New Alerts for AutomationDirect, HPE, Dell, IBM, NetApp, and Linux.
AutomationDirect
AutomationDirect's DirectLOGIC with Ethernet Communication Modules contain several vulnerabilities, including Uncontrolled Resource Consumption and Cleartext Transmission of Sensitive Information. Successful exploitation of these vulnerabilities could cause a loss of sensitive information, unauthorized changes, and a DoS. CVSSv3 score of 7.5
More info.
AutomationDirect's C-more EA9 HMI contains several vulnerabilities, including Uncontrolled Search Path Element and Cleartext Transmission of Sensitive Information. Successful exploitation of these vulnerabilities could cause a loss of sensitive information. Highest CVSSv3 score of 7.8
More info.
A security vulnerability in HPE Cray EX Supercomputers/Shasta System Solutions and HPE Slingshot Switches could be remotely exploited to allow authentication bypass. CVSSv3 score of 9.8
More info.
Security updates are available for Dell EMC PowerScale OneFS remediation to fix vulnerabilities that may be exploited by remote attackers to compromise the affected system. Dell rates this Critical. Highest CVSSv3 score of 9.6
More info.
IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities. Highest CVSSv3 score of 9.8
More info.
NetApp has published 6 new bulletins identifying vulnerabilities in third-party software included in their products. Only one has been patched.
More info.
SUSE has updated the kernel. More info.
Red Hat has updated grub2. More info.
Oracle Linux has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Security Wizardry Cyber Threat Intelligence - The Radar Page
Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page