, Observium and Offis vulnerabilities
Feedly Summary: Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications
AI Summary and Description: Yes
Summary: The text discusses recently disclosed vulnerabilities in three applications—Observium, Offis, and WhatsUp Gold—detailing specific cybersecurity risks associated with each. The vulnerabilities were patched by their respective vendors in accordance with Cisco’s vulnerability disclosure policy, highlighting the importance of timely responses to security threats in IT infrastructure.
Detailed Description:
The Cisco Talos Vulnerability Research team has identified several vulnerabilities across multiple IT infrastructure management products, underscoring critical points of concern for security professionals:
– **Observium Vulnerabilities**:
– Two cross-site scripting vulnerabilities can lead to arbitrary JavaScript code execution, and one HTML code injection vulnerability.
– Both vulnerabilities are triggered through malicious links clicked by authenticated users.
– Relevant CVEs:
– TALOS-2024-2090 (CVE-2024-47140)
– TALOS-2024-2091 (CVE-2024-47002)
– TALOS-2024-2092 (CVE-2024-45061)
– **Offis Vulnerabilities**:
– Three vulnerabilities identified in the Offis DCMTK libraries, which support the DICOM standard.
– One vulnerability allows for arbitrary code execution due to an incorrect type conversion, while the other two involve improper array index validation, permitting out-of-bounds write capabilities.
– Relevant CVEs:
– TALOS-2024-1957 (CVE-2024-28130)
– TALOS-2024-2121 (CVE-2024-52333)
– TALOS-2024-2122 (CVE-2024-47796)
– **WhatsUp Gold Vulnerabilities**:
– Two vulnerabilities pose risks for information disclosure and unauthorized access through crafted authenticated and unauthenticated HTTP requests, respectively.
– A denial of service vulnerability also exists.
– Relevant CVEs:
– TALOS-2024-1932 (CVE-2024-5017) – Information Disclosure
– TALOS-2024-2089 (CVE-2024-12105) – Information Disclosure
– TALOS-2024-1933 (CVE-2024-5010) – Sensitive Information Disclosure
– TALOS-2024-1934 (CVE-2024-5011) – Denial of Service
**Key Insights and Practical Implications:**
– Immediate patching following vulnerability disclosure is critical to maintain the integrity and security of IT systems.
– Organizations should implement robust monitoring and alert mechanisms to detect exploitation attempts, utilizing tools like Snort as mentioned for rule set downloads.
– Vulnerabilities affecting widely used software highlight the need for continuous security assessments and a proactive security culture within organizations.
– Professionals must remain vigilant against potential exploits, especially those that target authentication pathways and data visibility.