Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CISA known exploited database update #863

Merged
merged 1 commit into from
Nov 5, 2023
Merged

CISA known exploited database update #863

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions config/known_exploited_vulnerabilities.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1022,3 +1022,6 @@
"CVE-2023-4966","Citrix","NetScaler ADC and NetScaler Gateway","Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","2023-10-18","Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-08","Unknown","https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967"
"CVE-2023-20273","Cisco","Cisco IOS XE Web UI","Cisco IOS XE Web UI Command Injection Vulnerability","2023-10-23","Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.","Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.","2023-10-27","Unknown","https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z"
"CVE-2023-5631","Roundcube","Webmail","Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","2023-10-26","Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-16","Unknown","https://roundcube.net/news/2023/10/16/security-update-1.6.4-released, https://roundcube.net/news/2023/10/16/security-updates-1.5.5-and-1.4.15"
"CVE-2023-46748","F5","BIG-IP Configuration Utility","F5 BIG-IP Configuration Utility SQL Injection Vulnerability","2023-10-31","F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46747.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-21","Unknown","https://my.f5.com/manage/s/article/K000137365"
"CVE-2023-46747","F5","BIG-IP Configuration Utility","F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability","2023-10-31","F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute system commands. This vulnerability can be used in conjunction with CVE-2023-46748.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-21","Unknown","https://my.f5.com/manage/s/article/K000137353"
"CVE-2023-46604","Apache","ActiveMQ","Apache ActiveMQ Deserialization of Untrusted Data Vulnerability","2023-11-02","Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-23","Unknown","https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt"