Snapshot
Nov. 11, 2022 - Nov. 18, 2022
CISA Known Exploited Vulnerabilities |
||||
---|---|---|---|---|
CVE | Summary | Severity | Vendor | Date Added |
CVE-2022-41049 | Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features. | MEDIUM | Microsoft | Nov. 14, 2022 |
Vulnerabilities In The News |
||||
CVE | Summary | Severity | Vendor | Risk Context |
CVE-2022-43782 | Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration... | CRITICAL | Risk Context N/A | |
CVE-2022-43781 | There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. | CRITICAL | Atlassian | Risk Context N/A |
CVE-2022-20465 | In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass ... | MEDIUM | Risk Context N/A | |
CVE-2022-41040 | Microsoft Exchange Server Elevation of Privilege Vulnerability. | HIGH | Microsoft |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
CVE-2022-36067 | vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. | CRITICAL |
Remote Code Execution Public Exploits Available |
|
CVE-2021-44228 | Apache Log4j2 2.0-beta9 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect agai... | CRITICAL | Percussion, Cisco, Netapp, Snowsoftware, Siemens, Bentley, Intel, Apache |
CISA Known Exploited Actively Exploited Public Exploits Available |
CVE-2020-12812 | An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user be... | CRITICAL | Fortinet |
CISA Known Exploited Used In Ransomware |
CVE-2017-11882 | Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microso... | HIGH | Microsoft |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
CISA Known Exploited Vulnerabilities
CISA added 1 vulnerability to the known exploited vulnerabilities list.
Microsoft — Windows |
CVE-2022-41049 / Added: Nov. 14, 2022 |
MEDIUM CVSS 5.40 |
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features. |
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2022-43782 |
CRITICAL CVSS 9.80 |
Risk Context N/A |
Published: Nov. 17, 2022 |
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3 |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2022-43781 |
CRITICAL CVSS 9.80 |
Risk Context N/A |
Published: Nov. 17, 2022 |
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”. |
Vendor Impacted: Atlassian |
Product Impacted: Bitbucket |
Quotes
|
Headlines |
Back to top ↑ |
CVE-2022-41040 |
HIGH CVSS 8.80 |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
Published: Oct. 3, 2022 |
Microsoft Exchange Server Elevation of Privilege Vulnerability. |
Vendor Impacted: Microsoft |
Product Impacted: Exchange Server |
Headlines |
Back to top ↑ |
CVE-2022-36067 |
CRITICAL CVSS 10.00 |
Remote Code Execution Public Exploits Available |
Published: Sept. 6, 2022 |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.11 of vm2. There are no known workarounds. |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2021-44228 |
CRITICAL CVSS 10.00 |
CISA Known Exploited Actively Exploited Public Exploits Available |
Published: Dec. 10, 2021 |
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. |
Vendors Impacted: Percussion, Cisco, Netapp, Snowsoftware, Siemens, Bentley, Intel, Apache |
Products Impacted: Log4j, Paging Server, Unified Communications Manager Im An, Crosswork Network Controller, Crosswork Optimization Engine, Iot Operations Dashboard, Workload Optimization Manager, Connected Mobile Experiences, Dna Spaces Connector, Mobility Services Engine, Virtualized Infrastructure Manager, Snapcenter, Common Services Platform Collector, Contact Center Management Portal, Ucs Central, Synchro 4d, Broadworks, Log4j2, Integrated Management Controller Sup, Vm Access Proxy, Cloud Connect, Automated Subsea Tuning, Business Process Automation, Virtual Topology System, Virtualized Voice Browser, Cloudcenter Suite, Optical Network Controller, Cloudcenter, Cloudcenter Suite Admin, Rhythmyx, Unity Connection, Identity Services Engine, Ontap Tools, Data Center Manager, Nexus Dashboard, Crosswork Zero Touch Provisioning, Unified Sip Proxy, Cx Cloud Agent, Enterprise Chat And Email, Unified Contact Center Management Po, Video Surveillance Manager, Unified Customer Voice Portal, Fog Director, Ucs Director, Network Insights For Data Center, Finesse, Wan Automation Engine, Cyber Vision Sensor Management Exten, Ucs Central Software, Evolved Programmable Network Manager, Crosswork Data Gateway, Advanced Malware Protection Virtual , Unified Contact Center Enterprise, Nexus Insights, Unified Communications Manager, Unified Contact Center Express, Data Center Network Manager, Intersight Virtual Appliance, Oneapi Sample Browser, Crosswork Network Automation, Crosswork Platform Infrastructure, Unified Intelligence Center, Fxos, Prime Service Catalog, Synchro, Sppa-T3000 Ses3000 Firmware, Unified Workforce Optimization, Webex Meetings Server, Connected Analytics For Network Depl, Smart Phy, Cloudcenter Workload Manager, Network Assurance Engine, Snow Commander, Sppa-T3000 Ses3000, Packaged Contact Center Enterprise, Dna Spaces, Emergency Responder, Unified Computing System, Sd-Wan Vmanage, Cloudcenter Cost Optimizer, Unified Communications Manager Im \&, Network Dashboard Fabric Controller, Cyber Vision, Network Services Orchestrator, Customer Experience Cloud Agent, Dna Center, Firepower Threat Defense, Dna Spaces\, Video Surveillance Operations Manage, Contact Center Domain Manager |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2020-12812 |
CRITICAL CVSS 9.80 |
CISA Known Exploited Used In Ransomware |
Published: July 24, 2020 |
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. |
Vendor Impacted: Fortinet |
Product Impacted: Fortios |
Quotes
|
Headlines
|
Back to top ↑ |
CVE-2017-11882 |
HIGH CVSS 7.80 |
CISA Known Exploited Actively Exploited Used In Ransomware Public Exploits Available |
Published: Nov. 15, 2017 |
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. |
Vendor Impacted: Microsoft |
Product Impacted: Office |
Quotes
|
Headlines |
Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.