All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories.

SonicWall fixed critical SQLi in Analytics and GMS products

Security company SonicWall addressed a critical SQL injection (SQLi) vulnerability, tracked as CVE-2022-22280 (CVSS score 9.4), in Analytics On-Prem and Global Management System (GMS) products, reports Security Affairs. “There is no workaround available for this vulnerability,” SonicWall said.

ANDREW SWOBODA | Senior Security Researcher at Tripwire

SonicWall’s Analytics On-Prem and Global Management System are subject to a SQL injection vulnerability. This vulnerability can be exploited by an unauthenticated attacker. It is possible that the Web Application Firewall could detect and block SQLi attacks. Upgrade GMS to 9.3.1-SP2-Hotfix-2 and Analytics to to resolve this vulnerability.

The Drupal development team released security updates to fix multiple issues in the popular CMS, including a critical code execution flaw, Security Affairs noted. The most severe one is tracked as CVE-2022-25277 with the other three rated “moderately critical.”

ANDREW SWOBODA | Senior Security Researcher at Tripwire

Drupal is subject to a PHP code execution vulnerability. This vulnerability exists because the protections for SA-CORE-2020-012 and SA-CORE-2019-010 conflicted with each other. Drupal sites that are configured to allow upload with a htaccess extension are vulnerable. Drupal versions 9.4 and 9.3 running on Apache (with specific configurations) are affected by this vulnerability.

Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak

Atlassian has warned customers that a vulnerability in Questions for Confluence will likely be used in attacks, Security Week reports. (Read more...)