Published: January 04, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
The Linux Imunify360 Server Security Suite provides its customers with real-time website and web server protections and was recently in need of a security patch itself. A flaw in the CloudLinux’s Imunify360, part of the Security Suite, exposed a code vulnerability putting users in the path of potential arbitrary code execution and web server takeovers. This flaw was enough to earn a security severity rating of “high” and fortunately, the security patch created by Linux is available specifically for those using CloudLinux’s Imunify360 versions 5.8 and 5.9.
Flaw in Ai-Bolit Function
In a recently published security advisory about CloudLinux’s flaw, incident response providers Cisco Talos found the flaw was in the Ai-Bolit malware scanner function’s software. Ai-Bolit scans website-related files and checks that data is sanitized and free of infection before it enters a system. The Ai-Bolit flaw means data isn’t sanitized first, allowing arbitrary code execution by threat actors.
As cloud use among all varieties of enterprise increases, the cloud security landscape and the resulting flaws are a growing problem. According to the Cloud Security Alliance (CSA), those now depending on the cloud use face the following issues and much more: data breaches; cloud misconfigurations; poor cloud strategy for security architecture; account hijacking, and poor identity security.
Imunify360 provides a security suite for its Linux web servers where users can configure a wide range of protections features themselves. The menu of security services for Suite customers includes: intrusion detection and prevention; advanced firewall features; anti-virus and anti-malware scanning; automatic patch management; domain blacklisting, and a web-host panel for integrating all services. However, should users misconfigure cloud protections, something becoming increasingly common, security issues are bound to increase.
Update: CloudLinux Ai-Bolit Flaw Patch
Linux’s Imunify team says developers using Imunify360 should update to their latest release. Imunify’s Head of Product Development comments “After validating the vulnerability report information, the Imunify team prepared and released updated versions of the affected software.” He continued “If you're running version 5.11.3 or later of Ai-Bolit, the update is automatic (and you're likely already running a protected version or you will be receiving the update very soon). At this time, there is no known exploit in the wild…”
If you haven’t addressed this issue, it’s highly recommended you delay no longer.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com