New Vulnerabilities Wednesday 08 June


Monthly Patches for Fortinet are out. New Alerts for GE Grid Solutions, HPE, Apache, InfiRay, and Linux.

Fortinet 

Fortinet Monthly Patches are out, with 7 new bulletins, 1 rated Critical, 3 rated High, and 3 Medium. Highest CVSSv3 score of 9.
More info.

Fortinet has updated Apache Airflow library to address security vulnerabilities that affect some Fortinet products. CVSSv3 score of 9
More info.

A use of hard-coded cryptographic key vulnerability in FortiDDoS API may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device. CVSSv3 score of 7.8
More info.

GE Grid 

In several GE Renewable Energy products, setting the HTTP server TCP Port number to 0 is intended to disable HTTP, but it doesn't.
More info.

HPE 

Security vulnerabilities have been identified with the HP-UX Common Internet File System (CIFS) Client/Server software. These vulnerabilities could be exploited remotely to allow unauthorized access to data, compromise system integrity, escalation of privilege, disclosure of information and bypass authentication restrictions. Highest CVSSv3 score of 7.5
More info.

Apache 

Apache HTTP Server has been updated to correct several security vulnerabilities, 1 rated Moderate and the rest rated Low.
More info.

InfiRay 

The IRAY A8Z3 thermal camera for industrial application, manufactured by Infiray/IRay Technologies, is affected by multiple vulnerabilities.
More info.

Linux 

Ubuntu has updated the kernel. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Find Out More

© Computer Network Defence Limited 2022