Cisco | Drupal | Google | Mozilla | Google

Advisory ID: 
JMCIRT-SA-2020.168
Advisory Date: 
Friday, November 20, 2020
Advisory Description: 

Cisco Releases Security Updates for Security Manager
Original release date: November 17, 2020

Cisco has released security updates to address vulnerabilities in Cisco Security Manager. A remote attacker could exploit these vulnerabilities to obtain sensitive information.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the following security advisories and apply the necessary updates:


Cisco Releases Security Updates for Multiple Products
Original release date: November 19, 2020

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the following security advisories and apply the necessary updates:


Drupal Releases Security Updates
Original release date: November 19, 2020

Drupal has released security updates to address a critical vulnerability in Drupal 7, 8.8 and earlier, 8.9, and 9.0. An attacker could exploit this vulnerability to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Drupal Advisory and apply the necessary updates.


Google Releases Security Updates for Chrome
Original release date: November 19, 2020

Google has released Chrome version 87.0.4280.66 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could allow an attacker to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Chrome Release and apply the necessary updates.


Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Original release date: November 19, 2020

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Mozilla Security Advisory for Firefox 83, Firefox ESR 78.5 and Thunderbird 78.8 apply the necessary updates.


VMware Releases Security Updates for VMware SD-WAN Orchestrator
Original release date: November 19, 2020

VMware has released security updates to address multiple vulnerabilities in VMware SD-WAN Orchestrator. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the VMware Security Advisory and apply the necessary updates.


References
1. https://www.us-cert.gov
2. https://tools.cisco.com/security/center/publicationListing.x
3. https://www.drupal.org/sa-core-2020-012
4. https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-...
5. https://www.mozilla.org/en-US/security/advisories/
6. https://www.vmware.com/security/advisories/VMSA-2020-0025.html