Ukuthi ubungozi be-Citrix NetScaler CVE-2019-19781 buveze kanjani izinkinga ezifihliwe embonini ye-IT

Mfundi othandekayo, okokuqala ngithanda ukuveza ukuthi njengesakhamuzi saseJalimane, ikakhulukazi ngichaza isimo saleli zwe. Mhlawumbe isimo ezweni lakini sihluke kakhulu.

Ngo-December 17, 2019, kwashicilelwa imininingwane ekhasini Lesikhungo Solwazi Se-Citrix mayelana nokuba sengozini okubucayi ku-Citrix Application Delivery Controller (NetScaler ADC) kanye nemigqa yomkhiqizo we-Citrix Gateway, edume ngokuthi i-NetScaler Gateway. Kamuva, kuphinde kwatholakala ubungozi kulayini we-SD-WAN. Ukuba sengozini kuthinte zonke izinguqulo zomkhiqizo kusuka ku-10.5 kuya ku-13.0 yamanje futhi kwavumela umhlaseli ongagunyaziwe ukuthi asebenzise ikhodi enonya kusistimu, enze i-NetScaler ibe inkundla yokuhlasela okwengeziwe kunethiwekhi yangaphakathi.

• I-CTX267027: CVE-2019-19781 - Ukuba sengozini ku-Citrix Application Delivery Controller
• I-CTX267679: Izinyathelo Zokunciphisa I-CVE-2019-19781
• I-CTX269180: CVE-2019-19781 - Ithuluzi Lokuqinisekisa (Kushicilelwe 15.01.2020/XNUMX/XNUMX!)

Ngesikhathi esifanayo nokushicilelwa kolwazi mayelana nokuba sengozini, i-Citrix ishicilele izincomo zokunciphisa ubungozi (Ukusebenza). Ukuvalwa okuphelele kokuba sengozini kwathenjiswa kuphela ekupheleni kukaJanuwari 2020.

Ubukhulu balokhu kuba sengcupheni (inombolo CVE-2019-19781) Isilinganiso 9.8 koku 10... Ngokuvumelana ne ulwazi oluvela ku-Positive Technologies Ukuba sengozini kuthinta izinkampani ezingaphezu kuka-80 emhlabeni jikelele.

Ukusabela okungenzeka ezindabeni

Njengomuntu onomthwalo wemfanelo, ngicabange ukuthi bonke ochwepheshe be-IT abanemikhiqizo ye-NetScaler kwingqalasizinda yabo benze lokhu okulandelayo:

1. ngokushesha zenze zonke izincomo zokunciphisa ubungozi obushiwo esihlokweni esithi CTX267679.
2. uhlole kabusha izilungiselelo ze-Firewall ngokuya ngethrafikhi evunyelwe esuka ku-NetScaler eya kunethiwekhi yangaphakathi.
3. uncome ukuthi abaphathi bezokuphepha be-IT banake imizamo “engajwayelekile” yokufinyelela i-NetScaler futhi, uma kunesidingo, bayivimbe. Ake ngikukhumbuze ukuthi i-NetScaler ivamise ukutholakala e-DMZ.
4. ihlole ukuthi kungenzeka yini ukunqamula i-NetScaler okwesikhashana kunethiwekhi kuze kutholakale ulwazi oluningiliziwe mayelana nenkinga. Ngamaholide angaphambi kukaKhisimusi, amaholide, njll., lokhu bekungeke kube buhlungu kangako. Ngaphezu kwalokho, izinkampani eziningi zinenye indlela yokufinyelela nge-VPN.

Kwenzekani ngokulandelayo?

Ngeshwa, njengoba kuzocaca kamuva, lezi zinyathelo ezingenhla, okuyindlela evamile, azizange zishaywe indiva abaningi.

Ochwepheshe abaningi ababhekele ingqalasizinda ye-Citrix bafunde ngobungozi kuphela ngoJanuwari 13.01.2020, XNUMX. kusukela ezindabeni ezimaphakathi. Bathole lapho inani elikhulu lezinhlelo ezingaphansi kwesibopho sabo libekwe engcupheni. Ukungabi nangqondo kwalesi simo kwafinyelela iphuzu lokuthi ukuxhashazwa okudingekayo kulokhu kungaba ngokuphelele ngokusemthethweni ukulanda ku-inthanethi.
Ngesizathu esithile, ngangikholelwa ukuthi ochwepheshe be-IT bafunda ama-imeyili avela kubakhiqizi, amasistimu abawaphathisiwe, abakwazi ukusebenzisa i-Twitter, babhalisele ochwepheshe abaholayo emkhakheni wabo futhi banesibopho sokugcina ulwazi ngezenzakalo zamanje.

Eqinisweni, isikhathi esingaphezu kwamasonto amathathu, amakhasimende amaningi akwaCitrix azinakanga ngokuphelele izincomo zomenzi. Futhi amaklayenti akwaCitrix afaka cishe zonke izinkampani ezinkulu neziphakathi eJalimane, kanye nazo zonke izinhlaka zikahulumeni. Okokuqala nje, ukuba sengozini kuthinte izinhlaka zikahulumeni.

Kodwa kukhona okumele ukwenze

Labo amasistimu abo afakwe ebucayini badinga ukufakwa kabusha okuphelele, okuhlanganisa ukushintshwa kwezitifiketi ze-TSL. Mhlawumbe lawo makhasimende e-Citrix abelindele ukuthi umenzi athathe isinyathelo esisebenzayo ekuqedeni ukuba sengozini okubalulekile azobheka enye indlela. Kufanele sivume ukuthi impendulo kaCitrix ayikhuthazi.

Miningi imibuzo kunezimpendulo

Umbuzo ophakamayo, ngabe benzani abalingani abaningi beCitrix, iplatinamu negolide? Kungani ulwazi oludingekayo luvele emakhasini abanye ozakwethu be-Citrix evikini lesi-3 lika-2020 kuphela? Kusobala ukuthi ochwepheshe bangaphandle abakhokhelwa kakhulu nabo balala kulesi simo esiyingozi. Angifuni ukucasula noma ubani, kodwa umsebenzi womlingani ngokuyinhloko ukuvimbela izinkinga ezivela, futhi hhayi ukunikeza = ukuthengisa usizo ekuziqedeni.

Eqinisweni, lesi simo sabonisa isimo sangempela sezindaba emkhakheni wezokuphepha kwe-IT. Bobabili abasebenzi beminyango ye-IT yezinkampani nabaxhumanisi bezinkampani ezisebenzisana nabo be-Citrix kufanele baqonde iqiniso elilodwa: uma kukhona ubungozi, kufanele buqedwe. Hhayi-ke, ukuba sengozini okubalulekile kufanele kuqedwe ngokushesha!

Source: www.habr.com