UCSF IT Technology

Suse released multiple security updates in June for various Suse products.For a complete description of the vulnerabilities and affected systems go to Suse June 2024 Archives by date.IT SecurityRead more about IT Security service offerings.

GitLab released security updates to address a Critical and other vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE).For a complete description of the vulnerabilities and affected systems go to GitLab Critical Patch Release: 17.1.1, 17.0.3, 16.11.5.IT SecurityRead more about IT Security service offerings.

Threat Ale

Why is UCSF doing this program now? 

UCSF Information Technology (UCSF IT) kicked off a project in October 2023, to implement multiple solutions to ensure best-in-class identity and access management. The team has completed a discovery phase, which involved planning and gathering requirements for how the new systems will be configured. The project team has entered the Design Phase, which is scheduled to conclude in August 2024.This project is anticipated to conclude in Spring 2026 with multiple benchmarks and milestones in the interim.

Fortra released a security advisory to address a Critical, POC Available vulnerability in Fortra FileCatalyst Workflow. An attacker could exploit this vulnerability to create an admin user and modify application data.