Re: [EXT]: [SECURITY] FSA Notice on: Exploitation of Ellucian Banner System Vulnerability

["Sosnin, Josh" <Josh.Sosnin () ELLUCIAN COM>]

We have posted an update on this issue at the link below.  Please feel free to reach out to me with any questions.

https://www.ellucian.com/news/ellucian-banner-system-vulnerability-update

Thanks,

Josh

--
Josh Sosnin | VP and CISO | ellucian
CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged 
information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the 
sender and delete this email from your system. Thank you.


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Brian Kelly 
<bkelly () EDUCAUSE EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, July 17, 2019 at 8:50 PM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXT]: [SECURITY] FSA Notice on: Exploitation of Ellucian Banner System Vulnerability

**External Email**
If your institution is running Banner Web Tailor versions 8.8.3, 8.8.4, and 8.9 and/or Banner Enterprise Identity 
Services versions 8.3, 8.3.1, 8.3.2, and 8.4, Fed Student Aid has a security alert about a vulnerability needing 
patching if it's not patched already: 
https://ifap.ed.gov/eannouncements/071719ITSecurAlertExploitationEllucianBannerSysVulnerability.html<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fifap.ed.gov%2Feannouncements%2F071719ITSecurAlertExploitationEllucianBannerSysVulnerability.html&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058860644&sdata=MTtSDC4ljNTvY8I5IBaB0b9%2B7%2BC%2BBvp73MpZ%2BOJHRi0%3D&reserved=0>


Brian Kelly, CISSP, CISM, CEH
Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
Follow HEISC on 
LinkedIn<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058860644&sdata=1ng%2BoI6fffW4Q5QgkeeRg9hZB0tHOXGqOKTdxvgdHyA%3D&reserved=0>
 | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu>

direct: 720.406.6757 | mobile 475.449.6440 | 
educause.edu<https://nam03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2F&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058870648&sdata=MPMnb1Uw3mGDJc7wsB4PipaF6hzR1Y%2FZnd13hEQbEWw%3D&reserved=0>
1150 18th Street, NW, Suite 900 Washington, DC 20036