Iyo yakakosha sei Citrix NetScaler vulnerability CVE-2019-19781 yakafumura matambudziko akavanzika muindasitiri yeIT.

Muverengi anodiwa, chekutanga ndinoda kuratidza kuti semugari weGermany, ndiri kunyanya kutsanangura mamiriro ezvinhu munyika ino. Zvichida mamiriro ezvinhu munyika yako akasiyana zvachose.

Musi waZvita 17, 2019, ruzivo rwakaburitswa paCitrix Knowledge Center peji nezvekusagadzikana kwakanyanya muCitrix Application Delivery Controller (NetScaler ADC) uye Citrix Gateway chigadzirwa mitsara, inonyanya kuzivikanwa seNetScaler Gateway. Gare gare, kusagadzikana kwakawanikwa zvakare mumutsara weSD-WAN. Kusagadzikana kwakanganisa zvese zvechigadzirwa kubva pa10.5 kusvika kune yazvino 13.0 uye yakabvumira munhu asina mvumo kuti aite yakaipa kodhi pane system, achishandura NetScaler kuita chikuva chekumwe kurwiswa kunetiweki yemukati.

• CTX267027: CVE-2019-19781 - Kusagadzikana muCitrix Chikumbiro Chekutumira Dhivha
• CTX267679: Matanho ekuderedza eCVE-2019-19781
• CTX269180: CVE-2019-19781 - Verification Tool (Rakabudiswa 15.01.2020/XNUMX/XNUMX!)

Panguva imwe chete nekuburitswa kweruzivo nezve kusagadzikana, Citrix yakaburitsa kurudziro yekudzikisa njodzi (Workaround). Kuvharwa kwakazara kwekusagadzikana kwakavimbiswa chete pakupera kwaNdira 2020.

Kuoma kwekusagadzikana uku (nhamba CVE-2019-19781) yaive yakarongwa 9.8 kubva pagumi... Maererano ne ruzivo kubva kuPositive Technologies Kusagadzikana uku kunobata anopfuura makambani e80 pasi rese.

Zvinogoneka kuita kune nhau

Semunhu ane mutoro, ndakafungidzira kuti vese vadzidzisi veIT vane zvigadzirwa zveNetScaler muzvivakwa zvavo vakaita zvinotevera:

1. nekukasira kuita kurudziro dzese dzekudzikisa njodzi yakataurwa muchinyorwa CTX267679.
2. yakadzokorodza iyo Firewall marongero maererano neinotenderwa traffic kubva kuNetScaler yakananga kune yemukati network.
3. yakakurudzira kuti vatariri vekuchengetedza IT vateerere kune "zvisina kujairika" kuedza kuwana NetScaler uye, kana zvichidikanwa, vavhare. Rega ndikuyeuchidze kuti NetScaler inowanzo kuwanikwa muDMZ.
4. yakaongorora mukana wekubvisa NetScaler kwenguva pfupi kubva kunetiweki kudzamara ruzivo rwakadzama nezvedambudziko rwawanikwa. Munguva yezororo reKisimusi risati rasvika, mazororo, nezvimwewo, izvi zvaisazonyanya kurwadza. Mukuwedzera, makambani mazhinji ane imwe nzira yekuwana nayo kuburikidza neVPN.

Chii chakazoitika?

Nehurombo, sezvazvichajeka gare gare, matanho ari pamusoro apa, ayo ari maitiro akajairwa, haana kufuratirwa nevakawanda.

Nyanzvi dzakawanda dzinotarisira iyo Citrix zvivakwa zvakadzidza nezve kusagadzikana chete muna Ndira 13.01.2020, XNUMX. kubva pakati nhau. Vakaziva apo nhamba huru yehurongwa huri pasi pebasa ravo hwakakanganiswa. Kusava nemusoro kwemamiriro acho ezvinhu kwakasvika pakuti kushandiswa kwakakodzera kune izvi kunogona kuva kwakakwana zviri pamutemo kudhawunirodha paInternet.
Neimwe chikonzero, ndaitenda kuti nyanzvi dzeIT dzinoverenga tsamba kubva kuvagadziri, masisitimu avakaronzeswa, vanoziva mashandisiro e Twitter, kunyorera kune vanotungamira nyanzvi mumunda wavo uye vanosungirwa kugara vachiziva nezve zviitiko zvazvino.

Muchokwadi, kweanopfuura mavhiki matatu, vazhinji vatengi veCitrix vakafuratira zvachose kurudziro yemugadziri. Uye vatengi veCitrix vanosanganisira anenge ese makuru uye epakati-saizi makambani muGermany, pamwe neanenge ese masangano ehurumende. Chekutanga, kusagadzikana kwakakanganisa zvimiro zvehurumende.

Asi pane chimwe chinhu chekuita

Avo vane masisitimu akakanganiswa vanoda kudzoreredzwa kwakazara, kusanganisira kutsiva zvitupa zveTSL. Zvichida vatengi veCitrix vaitarisira kuti mugadziri atore chiito chakasimba mukubvisa kusagadzikana kwakanyanya vanozotsvaga imwe nzira. Isu tinofanirwa kubvuma kuti mhinduro yaCitrix haikurudzire.

Pane mibvunzo yakawanda kupfuura mhinduro

Mubvunzo unomuka, chii chaive chevazhinji vadyidzani veCitrix, platinamu negoridhe, vachiitei? Nei ruzivo rwakakosha rwakaonekwa pamapeji evamwe vabatsiri veCitrix chete muvhiki rechitatu ra3? Zviripachena kuti vanobhadhara zvakanyanya vekunze vanopa mazano vakararawo kuburikidza nemamiriro ezvinhu ane ngozi aya. Handidi kugumbura ani zvake, asi basa remumwe wako rinonyanya kudzivirira matambudziko kubva pakumuka, uye kwete kupa = kutengesa rubatsiro mukubvisa.

Kutaura zvazviri, mamiriro ezvinhu aya akaratidza mamiriro chaiwo ezvinhu mumunda wekuchengetedzwa kweTI. Vese vashandi veIT madhipatimendi emakambani uye vanopa mazano emakambani emubatanidzwa weCitrix vanofanirwa kunzwisisa chokwadi chimwe: kana paine kusagadzikana, kunofanirwa kubviswa. Zvakanaka, kusazvibata kwakakomba kunofanirwa kubviswa nekukurumidza!

Source: www.habr.com