New Vulnerabilities Friday 17 June


New Alerts for AutomationDirect, HPE, Dell, IBM, NetApp, and Linux.

AutomationDirect 

AutomationDirect's DirectLOGIC with Ethernet Communication Modules contain several vulnerabilities, including Uncontrolled Resource Consumption and Cleartext Transmission of Sensitive Information. Successful exploitation of these vulnerabilities could cause a loss of sensitive information, unauthorized changes, and a DoS. CVSSv3 score of 7.5
More info.

AutomationDirect's C-more EA9 HMI contains several vulnerabilities, including Uncontrolled Search Path Element and Cleartext Transmission of Sensitive Information. Successful exploitation of these vulnerabilities could cause a loss of sensitive information. Highest CVSSv3 score of 7.8
More info.

HPE 

A security vulnerability in HPE Cray EX Supercomputers/Shasta System Solutions and HPE Slingshot Switches could be remotely exploited to allow authentication bypass. CVSSv3 score of 9.8
More info.

Dell

Security updates are available for Dell EMC PowerScale OneFS remediation to fix vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical. Highest CVSSv3 score of 9.6
More info.

IBM 

IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.

NetApp 

NetApp has published 6 new bulletins identifying vulnerabilities in third-party software included in their products. Only one has been patched.
More info.

Linux 

SUSE has updated the kernel. More info.
Red Hat has updated grub2. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Find Out More

© Computer Network Defence Limited 2022