Security - VMSA-2021-0002 Vmware 6.5/6.7/7.0 Vulnerability Severity 9.8

VMware vCenter Server updates address remote code execution vulnerability in the vSphere Client (CVE-2021-21972)

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Known Attack Vectors

A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. 

Resolution

To remediate CVE-2021-21972 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.

Workarounds

Workarounds for CVE-2021-21972 have been listed in the 'Workarounds' column of the 'Response Matrix' below.

More details here

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

https://edge9.hwupgrade.it/news/security/gli-hacker-vanno-alla-ricerca-dei-server-vmware-non-patchati-una-grave-falla-permette-agli-attaccanti-di-violarli-facilmente_95865.html


Cisco - AnyConnect Domain Password change

Using Cisco Any Connect with AD users you may face that you account password is expired and you are unable to connect. To override problem you need to configure Cisco ASA to authenticate, to DC, indeed with normal LDAP standards (over 389 TCP port) using LDAPS (636 TCP port).

Your AD server must be able to authenticate via LDAPS (normally is not configured)

Here it is an article that explain how to do that

https://www.petenetlive.com/KB/Article/0001273

About LDAPS you can give a look to below article to have a major idea:

https://techcommunity.microsoft.com/t5/sql-server/step-by-step-guide-to-setup-ldaps-on-windows-server/ba-p/385362

https://www.petenetlive.com/KB/Article/0000962


P.S. 1 for LDAP(s) testing purposes you can use ldp.exe DC utility Open utility:

C:\> ldp.exe

From Connection, select Connect.

Enter name of target domain controller.

Enter 636 as port number (this is the LDAPS port).

Click OK to confirm the connection works.

You're all done!


P.S. 2 consider that Citrix Netscaler requires LDAPs to permit users to change password when it is expired (otherwise user is blocked)

Tips - Errore di autenticazione La funzione richiesta non è supportata La causa potrebbe essere la Correzione crittografia Oracle per CredSSP.

 During these days I faced below error when trying to logon on remote clients/servers:


Connessione Desktop Remoto

Errore di autenticazione.

La funzione richiesta non è supportata.

Computer remoto:

La causa potrebbe essere la Correzione crittografia Oracle per CredSSP.

Per altre informazioni, vedi 

https://go.microsoft.com/fwlink/?linkid=866660

I followed below article instructions.

Basically I changed gpedit.msc single setting and then launched 

start --> CMD --> Gpudate /force.

After these actions problem was succesfully fixed.

http://www.marioserra.eu/2018/05/18/rdp-update-windows-10-errore-crittografia-oracle-per-credssp/

Cisco - WLC 3504 how to create new SSID and reset password

If you manage your wireless infrastructure using Cisco WLC 3504 here they are steps to create a new Wireless SSID and how you can reset password:

Outlook - How to defer all email sent after xy minutes

In real world it might happen to send wrong emails ( contents and destination contacts) and realize, after a while, that you already clicked on Outlook send button.

To avoid this kind of mistakes you can configure your outlook to send all emails only after waiting xy amount of time. (from 1 to 120 minutes)

Original article and more details can be found at below link:

https://www.ablebits.com/office-addins-blog/2019/09/25/schedule-email-delay-delivery-outlook/

Here they are basics step by step screenshots that well explain how to get that.























Apple - Automate tasks/actions with "Shortcuts" app

Today I would like to share and mention this Apple App that work fine with iPad and Iphone.

It permit to create automatic tasks,shortcuts with multipe steps scripts, scheduling, one click actions  and automating things you do regularly on your iPhone and iPad.


https://apps.apple.com/us/app/workflow/id915249334