May 25, 2022

TheCyberThrone

Thinking Security ! Always

CISA Adds 13 New Vulnerabilities to Known Exploited list

CISA released its latest update to the Known Exploited Vulnerabilities catalog, adding 13 new vulnerabilities. Nine of the vulnerabilities have a remediation date of February 1 and four of them have a remediation date of July 18. 

The list includes an October CMS Improper Authentication, a System Information Library for node.js Command Injection vulnerability, an Oracle Corporate Business Intelligence Enterprise Edition Path Traversal vulnerability, an Apache Airflow Experimental API Authentication Bypass vulnerability, a Drupal Core Unrestricted Upload of File vulnerability, and three Nagios XI OS Command Injection vulnerabilities.

Advertisements
screen-shot-2022-01-21-at-1-33-28-pm.png

The October CMS Improper Authentication CVE-2021-32648 was allegedly used during a  cyberattack on Ukrainian government systems last week. A patch was released in September 2021. 

Previously, earlier last month on a wake of Christmas holidays CISA has updated the Known exploitable list.

%d bloggers like this: