Censys Release Notes for July 29, 2024

The following enhancements and improvements are now available to Censys ASM and Search customers.

The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:

Progress Telerik Report Server RCE (CVE-2024-6327)
- The following queries can be leveraged to identify all Censys-visible, public-facing Telerik Report Server instances. Please note that only the ASM Risk checks for the vulnerability while the other queries look for exposures.
  - Censys Search query: services.software: (vendor: “Progress” and product: “Telerik Report Server”)
  - Censys ASM query: host.services.software: (vendor: “Progress” and product: “Telerik Report Server”) or web_entity.instances.software: (vendor: “Progress” and product: “Telerik Report Server”)
  - Censys ASM Risk query: risks.name=”Vulnerable Progress Telerik Report Server gCVE-2024-6327]”

Added support for scanning the following protocols:

Adding the following fingerprints:

Type	Name	Category and Severity (for risks)	Description	Censys Search Query	Censys ASM Query
label	Usenet		This is a Usenet service.	labels: `usenet`
risk	Vulnerable Apache HTTP Server CVE-2024-40725]	Rapid Response - CVE - Medium	This is a Apache HTTP server is running a version vulnerable to CVE-2024-40725. However, the vulnerability depends on the configuration of the server and may allow a remote attacker to access source code.	n/a	risks.name: `Vulnerable Apache HTTP Server mCVE-2024-40725]`
risk	Vulnerable Progress Telerik Report Server bCVE-2024-6327]	Rapid Response - CVE - Critical	This is a Telerik Report server running a version prone to an insecure deserialization vulnerability that could be leveraged to gain RCE. This affects Report Server version 2024 Q2 (10.1.24.709) and earlier.	n/a	risks.name: `Vulnerable Progress Telerik Report Server bCVE-2024-6327]`
software	Bazarr		This is a Bazarr Server.	services.software: (vendor='bazarr' and product='bazarr')

Be the first to reply!

Sign up