Skip to main content

CND News and Blog

New Vulnerabilities Monday 23 September


New Alerts for Apache Tomcat, NetApp, F5, HPE, and Linux.

Apache 

Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.
More info.

NetApp 

NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Highest CVSSv3 score of 8.8
No patches yet.
More info.

F5 

Traffix SDC contains a vulnerability that allows a remote attacker to inject additional attributes into elements and perform XSS attacks, potentially leading to unauthorized actions or information disclosure. CVSSv3 score of 5.4.
More info.

BIG-IP Next products contain a vulnerability that allows a remote attacker to cause a DoS. Highest CVSSv3 score of 5.9
No patches.
More info.

HPE 

A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a CSRF in the login flow. CVSSv3 score of 4.3
More info.

Linux 

SUSE has updated the kernel. More info.
Ubuntu has updated the kernel. More info.
Amazon Linux 2 has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 04 October 2024

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/