Block all traffic inbound to the web management portal on the firewall to the server.Block all inbound traffic from external IPs to the web management port (port 91 by default).Particularly if you have an older application version that doesn’t have a minor patch available, we highly recommend locking down network access to the server(s). Q If we can’t upgrade to security patch, what other options are there? For more information, see (filter on “ PaperCut”). Trend Micro have also advised they will disclose further information (TBD) about the vulnerability on 10th May 2023. Not at this time - to give customers a chance to upgrade, we are not releasing further details about these vulnerabilities. Q Is there more information available about these vulnerabilities? Q What are the CVSS scores for these vulnerabilities? You can see the release notes pages for PaperCut MF and NG which list all fixes included per version: Q Where are the release notes for these fixes? There should be no negative impact from applying these security fixes. Q Is there any impact from applying the upgrade? PaperCut has conducted analysis on all customer reports, and the earliest signature of suspicious activity on a customer server potentially linked to this vulnerability is 14th April 01:29 AEST / 13th April 15:29 UTC PaperCut received our first report from a customer of suspicious activity on their PaperCut server on the 18th April at 03:30 AEST / 17th April 17:30 UTC. Q When was the exploit first detected in the wild? In addition to our email and in-app announcements to all customers, we’ve been using this list to proactively reach out to potentially exposed customers via multiple means from Wednesday afternoon (AEST) and are working 24/7 through the weekend. The security response team at PaperCut has been working with external security advisors to compile a list of unpatched PaperCut MF/NG servers that have ports open on the public internet. Our service desks are manned 24/7 via our support page. PaperCut and its partner network has activated response teams to assist PaperCut MF and NG customers. Q What is PaperCut doing to assist customers? See the ‘Which components are impacted’ or ‘Which components are not impacted’ rows in the table above for a detailed list. Q What products are impacted by these vulnerabilities? It’s easy to identify your edition of PaperCut - you’ll see it on the About tab or by checking the footer of your PaperCut admin login. Your PaperCut partner or reseller information can also be found on the ‘About’ tab in the PaperCut admin interface.Īlternatively, get direct downloads from here. If you are using PaperCut MF, we highly recommend following your regular upgrade process. 20.1.7 and 21.2.11) as well as the current version available. Additional links on the ‘Check for updates’ page (accessed through the Admin interface > About > Version info > Check for updates) will allow customers to download fixes for previous major versions which are still supported (e.g. Please follow your usual upgrade procedure. Even though the Site Server is not impacted by this vulnerability, you will need to upgrade them to match the version number of the Application Server. We recommend that you upgrade all Application Servers and Site Servers (see Upgrade documentation). You will not need to patch Secondary Servers (Print Providers / Direct Print Monitors) - but you can if you prefer. We recommend that you upgrade all Application Servers and Site Servers (see Upgrade documentation) PaperCut MF/NG Direct Print Monitors (Print Providers). PaperCut MF/NG secondary servers (Print Providers). Which PaperCut components or products are NOT impacted? Which PaperCut MF or NG components are impacted? What versions are not impacted / which versions are FIXED? PaperCut MF or NG version 15.0 or later (excluding patched versions), on all OS platforms. PaperCut MF or NG version 8.0 or later (excluding patched versions) on all OS platforms. What versions are impacted / which versions are VULNERABLE?
0 Comments
Leave a Reply. |