New Alerts for Cisco (Exploit), Mitsubishi Electric, IBM, Dell, Xerox, NetApp, and Aruba.
Cisco Exploit
Cisco has published 9 new bulletins and 1 updated bulletin. Of the new bulletins, 1 is rated Critical, the rest are Medium. Highest CVSSv3 score of 9.8
More info.
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow a remote attacker to cause a DoS or execute arbitrary code with root privileges on an affected device. Exploit code exists. Only some of the vulnerable equipment will receive patches, the others are EoL. Highest CVSSv3 score of 9.8
More info.
MELSEC WS Series products have the hidden Telnet function enabled by default. An authentication bypass vulnerability allows a remote attacker to illegally log into the affected module by connecting to it via telnet. CVSSv3 score of 7.5
More info.
Vulnerabilities in Golang Go affects IBM CICS TX Standard. CVSSv3 score of 9.8
More info. And here.
IBM InfoSphere Information Server is affected by multiple vulnerabilities in JQuery, Node.js and Swagger UI. Highest CVSSv3 score of 9.8
More info.
Avamar, NetWorker Virtual Edition (NVE) and PowerProtect DP Series Appliance /IDPA remediation is available for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.
FreeFlow Print Server v7 has been updated with Oracle, OpenJDK, Apache, and Firefox patches.
More info.
NetApp has published 10 new bulletins identifying vulnerabilities in third-party software included in their products. Five have patches. Highest CVSSv3 score of 9.8
More info.
Aruba
Aruba has released patches for Aruba access points running InstantOS and ArubaOS that address multiple security vulnerabilities. Highest CVSSv3 score of 9.8
More info.
Comments