Expert Comments

Experts On Xerox DocuShare Bugs Allow Data Leaks

Expert(s):
Expert(s):

CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes. Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging users and administrators to apply a patch that plugged two security holes in recently released versions (6.6.1, 7.0, and 7.5) of Xerox’s DocuShare. The vulnerability is rated important. Tracked as CVE-2020-27177, Xerox said the vulnerabilities open Solaris, Linux, and Windows DucuShare users up to both a server-side request forgery (SSRF) attack and an unauthenticated external XML entity injection attack (XXE). Xerox issued its security advisory (XRX20W) on November 30. 

More information: https://threatpost.com/xerox-docushare-bugs/161791/

Experts Comments

Dot Your Expert Comments
Jamie Akhtar
December 04, 2020
CEO and Co-founder
CyberSmart

Organisations should implement temporary mitigation procedures until a permanent solution is offered.
Organisations can often protect themselves from the vast majority of cyber-attacks simply by adhering to a basic set of cyber hygiene standards. Chief among these is staying aware of the vulnerabilities that exist, then swiftly updating and patching devices. Xerox has already made available patches to the security flaws in their exposed systems. It is now down to organisations to implement these. Those who delay this will no doubt attract the attention of cybercriminals, who see these.....Read More
Organisations can often protect themselves from the vast majority of cyber-attacks simply by adhering to a basic set of cyber hygiene standards. Chief among these is staying aware of the vulnerabilities that exist, then swiftly updating and patching devices. Xerox has already made available patches to the security flaws in their exposed systems. It is now down to organisations to implement these. Those who delay this will no doubt attract the attention of cybercriminals, who see these businesses as an easy target. Unfortunately, software providers may not always have a ‘hot fix’ available for all software. In this case, the Solaris version of DocuShare 7.5 is not yet available. In these situations, organisations should implement temporary mitigation procedures until a permanent solution is offered.  Read Less
Niamh Muldoon
December 04, 2020
Senior Director of Trust and Security EMEA
OneLogin

Security Automation is hugely beneficial to delivering quick responses to reduce risk exposure.
Bugs such as this are very concerning, particularly as document signing happens online more and more. This is an example of the importance of an Enterprise Security Programme, where organisations understand their Information Assets and have an up-to-date Asset Management Inventory. By having these, organisations can prioritise applying patches when vulnerabilities and/or bugs like this are announced. The prioritisation of applying patches varies from organisation to organisation, but should.....Read More
Bugs such as this are very concerning, particularly as document signing happens online more and more. This is an example of the importance of an Enterprise Security Programme, where organisations understand their Information Assets and have an up-to-date Asset Management Inventory. By having these, organisations can prioritise applying patches when vulnerabilities and/or bugs like this are announced. The prioritisation of applying patches varies from organisation to organisation, but should fundamentally be based on risk assessment criteria of the services offered by the exposed website, i.e. payments, authentication credentials, and PII data. Security Automation is hugely beneficial to delivering quick responses to reduce risk exposure. Multi-Factor Authentication (MFA) plays a role in reducing the risk of this vulnerability being exploited, exposing critical data. However, that is dependent on the second and third-factor types, i.e. token type and how they have been implemented/configured with the WordPress Site.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

15 Schools Hit By Cyberattack In Nottinghamshire

Qualys Hit With Ransomware And Customer Invoices Leaked

Experts Reaction On PrismHR Hit By Ransomware Attack

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And...

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords