Educause Security Discussion mailing list archives
Re: [EXT]: [SECURITY] FSA Notice on: Exploitation of Ellucian Banner System Vulnerability
From: "Sosnin, Josh" <Josh.Sosnin () ELLUCIAN COM>
Date: Sat, 20 Jul 2019 01:23:20 +0000
We have posted an update on this issue at the link below. Please feel free to reach out to me with any questions. https://www.ellucian.com/news/ellucian-banner-system-vulnerability-update Thanks, Josh -- Josh Sosnin | VP and CISO | ellucian CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the sender and delete this email from your system. Thank you. From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Brian Kelly <bkelly () EDUCAUSE EDU> Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, July 17, 2019 at 8:50 PM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [EXT]: [SECURITY] FSA Notice on: Exploitation of Ellucian Banner System Vulnerability **External Email** If your institution is running Banner Web Tailor versions 8.8.3, 8.8.4, and 8.9 and/or Banner Enterprise Identity Services versions 8.3, 8.3.1, 8.3.2, and 8.4, Fed Student Aid has a security alert about a vulnerability needing patching if it's not patched already: https://ifap.ed.gov/eannouncements/071719ITSecurAlertExploitationEllucianBannerSysVulnerability.html<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fifap.ed.gov%2Feannouncements%2F071719ITSecurAlertExploitationEllucianBannerSysVulnerability.html&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058860644&sdata=MTtSDC4ljNTvY8I5IBaB0b9%2B7%2BC%2BBvp73MpZ%2BOJHRi0%3D&reserved=0> Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058860644&sdata=1ng%2BoI6fffW4Q5QgkeeRg9hZB0tHOXGqOKTdxvgdHyA%3D&reserved=0> | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu> direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<https://nam03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.educause.edu%2F&data=02%7C01%7Cjosh.sosnin%40ELLUCIAN.COM%7C0247e5adc4554c96455808d70b19deea%7Cba4f1b25f4f74403892553e24140459f%7C0%7C0%7C636990078058870648&sdata=MPMnb1Uw3mGDJc7wsB4PipaF6hzR1Y%2FZnd13hEQbEWw%3D&reserved=0> 1150 18th Street, NW, Suite 900 Washington, DC 20036
Current thread:
- FSA Notice on: Exploitation of Ellucian Banner System Vulnerability Brian Kelly (Jul 17)
- Re: [EXT]: [SECURITY] FSA Notice on: Exploitation of Ellucian Banner System Vulnerability Sosnin, Josh (Jul 19)