Search Results for: vuln

OMI vulnerabilities for SCOM/LogAnalytics

Thank you Aris for reaching out with questions on these new vulnerabilities! New OMI vulnerabilities for SCOM/Log Analytics Agents posted. The vulnerabilities apply to OMI component on non-windows servers with SCOM2019, SCOM2022, or Log Analytics agents.  The vulnerabilities apply to non-windows server operating systems.  See hotfix details below to resolve. OMI vulnerabilities for SCOM/LogAnalytics CVE … Continue reading “OMI vulnerabilities for SCOM/LogAnalytics”

SQL STIG vulnerabilities V-213902, V-213935

Happy leap year, let’s talk Security and SQL STIG vulnerabilities V-213902, V-213935! DISA DOD SQL STIG vulnerabilities V-213902, V-213935 SQL DBA team for RCC-C customer requesting documentation for exception, in light of vulnerabilities. V-213902 https://www.stigviewer.com/stig/ms_sql_server_2016_database/2020-09-23/finding/V-213902 V-213935 https://www.stigviewer.com/stig/ms_sql_server_2016_instance/2020-12-16/finding/V-213935 SCOM uses individual computer accounts in SQL for these findings Holman documented this since 2012 SCOM SECURITY Documentation … Continue reading “SQL STIG vulnerabilities V-213902, V-213935”

VMwareTools OpenSSL vulnerabilities

Extra Extra read all about it, VMwareTools OpenSSL vulnerabilities! Update VMwareTools to solve OpenSSL vulnerabilities CVE-2023-3446, CVE-2023-2975.  The ‘VMwareTools OpenSSL vulnerabilities’ showed up two (2) weeks ago, but it took about a week for the update to post.  Latest Tenable scan article shows OpenSSL update to v3.0.10 required for VMware Tools.     Update VMwareTools … Continue reading “VMwareTools OpenSSL vulnerabilities”

Vuln 178852 OLE DB driver

  Got another vulnerability pop up on the last scan.  ‘Vuln 178852 OLE DB driver’ has vulnerabilities and needs updated.  My experience links this NOT to  ODBC vuln 175441, thereby related to added capabilities and drivers installed with SSMS v19.  NOTE: OLE has a pre-req of the new Visual C++ Redistributable x86 and x64 bits.  … Continue reading “Vuln 178852 OLE DB driver”

Security – ODBC Vuln 175441

Security – ODBC Vuln 175441 Time to make the doughnuts again, new Security ODBC Vuln 175441 that needs to be mitigated.  Not sure if you ever saw the commercials, but this is where my mind goes sarcastic humor and all.  Whether you’re using ACAS/Tenable/Nessus for security scans, this may show up with your SCOM servers … Continue reading “Security – ODBC Vuln 175441”

Resolve HSTS vulnerability CVEs on IIS10

  This article will help resolve security HSTS vulnerability CVEs on IIS10.  The steps apply to Windows Server 2016+, to help resolve multiple vulnerabilities, including CVE-2023-23915 CVE-2023-23914 CVE-2017-7789.   There are a few ways to configure IIS, and the blog post will show how to set up HTTP response, and HTTP redirect for the SCOM web … Continue reading “Resolve HSTS vulnerability CVEs on IIS10”

ACAS scan for Java vulns PlugIn ID’s 170161,166316

  If you’re responsible for security compliance with SCOM servers, there will be times when applications need to be upgraded.   Current effort is Java vulnerabilities on your SCOM servers, current examples are plugIn ID’s  170161,166316.  Compliance and Security are big deals, even in air-gapped networks.   Why – even if external hacking risk is low, the … Continue reading “ACAS scan for Java vulns PlugIn ID’s 170161,166316”

Windows Server 2016 vuln found in Security scans

FYI – came across this today with a customer where Security scans SCOM servers.   Please note this is NOT a SCOM issue or vulnerability, and SCOM uses TLS1.2 just fine.   Found CVE-2017-8529 vulnerability on a SCOM server, so though this a good idea to communicate to the larger audience, in case Security finds … Continue reading “Windows Server 2016 vuln found in Security scans”

Compare SolarWinds and SCOM

I think of My Big Fat Greek wedding to ‘Compare SolarWinds and SCOM’.  The wedding reception, where the father says the root of his daughter, and son-in-law’s last names, are from the greek word for Orange, and Apple.  “so in the end, we’re all fruits”   We are the same but different, where diversity and inclusion … Continue reading “Compare SolarWinds and SCOM”

SCOM WebConsole HTTP Redirect

  Use this post when the SCOM WebConsole gets flagged for HTTP Redirect.  The IIS configuration is pretty easy to set up.  When your Security team contacts you to resolve VulnID 121040, the steps below should resolve the compliance finding.  Use the Microsoft learn site for more details.     Add HTTP Redirect role from … Continue reading “SCOM WebConsole HTTP Redirect”