CND News and Blog

New Vulnerabilities Thursday 10 November


New Alerts for Apple, IBM, Cisco, Hitachi, Tenable, and Linux.

Apple 

Apple has published updates for iOS, iPadOS, and macOS Ventura that fixes vulnerabilities in libxml2.
More info. And here. And here.

IBM 

IBM QRadar Network Packet Capture, IBM QRadar Assistant app for IBM QRadar SIEM, IBM Cloud Pak for Security, includes components with multiple known vulnerabilities. Highest CVSSv3 score of 9.8
More info. And here. And here. And here.

IBM Security Verify Access is vulnerable to execute arbitrary code due to jsr-sasign component. CVSSv3 score of 9.8
More info.

IBM Security Guardium is affected by multiple vulnerabilities. Highest CVSSv3 score of 9.8
More info.

Multiple security issues have been identified in the WebSphere Application and IBM HTTP Server included as part of IBM Tivoli Monitoring. Highest CVSSv3 score of 9.8
More info.

Cisco 

Cisco has published 17 new bulletins and 2 updated bulletins. Of the new bulletins, 7 are rated High, the rest Medium.
More info.

A vulnerability in the processing of SSH connections of Cisco Firepower Management Centerand Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 7.5
More info.

A vulnerability in dynamic access policies functionality of Cisco ASA Software and FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS. CVSSv3 score of 8.6
More info.

A vulnerability in the generic routing encapsulation tunnel decapsulation feature of Cisco FTD Software could allow an unauthenticated, remote attacker to cause a DoS. CVSSv3 score of 8.6
More info.

A vulnerability in SNMP access controls for Cisco FirePOWER Software for ASA FirePOWER module, Cisco Firepower Management Center Software, and Cisco Next-Generation Intrusion Prevention System Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. CVSSv3 score of 7.5
More info.

Hitachi 

Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. Highest CVSSv3 score of 5.3
More info.

Tenable 

Tenable has updated nessus to fix vulnerabilities in third-party software. Highest CVSSv3 score of 9.8
More info.

Linux 

SUSE has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 08 December 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Are You Ready To Find Out More?

Arrange a Chat With Our Friendly Service Delivery Team.