New Alerts for Cisco, VMware, IBM, Mitsubishi Electric, Moxa, Hitachi Energy, and Linux.
Cisco
Cisco has published 24 new bulletins, 1 rated Critical, 9 rated High, and 14 rated Medium. Highest CVSSv3 score of 9.9.
More info.
Vulnerabilities in Cisco FTD Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 8.6
More info. And here.
A vulnerability in the remote access VPN feature of Cisco ASA Software and Cisco FTD Software could allow a remote attacker to cause a DoS. CVSSv3 score of 8.6
More info.
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. CVSSv3 score of 7.5
More info.
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user. CVSSv3 score of 8.8
More info.
IBM Storage Ceph is vulnerable to exposure of sensitive information to an unauthorized actor in Grafana. CVSSv3 score of 9.8
More info.
Ae DoS vulnerability exists in the Web server function of the MELSEC iQ-F Series CPU module. A remote attacker could prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally, by continuously attempting unauthorized login to the Web server function. CVSSv3 score of 5.3
No patches, only workarounds.
More info.
A DoS vulnerability exists in the MELSEC-F Series main modules and MELSEC iQ-F Series CPU modules. A remote attacker may be able to reset the memory of the products to factory default state and cause a DoS. CVSSv3 score of 9.1
No patches, only workarounds.
More info.
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable due to the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service. CVSSv3 score of 7.5
More info.
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to a DoS. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. CVSSv3 score of 6.5
More info.
Hitachi Energy eSOMS product contains vulnerabilities that result in the disclosure of sensitive information such as internal file system structure, underlying technology and other sensitive parameters related to the eSOMS application configuration. CVSSv3 score of 5.3
No patches yet.
More info.
Amazon Linux 2 has updated the kernel. More info.
Comments