![]() Apply “Allow list” restrictions under Options > Advanced > Security > Allowed site server IP addresses.Note: this will prevent lateral movement from internal hosts but management of the PaperCut service can only be performed on that asset. Block all traffic inbound to the web management portal on the firewall to the server.Block all inbound traffic from external IPs to the web management port (port 91 by default).PaperCut advises those who are unable to apply the patches to follow the below steps: Your PaperCut partner or reseller information can also be found on the ‘About’ tab in the PaperCut admin interface. If you are using PaperCut MF, we highly recommend following your regular upgrade process.20.1.7 and 21.2.11) as well as the current version available. Additional links on the ‘Check for updates’ page (accessed through the Admin interface > About > Version info > Check for updates) will allow customers to download fixes for previous major versions which are still supported (e.g. Please follow your usual upgrade procedure.These flaws are quite severe, so it’s absolutely worth your time to get things updated as soon as possible. A recent check in security tool Shodan's search functionality highlights roughly 1,700 software instances currently exposed to the internet. If you update your PaperCut application servers, you are no longer at risk. ![]() MitigationĪt time of writing, both security issues have been addressed with patches. Two specific vulnerabilities are at the heart of this alert, and are ranked with severity scores of 9.8 (critical) and 8.2 (high) respectively. Full information about the individual security flaws has not been revealed, in order to reduce the likelihood of more attackers making use of them. A security vulnerability which exploits unpatched servers has been seen in the wild, with serious ramifications for any organisation impacted. PaperCut, maker of print management solutions, has urged product users to update as soon as possible.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |