Cyber Security Information Portal
Vulnerability Summary for the Week of September 5, 2022 09/12/2022 09:46 AM EDT Original release date: September 12, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source …
Continue reading “Vulnerability Summary for the Week of September 5, 2022”
Apache Releases Security Advisory for Tomcat 05/16/2022 11:00 AM EDT Original release date: May 16, 2022 The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review Apache’s security advisory and apply the …
Continue reading “Apache Releases Security Advisory for Tomcat”
01/21/2022 10:19 AM EST Original release date: January 21, 2022 CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose …
Continue reading “CISA Adds Four Known Exploited Vulnerabilities to Catalog”
CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities Original release date: December 17, 2021 CISA has issued Emergency Directive (ED) 22-02: Mitigate Apache Log4j Vulnerability], directing federal civilian executive branch (FCEB) agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228. Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations …
Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation 12/10/2021 09:50 AM EST Original release date: December 10, 2021 The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control …
Cisco Releases Security Advisory for Multiple Products Affected by Apache HTTP Server Vulnerabilities 12/09/2021 11:59 AM EST Original release date: December 9, 2021 Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take …
Apache Releases Security Advisory for Tomcat 10/15/2021 11:11 AM EDT Original release date: October 15, 2021 The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition. CISA encourages users and administrators to review Apache’s …
Continue reading “Apache Releases Security Advisory for Tomcat ”
Apache Releases Security Update for Apache HTTP Server 10/06/2021 12:13 PM EDT Original release date: October 6, 2021 The Apache Software Foundation has released Apache HTTP Server version 2.4.50 to address two vulnerabilities. An attacker could exploit these vulnerabilities to take control of an affected system. One vulnerability, CVE-2021-41773, has been exploited in the wild. The …
Continue reading “Apache Releases Security Update for Apache HTTP Server”