BEA Job
Technical:
1. Search result of the CRA. Email to Keith.
Weekly Risk Assessment on 5 Cyber Threats (CRA-20241002) Please respond by COB 2024-10-08
Fill table:
Fill Docs: G:\USST\Yearly_Exercise\Patch_Management\2023-PatchManagement\2023 Patch Assessment Report.xlsx
e.g
CVE-2024-42148
2. Download RHEL repository
1. view edit key, renew key for xml file
2. Run repo job
3. review status
4. update catalog
5. apply cherry pdf.
---
RHEL 7 8
repository server: lappdm05p
RHEL 9
repository server: lappdm03p
Run Job of downlaod RHEL 7 8 9 repository on TSSA
Edit redhat-downloader-config.xml before run job.
RHEL7: Edit redhat-downloader-config79_2024.xml
/Apps/patchteam/7/1
/Apps/patchteam/7/2
/Apps/patchteam/7/3
RHEL8: Edit redhat-downloader-config8_2024.xml
/Apps/patchteam/8/1
/Apps/patchteam/8/2
/Apps/patchteam/8/3
RHEL9: Edit redhat-downloader-config9_2024.xml
/apps/patchteam/9/1
/apps/patchteam/9/2
/apps/patchteam/9/3
Send Patch-Validation pdf Cherry signing.
File Path: G:\USST\Yearly_Exercise\Patch_Management\2024-PatchManagement\Patch-Validation
Create a word file. Plus this month's repository photos. Save as pdf, sign and email.
3. AIX 7.1 7.2 7.3
repository download by manuel
repository server: (*** repository can't download by TSSA)
Download by: using your browser (HTTPS)
https://www.ibm.com/support/fixcentral/aix/selectFixes?release=7.3&function=release
Login: chowdyk@hkbea.com
PWD: BEAuss1234
e.g.
Fill:
Machine type Machine Serial Number From(G:\USST\Inventory\info4.xlsm)
5765 78FFBE0
Download it.
ref: D:\Guide-Kevin\Server Inventory.xlsx
4. Solaris 10 11
repository download by manuel.
repository server: (*** repository can't download by TSSA)
Download by: using your browser (HTTPS)
https://support.oracle.com/portal/#
Login: uss-info@hkbea.com
PWD: Oracle123
Solaris11 repo list:
https://support.oracle.com/knowledge/Sun%20Microsystems/2433412_1.html
5. ref
D:\Guide-Kevin\2 - RHEL\BMC Truesight Server Automation 21.02 Operation Manual v2.2.docx
D:\Guide-Kevin\2 - RHEL\BMC(TSSA RHEL)\How to download RHEL 8 local repository by command on lappdm05p.pdf
D:\Guide-Kevin\2 - RHEL\BMC(TSSA RHEL)\rhel repository status.txt
6. Emergent AIX 7.1 7.2 7.3 high-risk vulnerabilities
How to search plugin name solution of AIX for vulnerability status xlsx?
plugin name --> Tenable --> CVE --> IBM --> Bulletin --> Patch
e.g.
AIX 7.3 TL 2 : kernel (IJ50934)
Search plugin name IJ50934 on Tenable.
https://www.tenable.com/plugins/nessus/195306
Get CVE-2024-27273 from plugin name IJ50934.
---
Analysis CVE-2024-27273 result, Email to Keith:
Description:
https://www.ibm.com/support/pages/node/7152543
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command
to execute arbitrary commands. IBM X-Force ID: 283985.
CVSS Base Score: 8.4
AFFECTED PRODUCTS AND VERSIONS:
AIX 7.2, 7.3
To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.
lslpp -L | grep -i invscout.rte
The AIX fixes can be downloaded via https from:
https://aix.software.ibm.com/aix/efixes/security/invscout_fix6.tar
If The iFix has a prereq of invscout.rte fileset level 2.2.0.25, which is available from:
https://aix.software.ibm.com/aix/efixes/security/invscout_fix5.tar
The following fileset levels are vulnerable:
7.2, 7.3 is22026s1a.240514.epkg.Z invscout.rte(2.2.0.25)
To extract the fixes from the tar file:
tar xvf invscout_fix5.tar
tar xvf invscout_fix6.tar
To preview the fix installation:
installp -apYd . invscout
To install the fix package:
installp -aXYd . invscout
*** Download the patch based on the above results. Create repository and job. Schedule deployment.
1. Search result of the CRA. Email to Keith.
Weekly Risk Assessment on 5 Cyber Threats (CRA-20241002) Please respond by COB 2024-10-08
Fill table:
Fill Docs: G:\USST\Yearly_Exercise\Patch_Management\2023-PatchManagement\2023 Patch Assessment Report.xlsx
e.g
CVE-2024-42148
2. Download RHEL repository
1. view edit key, renew key for xml file
2. Run repo job
3. review status
4. update catalog
5. apply cherry pdf.
---
RHEL 7 8
repository server: lappdm05p
RHEL 9
repository server: lappdm03p
Run Job of downlaod RHEL 7 8 9 repository on TSSA
Edit redhat-downloader-config.xml before run job.
RHEL7: Edit redhat-downloader-config79_2024.xml
/Apps/patchteam/7/1
/Apps/patchteam/7/2
/Apps/patchteam/7/3
RHEL8: Edit redhat-downloader-config8_2024.xml
/Apps/patchteam/8/1
/Apps/patchteam/8/2
/Apps/patchteam/8/3
RHEL9: Edit redhat-downloader-config9_2024.xml
/apps/patchteam/9/1
/apps/patchteam/9/2
/apps/patchteam/9/3
Send Patch-Validation pdf Cherry signing.
File Path: G:\USST\Yearly_Exercise\Patch_Management\2024-PatchManagement\Patch-Validation
Create a word file. Plus this month's repository photos. Save as pdf, sign and email.
3. AIX 7.1 7.2 7.3
repository download by manuel
repository server: (*** repository can't download by TSSA)
Download by: using your browser (HTTPS)
https://www.ibm.com/support/fixcentral/aix/selectFixes?release=7.3&function=release
Login: chowdyk@hkbea.com
PWD: BEAuss1234
e.g.
Fill:
Machine type Machine Serial Number From(G:\USST\Inventory\info4.xlsm)
5765 78FFBE0
Download it.
ref: D:\Guide-Kevin\Server Inventory.xlsx
4. Solaris 10 11
repository download by manuel.
repository server: (*** repository can't download by TSSA)
Download by: using your browser (HTTPS)
https://support.oracle.com/portal/#
Login: uss-info@hkbea.com
PWD: Oracle123
Solaris11 repo list:
https://support.oracle.com/knowledge/Sun%20Microsystems/2433412_1.html
5. ref
D:\Guide-Kevin\2 - RHEL\BMC Truesight Server Automation 21.02 Operation Manual v2.2.docx
D:\Guide-Kevin\2 - RHEL\BMC(TSSA RHEL)\How to download RHEL 8 local repository by command on lappdm05p.pdf
D:\Guide-Kevin\2 - RHEL\BMC(TSSA RHEL)\rhel repository status.txt
6. Emergent AIX 7.1 7.2 7.3 high-risk vulnerabilities
How to search plugin name solution of AIX for vulnerability status xlsx?
plugin name --> Tenable --> CVE --> IBM --> Bulletin --> Patch
e.g.
AIX 7.3 TL 2 : kernel (IJ50934)
Search plugin name IJ50934 on Tenable.
https://www.tenable.com/plugins/nessus/195306
Get CVE-2024-27273 from plugin name IJ50934.
---
Analysis CVE-2024-27273 result, Email to Keith:
Description:
https://www.ibm.com/support/pages/node/7152543
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command
to execute arbitrary commands. IBM X-Force ID: 283985.
CVSS Base Score: 8.4
AFFECTED PRODUCTS AND VERSIONS:
AIX 7.2, 7.3
To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.
lslpp -L | grep -i invscout.rte
The AIX fixes can be downloaded via https from:
https://aix.software.ibm.com/aix/efixes/security/invscout_fix6.tar
If The iFix has a prereq of invscout.rte fileset level 2.2.0.25, which is available from:
https://aix.software.ibm.com/aix/efixes/security/invscout_fix5.tar
The following fileset levels are vulnerable:
7.2, 7.3 is22026s1a.240514.epkg.Z invscout.rte(2.2.0.25)
To extract the fixes from the tar file:
tar xvf invscout_fix5.tar
tar xvf invscout_fix6.tar
To preview the fix installation:
installp -apYd . invscout
To install the fix package:
installp -aXYd . invscout
*** Download the patch based on the above results. Create repository and job. Schedule deployment.
浙公网安备 33010602011771号