Apache | Palo Alto | Microsoft | Mozilla | Cisco

Advisory ID: 
JMCIRT-SA-2020.093
Advisory Date: 
Friday, July 3, 2020
Advisory Description: 

Apache Releases Security Advisory for Apache Tomcat
Original release date: June 26, 2020|Last revised: June 29, 2020

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Apache Security Advisory and apply the necessary updates.

Palo Alto Releases Security Updates for PAN-OS
Original release date: June 29, 2020

Palo Alto Networks has released security updates to address a vulnerability affecting the use of Security Assertion Markup Language in PAN-OS. An unauthenticated attacker with network access could exploit this vulnerability to obtain sensitive information.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Palto Alto Security Advisory and apply the necessary updates.


Microsoft Releases Security Updates for Windows 10, Windows Server
Original release date: July 1, 2020

Microsoft has released security updates to address vulnerabilities in Windows 10 and Windows Server. These vulnerabilities could allow a remote attacker to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Microsoft Security Advisories CVE-2020-1425 and CVE-2020-1457 and apply the necessary updates.


Cisco Releases Security Updates for Multiple Products
Original release date: July 2, 2020

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Cisco Security Advisories and apply the necessary updates:


Mozilla Releases Security Updates for Firefox and Firefox ESR
Original release date: July 3, 2020

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Mozilla Security Advisories for Firefox 78, Firefox ESR 68.10 and Thunderbird 68.10.0 and apply the necessary updates.


References
1. https://www.us-cert.gov
2. http://mail-archives.us.apache.org/mod_mbox/www-announce/202006.mbox/%3C...
3. https://security.paloaltonetworks.com/CVE-2020-2021
4. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
5. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
6. https://www.mozilla.org/en-US/security/advisories/  
7. https://tools.cisco.com/security/center/publicationListing.x