[CDP-development] CISA - Managing the Significant Risk of Known Exploited Vulnerabilities – New Vulnerabilities Added to Repository

MASSE, THERESA theresa.masse at cisa.dhs.gov
Wed Jan 19 07:47:33 PST 2022 

FYSA




[cid:image002.png at 01D80D08.CFCB5B60]

CISA has updated the known exploited vulnerabilities catalog<https://www.cisa.gov/known-exploited-vulnerabilities-catalog> based on reliable evidence that threat actors are actively using these vulnerabilities to exploit public or private organizations.

The catalog update reflects the following additions:
CVE Number
CVE Title
CVE-2021-32648
October CMS Improper Authentication
CVE-2021-25296
Nagios XI OS Command Injection
CVE-2021-25297 
Nagios XI OS Command Injection
CVE-2021-25298
Nagios XI OS Command Injection
CVE-2021-40870
Aviatrix Controller Unrestricted Upload of File
CVE-2021-33766
Microsoft Exchange Server Information Disclosure
CVE-2021-21975
VMware Server Side Request Forgery in vRealize Operations Manager API
CVE-2021-21315
System Information Library for Node.JS Command Injection
CVE-2021-22991
F5 BIG-IP Traffic Management Microkernel Buffer Overflow
CVE-2020-14864
Oracle Corporation Business Intelligence Enterprise Edition Path Transversal
CVE-2020-13671
Drupal core Un-restricted Upload of File
CVE-2020-11978
Apache Airflow Command Injection
CVE-2020-13927
Apache Airflow's Experimental API Authentication Bypass


Please see the helpful link below:
Sign up for automated alerts anytime a vulnerability is added.<https://www.cisa.gov/known-exploited-vulnerabilities> 
  
Please contact CISA (via the reporting portal<https://us-cert.cisa.gov/report> or by phone at 1-888-282-0870) to report an intrusion or to request either technical assistance or additional resources for incident response.






Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image004.png at 01D80C6F.CA1A6420]



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 104125 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 103774 bytes
Desc: image004.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 5129 bytes
Desc: image005.jpg
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0003.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 103774 bytes
Desc: image002.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.jpg
Type: image/jpeg
Size: 5129 bytes
Desc: image006.jpg
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0004.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 103774 bytes
Desc: image004.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 5129 bytes
Desc: image005.jpg
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0005.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 16152 bytes
Desc: image004.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 103810 bytes
Desc: image002.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220119/3558da09/attachment-0011.png>

More information about the CDP-development mailing list