{"id":17543,"date":"2021-09-15T14:30:32","date_gmt":"2021-09-15T12:30:32","guid":{"rendered":"https:\/\/relnet.hu\/?p=17543"},"modified":"2021-09-27T10:40:26","modified_gmt":"2021-09-27T08:40:26","slug":"fontos-kritikus-biztonsagi-res-a-manageengine-adselfservice-termekeben","status":"publish","type":"post","link":"https:\/\/relnet.hu\/en\/fontos-kritikus-biztonsagi-res-a-manageengine-adselfservice-termekeben\/","title":{"rendered":"Fontos: Kritikus biztons\u00e1gi r\u00e9s a ManageEngine ADSelfService term\u00e9k\u00e9ben \u2013 el\u00e9rhet\u0151 a jav\u00edt\u00e1s, a RelNet seg\u00edt"},"content":{"rendered":"<p>Az FBI \u00e9s a CISA is figyelmeztet, hogy \u00e1llamilag t\u00e1mogatott hackercsoportok 2021 augusztus eleje \u00f3ta folyamatosan APT-t\u00e1mad\u00e1sokat (fejlett, tart\u00f3s t\u00e1mad\u00e1sok, \u00e1ltal\u00e1ban inform\u00e1ci\u00f3szerz\u00e9si c\u00e9llal) ind\u00edtanak a ManageEngine SSO (single sign-on) \u00e9s jelsz\u00f3kezel\u0151 megold\u00e1sa ellen.<\/p>\n<p>A CVE-2021-40539 sz\u00e1mon nyilv\u00e1ntartott s\u00e9r\u00fcl\u00e9kenys\u00e9get a ManageEngine ADSelfService Plus term\u00e9k\u00e9ben fedezt\u00e9k fel. A t\u00e1mad\u00f3k kihaszn\u00e1lva a biztons\u00e1gi r\u00e9st, a behatol\u00e1st k\u00f6vet\u0151en, rosszindulat\u00fa program &#8211; amely jelen esetben egy mag\u00e1t X509-es tan\u00fas\u00edtv\u00e1nynak \u00e1lc\u00e1z\u00f3 web shell &#8211; futtat\u00e1s\u00e1val \u00e1t tudj\u00e1k venni az ellen\u0151rz\u00e9st a sebezhet\u0151 rendszerek f\u00f6l\u00f6tt. A program k\u00e9pes kompromitt\u00e1lni a rendszergazdai hozz\u00e1f\u00e9r\u00e9seket, vagy oldalir\u00e1ny\u00fa k\u00eds\u00e9rletekkel eltulajdon\u00edtani a rendszerle\u00edr\u00f3 adatb\u00e1zis vagy az Active Directory tartalm\u00e1t.<\/p>\n<h5>V\u00e9dekez\u00e9si int\u00e9zked\u00e9sek<\/h5>\n<p>A ManageEngine tulajdonosa, a Zoho, 2021. szeptember 6-\u00e1n kibocs\u00e1totta az ADSelfService Plus build 6114 jav\u00edt\u00f3programot, amely elh\u00e1r\u00edtja a probl\u00e9m\u00e1t. A hackercsoportok k\u00f6zben folyamatosan t\u00e1madj\u00e1k a m\u00e9g nem \u201ebe nem foltozott\u201d, vagy jav\u00edtott rendszereket, amelyek az ADSelfService-t haszn\u00e1lj\u00e1k.<\/p>\n<p>Az FBI \u00e9s a CISA egyar\u00e1nt s\u00fcrgetik az \u00e9rintett szervezeteket, hogy futtass\u00e1k a kiadott patch-et, \u00e9s gondoskodjanak arr\u00f3l, hogy az ADSelfService Plus ne legyen hozz\u00e1f\u00e9rhet\u0151 k\u00f6zvetlen\u00fcl az internetr\u0151l.<\/p>\n<p>A ManageEngine hivatalos magyarorsz\u00e1gi disztrib\u00fatorak\u00e9nt a RelNet Kft. term\u00e9szetesen minden \u00fcgyfel\u00e9nek \u00e9s partner\u00e9nek seg\u00edt ennek a probl\u00e9m\u00e1nak a marad\u00e9ktalan elh\u00e1r\u00edt\u00e1s\u00e1ban. Forduljanak hozz\u00e1nk bizalommal!<\/p>\n<h5>Forr\u00e1s:<\/h5>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-and-cisa-warn-of-state-hackers-exploiting-critical-zoho-bug\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/fbi-and-cisa-warn-of-state-hackers-exploiting-critical-zoho-bug\/<\/a><br \/>\njustify<br \/>\nno-repeat;left top;;<br \/>\nauto<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackerek folyamatosan t\u00e1madj\u00e1k a ManageEngine ADSelfService Plus term\u00e9k\u00e9ben l\u00e9v\u0151 s\u00e9r\u00fcl\u00e9kenys\u00e9get. A jav\u00edt\u00f3program m\u00e1r el\u00e9rhet\u0151.  A RelNet seg\u00edt a probl\u00e9ma marad\u00e9ktalan elh\u00e1r\u00edt\u00e1s\u00e1ban.<\/p>\n","protected":false},"author":1086,"featured_media":17545,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2183],"tags":[1042,2553,2184,76,1206,879,2552],"yst_prominent_words":[],"class_list":["post-17543","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-manageengine","tag-it-security-2","tag-itbiztosngag","tag-manageengine","tag-serulekenyseg","tag-sso","tag-vulnerability-2","tag-zoho"],"_links":{"self":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/17543","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/users\/1086"}],"replies":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/comments?post=17543"}],"version-history":[{"count":4,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/17543\/revisions"}],"predecessor-version":[{"id":17554,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/17543\/revisions\/17554"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media\/17545"}],"wp:attachment":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media?parent=17543"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/categories?post=17543"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/tags?post=17543"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=17543"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}