CND News and Blog

New Vulnerabilities Thursday 19 January

michele654 Vulnerabilities Thursday, 19 January 2023 551 Hits 0 Comments

New Alerts for Cisco, WithSecure, Mitel, and Wireshark.

Cisco

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. CVSSv3 score of 4.7
More info.

WithSecure

A DoS vulnerability was discovered in WithSecure products whereby the aerdl.dll unpacker handler crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.
More info.

Mitel

A vulnerability in the ccmweb component of MiContact Center Business server could allow an unauthenticated attacker to download arbitrary files due to insufficient restriction of URL parameters. A successful exploit could allow access to sensitive information.
More info.

Wireshark

Wireshark has published 7 new bulletins identifying memory leaks and software crash vulnerabilities. Highest CVSSv3 score of 4.3
More info.

Report Print

About the author

michele654

Author's recent posts

Comments

No comments made yet. Be the first to submit a comment

CND News and Blog

New Vulnerabilities Thursday 19 January

Security Wizardry Cyber Threat Intelligence - The Radar Page

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

SecurityWizardry.com - Vulnerability Details

About the author

michele654

Author's recent posts

Comments

Other Pages