CVE-2021-44228

Ciscso Log4j sérülékenysége
Angol cím: Cicso Log4j vulnerability

Publikálás dátuma: 2021.12.10.
Utolsó módosítás dátuma: 2023.11.07.


Leírás

Bemenet ellenőrzés: A termék nem vagy nem megfelelően validálja a bemeneti adatot, ami befolyásolhatja a program adat vagy vezérlési folyamát.
Nem ellenőrzött erőforrás fogyasztás (‘erőforrás-kimerülés’): A program nem megfelelően korlátozza az erőforrások méretét, amely következtében egy felhasználó több erőforrást fogyaszthat el a tervezettnél.
Nem megbízható adatok deszerializációja: Az applikáció úgy deszerializálja a nem megbízható adatokat, hogy nem ellenőrzi az eredmény hitelességét.

Leírás forrása: CWE-20, CWE-400, CWE-502


Elemzés leírás

Eredeti nyelven: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Elemzés leírás forrása: CVE-2021-44228


Hatás

CVSS3.1 Súlyosság és Metrika

Alap pontszám: 10 (Kritikus)
Vektor: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Hatás pontszáma: 6
Kihasználhatóság pontszáma: 3.9


Támadás Vektora (AV): Hálózat
Támadás komplexitása (AC): Alacsony
Jogosultság Szükséges (PR): Nincs
Felhasználói Interakció (UI): Nincs
Hatókör (S): Változott
Bizalmasság Hatása (C): Magas
Sértetlenség Hatása (I): Magas
Rendelkezésre állás Hatása (A): Magas

Sérülékeny szoftverek

Apache Software Foundation Log4j 2.0.1-tól 2.3.1 előttig
Apache Software Foundation Log4j 2.4.0-tól 2.12.2 előttig
Apache Software Foundation Log4j 2.13.0-tól 2.15.0 előttig
Apache Software Foundation Log4j 2.0
Apache Software Foundation Log4j Beta9 2.0
Apache Software Foundation Log4j Release Candidate 1 2.0
Apache Software Foundation Log4j Release Candidate 2 2.0
Siemens SPPA-T3000 SeS3000 nem érintett
siemens / sppa-t3000 ses3000 firmware
siemens / captial 2019.1 előttig
Siemens Captial 2019.1
Siemens Captial Service Pack 1912 2019.1
Siemens COMOS Update 457
Siemens Desigo CC Advanced Reports 4.0
Siemens Desigo CC Advanced Reports 4.1
Siemens Desigo CC Advanced Reports 4.2
Siemens Desigo CC Advanced Reports 5.0
Siemens Desigo CC Advanced Reports 5.1
Siemens Desigo Cc Info Center 5.0
Siemens Desigo Cc Info Center 5.1
siemens / e-car operation center 2021-12-13 előttig
Siemens Energy Engage 3.1
Siemens EnergyIP 8.5
Siemens EnergyIP 8.6
Siemens EnergyIP 8.7
Siemens EnergyIP 9.0
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens GMA-Manager 8.6.2j-398 előttig
Siemens Head-end System Universal Device Integration System
Siemens Industrial Edge Management
siemens / industrial edge management hub 2021-12-13 előttig
Siemens Logo! Soft Comfort
Siemens Mendix
siemens / mindsphere 2021-12-11 előttig
siemens / navigator 2021-12-13 előttig
siemens / nx
Siemens Opcenter Intelligence
Siemens Operation Scheduler
Siemens SENTRON powermanager 4.1
Siemens SENTRON powermanager 4.2
Siemens SIGUARD DSA 4.2
Siemens SIGUARD DSA 4.3
Siemens SIGUARD DSA 4.4
Siemens SiPass Integrated 2.80
Siemens SiPass Integrated 2.85
siemens / siveillance command
Siemens Siveillance Control Pro
Siemens Siveillance Identity 1.5
Siemens Siveillance Identity 1.6
Siemens Siveillance Vantage
siemens / siveillance viewpoint
siemens / solid edge cam pro
siemens / solid edge harness design 2020 előttig
Siemens Solid Edge Harness Design 2020
Siemens Solid Edge Harness Design 2020
Siemens Solid Edge Harness Design Service Pack 2002 2020
Siemens Spectrum Power 4 4.70 előttig
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4 Service Pack 7 4.70
Siemens Spectrum Power 4 Service Pack 8 4.70
Siemens Spectrum Power 7 2.30 előttig
Siemens Spectrum Power 7 2.30
Siemens Spectrum Power 7 2.30
Siemens Spectrum Power 7 Service Pack 2 2.30
Siemens Teamcenter
Siemens Vesys 2019.1 előttig
Siemens Vesys 2019.1
Siemens Vesys 2019.1
Siemens Vesys Service Pack 1912 2019.1
Siemens Xpedition Enterprise
Siemens Xpedition Package Integrator
Intel Audio Development Kit
Intel Computer Vision Annotation Tool
Intel Data Center Manager 5.1 előttig
Intel Genomics Kernel Library
Intel oneAPI Sample Browser for Eclipse
Intel Secure Device Onboard
Intel Sensor Solution Firmware Development Kit
Intel System Debugger
Intel System Studio
Debian Linux 9.0
Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedora 35
Sonicwall Email Security 10.0.12 előttig
NetApp Active IQ Unified Manager for Linux
NetApp Active IQ Unified Manager for VMware vSphere
NetApp Active IQ Unified Manager for Windows
Netapp Cloud Insights
NetApp Cloud Manager
NetApp Cloud Secure Agent
Netapp Oncommand Insight
NetApp Ontap Tools for Vmware Vsphere
NetApp Snapcenter for Vmware Vsphere
cisco / advanced malware protection virtual private cloud appliance 3.5.4 előttig
cisco / automated subsea tuning 2.1.0 előttig
cisco / broadworks 2021.11_1.162 előttig
cisco / business process automation 3.0.000.115 előttig
cisco / business process automation 3.1.000.000-tól 3.1.000.044 előttig
cisco / business process automation 3.2.000.000-tól 3.2.000.009 előttig
cisco / cloud connect 12.6(1) előttig
cisco / cloudcenter 4.10.0.16 előttig
cisco / cloudcenter cost optimizer 5.5.2 előttig
cisco / cloudcenter suite admin 5.3.1 előttig
cisco / cloudcenter workload manager 5.5.2 előttig
Cisco Common Services Platform Collector (CSPC) 2.9.1.3 előttig
cisco / common services platform collector 2.10.0-tól 2.10.0.1 előttig
Cisco Connected Mobile Experiences
cisco / contact center domain manager 12.5(1) előttig
cisco / contact center management portal 12.5(1) előttig
cisco / crosswork data gateway 2.0.2 előttig
Cisco Crosswork Data Gateway 3.0.0
cisco / crosswork network controller 2.0.1 előttig
Cisco Crosswork Network Controller 3.0.0
cisco / crosswork optimization engine 2.0.1 előttig
Cisco Crosswork Optimization Engine 3.0.0
cisco / crosswork platform infrastructure 4.0.1 előttig
Cisco Crosswork Platform Infrastructure 4.1.0
cisco / crosswork zero touch provisioning 2.0.1 előttig
Cisco Crosswork Zero Touch Provisioning 3.0.0
cisco / customer experience cloud agent 1.12.1 előttig
cisco / cyber vision sensor management extension 4.0.3 előttig
Cisco Data Center Network Manager (DCNM) 11.3(1) előttig
Cisco Data Center Network Manager (DCNM) 11.3(1) 11.3(1)
Cisco DNA Center 2.1.2.8 előttig
Cisco DNA Center 2.2.2.0-tól 2.2.2.8 előttig
Cisco DNA Center 2.2.3.0-tól 2.2.3.4 előttig
Cisco DNA Spaces: Connector 2.5 előttig
Cisco Emergency Responder 11.5(4) előttig
Cisco Enterprise Chat And Email 11.5(1) 12.0(1) előttig
Cisco Evolved Programmable Network Manager
Cisco Finesse 12.6(1) előttig
Cisco Finesse 12.6(1) 12.6(1)
Cisco Fog Director
Cisco Identity Services Engine (ISE) 2.4.0 előttig
Cisco Identity Services Engine 2.4.0
Cisco Integrated Management Controller Supervisor 2.3.2.1 előttig
Cisco Intersight Virtual Appliance 1.0.9-361 előttig
Cisco IoT Operations Dashboard
Cisco Network assurance engine 2.1(1a) 6.0.2 előttig
Cisco Network Services Orchestrator 5.3.5.1 előttig
Cisco Network Services Orchestrator (NSO) 5.4-tól 5.4.5.2 előttig
Cisco Network Services Orchestrator (NSO) 5.5-tól 5.5.4.1 előttig
Cisco Network Services Orchestrator (NSO) 5.6-tól 5.6.3.1 előttig
Cisco Nexus Dashboard 2.1.2 előttig
cisco / nexus insights 6.0.2 előttig
Cisco Optical Network Controller (Cisco ONC) 1.1.0 előttig
Cisco Packaged Contact Center Enterprise 11.6 előttig
Cisco Packaged Contact Center Enterprise 11.6(1) 11.6(1)
Cisco Paging Server 8.3(1) 14.4.1 előttig
Cisco Prime Service Catalog 12.1 előttig
Cisco SD-WAN vManage 20.3.4.1 előttig
Cisco SD-WAN vManage 20.4-tól 20.4.2.1 előttig
Cisco SD-WAN vManage 20.5-tól 20.5.1.1 előttig
Cisco SD-WAN vManage 20.6-tól 20.6.2.1 előttig
Cisco Smart Phy 3.2.1 előttig
cisco / ucs central 2.0(1p) előttig
Cisco UCS Director 2.1(0.0) 6.8.2.0 előttig
Cisco Unified Communications Manager 10.5(2) 11.5(1) előttig
Cisco Unified Communications Manager Session Management Edition 11.5(1) előttig
Cisco Unified Communications Manager 11.5(1) 11.5(1)
Cisco Unified Communications Manager 11.5(1) 11.5(1)
Cisco Unified Communications Manager 11.5(1) Session Management Edition 11.5(1)
Cisco Unified Communications Manager 11.5(1)su3 11.5(1)su3
Cisco Unified Communications Manager IM and Presence Service 11.5(1) előttig
Cisco Unified Communications Manager IM And Presence Service (IM&P) 11.5(1) 11.5(1)
Cisco Unified Contact Center Enterprise 11.6(2) előttig
Cisco Unified Contact Center Enterprise 11.6(2) 11.6(2)
Cisco Unified Contact Center Express 12.5(1) előttig
CiscoUnified Customer Voice Portal (CVP) Software SR1 11.6 előttig
Cisco Unified Customer Voice Portal (CVP) 11.6
Cisco Unified Customer Voice Portal (CVP) 12.0
Cisco Unified Customer Voice Portal (CVP) 12.5
Cisco Unity Connection Software 11.5(1) előttig
Cisco Video Surveillance Operations Manager 7.14.4 előttig
Cisco Virtual Topology System (VTS) 2.6.7 előttig
Cisco Virtualized Infrastructure Manager 3.2.0 előttig
cisco / virtualized infrastructure manager 3.4.0-tól 3.4.4 előttig
Cisco Virtualized Voice Browser 12.5(1) előttig
Cisco Wan Automation Engine 7.3.0.2 előttig
Cisco WebEx Meetings Server 3.0 előttig
Cisco Webex Meetings Server 3.0
Cisco WebEx Meetings Server Maintenance Release 1 3.0
Cisco Webex Meetings Server Maintenance Release 2 3.0
Cisco Webex Meetings Server Maintenance Release 3 3.0
Cisco WebEx Meetings Server Maintenance Release3 3.0
Cisco Webex Meetings Server Maintenance Release 3 Patch 4 3.0
Cisco Webex Meetings Server Maintenance Release 3 Patch 5 3.0
Cisco Webex Meetings Server Maintenance Release 3 Service Pack 2 3.0
Cisco Webex Meetings Server Maintenance Release 3 Service Pack 3 3.0
Cisco WebEx Meetings Server Maintenance Release 4 3.0
Cisco Webex Meetings Server 4.0
Cisco Webex Meetings Server Maintenance Release 1 4.0
Cisco Webex Meetings Server Maintenance Release 2 4.0
Cisco WebEx Meetings Server Maintenance Release 3 4.0
cisco / workload optimization manager 3.2.1 előttig
Cisco Unified Intelligence Center 12.6(1) előttig
cisco / unified sip proxy 10.2.1v2 előttig
cisco / unified workforce optimization 11.5(1) előttig
Cisco Firepower 1010 nem érintett
Cisco Firepower 1120 nem érintett
Cisco Firepower 1140 nem érintett
Cisco Firepower 1150 nem érintett
Cisco FirePOWER 2110 nem érintett
Cisco FirePOWER 2120 nem érintett
Cisco FirePOWER 2130 nem érintett
Cisco FirePOWER 2140 nem érintett
Cisco FirePOWER 4110 nem érintett
Cisco Firepower 4112 nem érintett
Cisco Firepower 4115 nem érintett
Cisco Firepower 4120 nem érintett
Cisco Firepower 4125 nem érintett
Cisco Firepower 4140 nem érintett
Cisco Firepower 4145 nem érintett
Cisco Firepower 4150 nem érintett
Cisco Firepower 9300 nem érintett
Cisco FXOS 6.2.3
Cisco FXOS 6.3.0
Cisco FXOS 6.4.0
Cisco FXOS 6.5.0
Cisco FXOS 6.6.0
Cisco FXOS 6.7.0
Cisco FXOS 7.0.0
Cisco FXOS 7.1.0
cisco / automated subsea tuning 02.01.00
cisco / broadworks
cisco / cloudcenter suite 4.10(0.15)
cisco / cloudcenter suite 5.3(0)
cisco / cloudcenter suite 5.4(1)
cisco / cloudcenter suite 5.5(0)
cisco / cloudcenter suite 5.5(1)
cisco / common services platform collector 002.009(000.000)
cisco / common services platform collector 002.009(000.001)
cisco / common services platform collector 002.009(000.002)
cisco / common services platform collector 002.009(001.000)
cisco / common services platform collector 002.009(001.001)
cisco / common services platform collector 002.009(001.002)
cisco / common services platform collector 002.010(000.000)
cisco / connected analytics for network deployment 006.004.000.003
cisco / connected analytics for network deployment 006.005.000.
cisco / connected analytics for network deployment 006.005.000.000
cisco / connected analytics for network deployment 007.000.001
cisco / connected analytics for network deployment 007.001.000
cisco / connected analytics for network deployment 007.002.000
cisco / connected analytics for network deployment 7.3
cisco / connected analytics for network deployment 007.003.000
cisco / connected analytics for network deployment 007.003.001.001
cisco / connected analytics for network deployment 007.003.003
cisco / connected analytics for network deployment 008.000.000
cisco / connected analytics for network deployment 008.000.000.000.004
Cisco Crosswork Network Automation
Cisco Crosswork Network Automation 2.0.0
Cisco Crosswork Network Automation 3.0.0
Cisco Crosswork Network Automation 4.1.0
Cisco Crosswork Network Automation 4.1.1
cisco / cx cloud agent 001.012
Cisco Cyber Vision 4.0.2
cisco / cyber vision sensor management extension 4.0.2
Cisco DNA Center 2.2.2.8
cisco / dna spaces
cisco / dna spaces connector
Cisco Emergency Responder 11.5
Cisco Emergency Responder 11.5(4.65000.14) 11.5(4.65000.14)
Cisco Emergency Responder 11.5(4.66000.14) 11.5(4.66000.14)
Cisco Enterprise Chat And Email 12.0(1) 12.0(1)
Cisco Enterprise Chat And Email 12.5(1) 12.5(1)
Cisco Enterprise Chat And Email 12.6(1) 12.6(1)
cisco / evolved programmable network manager 3.0
Cisco Evolved Programmable Network Manager 3.1
Cisco Evolved Programmable Network Manager 4.0
Cisco Evolved Programmable Network Manager 4.1
Cisco Evolved Programmable Network Manager 5.0
Cisco Evolved Programmable Network Manager 5.1
Cisco Finesse 12.5(1) SU1 12.5(1)
Cisco Finesse 12.5(1) SU2 12.5(1)
Cisco Finesse 12.6(1) 12.6(1)
Cisco Finesse 12.6(1) ES01 12.6(1)
Cisco Finesse 12.6(1) ES02 12.6(1)
Cisco Finesse 12.6(1) ES03 12.6(1)
Cisco Firepower Threat Defense (FTD) 6.2.3
Cisco Firepower Threat Defense (FTD) 6.3.0
Cisco Firepower Threat Defense (FTD) 6.4.0
Cisco Firepower Threat Defense (FTD) 6.5.0
Cisco Firepower Threat Defense (FTD) 6.6.0
Cisco Firepower Threat Defense (FTD) 6.7.0
Cisco Firepower Threat Defense (FTD) 7.0.0
Cisco Firepower Threat Defense (FTD) 7.1.0
Cisco Identity Services Engine (ISE) 002.004(000.914) 002.004(000.914)
Cisco Identity Services Engine (ISE) 002.006(000.156) 002.006(000.156)
Cisco Identity Services Engine (ISE) 002.007(000.356) 002.007(000.356)
Cisco Identity Services Engine (ISE) 003.000(000.458) 003.000(000.458)
Cisco Identity Services Engine (ISE) 003.001(000.518) 003.001(000.518)
Cisco Identity Services Engine (ISE) 003.002(000.116) 003.002(000.116)
cisco / integrated management controller supervisor 002.003(002.000)
cisco / integrated management controller supervisor 2.3.2.0
cisco / intersight virtual appliance 1.0.9-343
cisco / mobility services engine
cisco / network assurance engine 6.0(2.1912)
Cisco Network Dashboard Fabric Controller 11.0(1) 11.0(1)
Cisco Network Dashboard Fabric Controller 11.1(1) 11.1(1)
Cisco Network Dashboard Fabric Controller 11.2(1) 11.2(1)
Cisco Network Dashboard Fabric Controller 11.3(1) 11.3(1)
Cisco Network Dashboard Fabric Controller 11.4(1) 11.4(1)
Cisco Network Dashboard Fabric Controller 11.5(1) 11.5(1)
Cisco Network Dashboard Fabric Controller 11.5(2) 11.5(2)
Cisco Network Dashboard Fabric Controller 11.5(3) 11.5(3)
cisco / network insights for data center 6.0(2.1914)
cisco / network services orchestrator
Cisco Optical Network Controller (Cisco ONC) 1.1
Cisco Paging Server 8.3(1) 8.3(1)
Cisco Paging Server 8.4(1) 8.4(1)
Cisco Paging Server 8.5(1) 8.5(1)
Cisco Paging Server 9.0(1) 9.0(1)
Cisco Paging Server 9.0(2) 9.0(2)
Cisco Paging Server 9.1(1) 9.1(1)
Cisco Paging Server 12.5(2) 12.5(2)
Cisco Paging Server 14.0(1) 14.0(1)
Cisco Prime Service Catalog 12.1
Cisco SD-WAN vManage 20.3
Cisco SD-WAN vManage 20.4
Cisco SD-WAN vManage 20.5
Cisco SD-WAN vManage 20.6
Cisco SD-WAN vManage 20.6.1
Cisco SD-WAN vManage 20.7
Cisco SD-WAN vManage 20.8
Cisco Smart Phy 3.1.2
Cisco Smart Phy 3.1.3
Cisco Smart Phy 3.1.4
Cisco Smart Phy 3.1.5
Cisco Smart Phy 3.2.1
Cisco Smart Phy 21.3
Cisco UCS Central Software 2.0
Cisco UCS Central Software 2.0(1a) 2.0(1a)
Cisco UCS Central Software 2.0(1b) 2.0(1b)
Cisco UCS Central Software 2.0(1c) 2.0(1c)
Cisco UCS Central Software 2.0(1d) 2.0(1d)
Cisco UCS Central Software 2.0(1e) 2.0(1e)
Cisco UCS Central Software 2.0(1f) 2.0(1f)
Cisco UCS Central Software 2.0(1g) 2.0(1g)
Cisco UCS Central Software 2.0(1h) 2.0(1h)
Cisco UCS Central Software 2.0(1k) 2.0(1k)
Cisco UCS Central Software 2.0(1l) 2.0(1l)
Cisco Unified Communications Manager 11.5(1.17900.52) 11.5(1.17900.52)
Cisco Unified Communications Manager 11.5(1.18119.2) 11.5(1.18119.2)
Cisco Unified Communications Manager 11.5(1.18900.97) 11.5(1.18900.97)
Cisco Unified Communications Manager 11.5(1.21900.40) 11.5(1.21900.40)
Cisco Unified Communications Manager 11.5(1.22900.28) 11.5(1.22900.28)
Cisco Unified Communications Manager IM & Presence Service 11.5(1) 11.5(1)
cisco / unified communications manager im & presence service 11.5(1.22900.6)
cisco / unified computing system 006.008(001.000)
Cisco Unified Contact Center Enterprise 11.6(2) 11.6(2)
Cisco Unified Contact Center Enterprise 12.0(1) 12.0(1)
Cisco Unified Contact Center Enterprise 12.5(1) 12.5(1)
Cisco Unified Contact Center Enterprise 12.6(1) 12.6(1)
cisco / unified contact center enterprise 12.6(2)
Cisco Unified Contact Center Express 12.5(1) 12.5(1)
Cisco Unified Contact Center Express 12.5(1) Su1 12.5(1)
Cisco Unified Contact Center Express 12.6(1) 12.6(1)
Cisco Unified Contact Center Express 12.6(2) 12.6(2)
cisco / unified contact center management portal 12.6(1)
Cisco Unified Customer Voice Portal 11.6(1) 11.6(1)
Cisco Unified Customer Voice Portal 12.0(1) 12.0(1)
Cisco Unified Customer Voice Portal (CVP) 12.5(1) 12.5(1)
Cisco Unified Customer Voice Portal 12.6(1) 12.6(1)
cisco / unified intelligence center 12.6(1)
Cisco Unified Intelligence Center 12.6(1) ES01 12.6(1)
Cisco Unified Intelligence Center 12.6(1) ES02 12.6(1)
cisco / unified intelligence center 12.6(2)
cisco / unified sip proxy 010.000(000)
cisco / unified sip proxy 010.000(001)
cisco / unified sip proxy 010.002(000)
cisco / unified sip proxy 010.002(001)
cisco / unified workforce optimization 11.5(1)
Cisco Unity Connection 11.5
cisco / unity connection 11.5(1.10000.6)
Cisco Video Surveillance Manager 7.14(1.26) 7.14(1.26)
Cisco Video Surveillance Manager 7.14(2.26) 7.14(2.26)
Cisco Video Surveillance Manager 7.14(3.025) 7.14(3.025)
Cisco Video Surveillance Manager 7.14(4.018) 7.14(4.018)
Cisco Virtual Topology System (VTS) 2.6.6
Cisco Wan Automation Engine 7.1.3
Cisco Wan Automation Engine 7.2.1
Cisco Wan Automation Engine 7.2.2
Cisco Wan Automation Engine 7.2.3
Cisco Wan Automation Engine 7.3
Cisco Wan Automation Engine 7.4
Cisco Wan Automation Engine 7.5
Cisco Wan Automation Engine 7.6
Cisco WebEx Meetings Server 3.0
Cisco Webex Meetings Server 4.0
snowsoftware / snow commander 8.10.0 előttig
snowsoftware / vm access proxy 3.6 előttig
bentley / synchro 6.1-tól 6.4.3.2 előttig
bentley / synchro 4d 6.2.4.2 előttig
percussion / rhythmyx

Címkék

CISCO


Legfrissebb sérülékenységek
CVE-2018-14933 – NUUO NVRmini Devices OS Command Injection sebezhetősége
CVE-2019-11001 – Reolink Multiple IP Cameras OS Command Injection sebezhetősége
CVE-2021-40407 – Reolink RLC-410W IP Camera OS Command Injection sebezhetősége
CVE-2024-20767 – Adobe ColdFusion Improper Access Control sebezhetősége
CVE-2024-55956 – Cleo Multiple Products Unauthenticated File Upload sebezhetősége
CVE-2024-50623 – Cleo Multiple Products Unrestricted File Upload sebezhetősége
CVE-2024-49138 – Windows Common Log File System Driver Elevation of Privilege sebezhetősége
CVE-2024-11639 – Ivanti CSA sérülékenysége
CVE-2024-42449 – Veeam Service Provider Console sérülékenysége
CVE-2024-42448 – Veeam Service Provider Console sérülékenysége
Tovább a sérülékenységekhez »