US Critical Infrastructure Security Agency (CISA) adds seven new flaws to its Known Exploited Vulnerabilities Catalog, including Microsoft, Linux, and Jenkins bugs.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, including flaws affecting Microsoft, Linux, WSO2, and Jenkins systems
Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.
The list of vulnerabilities added by CISA to the catalog includes a remote code execution issue (WSO2), privilege escalation flaws (Microsoft/Linux), and a Sandbox Bypass Vulnerability (Jenkins).
Below is the complete list of flaws added by CISA to its catalog in the latest turn:
The catalog now contains 654 vulnerabilities, including the date that federal agencies must apply the associated patches and security updates.
The above issues have to be addressed by federal agencies by May 16, 2022.
[출처 : SecurityAffairs / 4.26.]