New Alerts for Palo Alto Networks (0-Day), Rockwell Automation, Dell, IBM, and Linux.
Palo Alto Networks
A command injection vulnerability in the GlobalProtect feature for specific PAN-OS versions and distinct feature configurations may enable a remote attacker to execute arbitrary code with root privileges on the firewall. CVSSv4 score of 10
Patches expected by 14 April, this is being exploited.
More info.
An input validation vulnerability exists in 5015-AENFTXT that causes the secondary adapter to result in a major nonrecoverable fault when malicious input is entered resulting in a DoS that requires a manual restart. CVSSv4 score of 8.7
More info.
ControlLogix and GuardLogix are vulnerable to a major nonrecoverable fault due to an invalid header value resulting in a DoS that requires a manual restart. CVSSv4 score of 9.2
More info.
Storage Resource Manager and Storage Monitoring and Reporting remediation is available for multiple security vulnerabilities. Dell rates this Critical.
More info.
IBM Sterling B2B Integrator uses Apache Commons BCEL and contains a vulnerability. CVSSv3 score of 9.8
More info.
Due to use of Postgresql JDBC, IBM Instana Observability is vulnerable to SQL injection. CVSSv3 score of 10
More info.
IBM Disconnected Log Collector includes components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.
IBM QRadar SIEM includes vulnerable components that could be identified and exploited with automated tools. Highest CVSSv3 score of 9.8.
More info.
SUSE has updated the kernel. More info.
Comments