4/28至5/4 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2025-05-07
- 點閱次數:549
- 內容說明:
CISA於4/28至5/4在Known Exploited Vulnerabilities Catalog(KEV)中發布8個已遭駭客利用之漏洞。
- 影響平台:
Commvault|Command Center
Yiiframework|Yii
Apache|HTTP Server
SonicWall|SMA100 Appliances
SAP|NetWeaver
Broadcom|Brocade Fabric OS
Qualitia|Active! Mail
Commvault|Web Server
- 處置建議:
修補說明請參考以下官方連結:
Commvault|Command Center
https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html
Yiiframework|Yii
https://www.yiiframework.com/news/709/please-upgrade-to-yii-2-0-52
Apache|HTTP Server
https://httpd.apache.org/security/vulnerabilities_24.html
SonicWall|SMA100 Appliances
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018
SAP|NetWeaver
https://me.sap.com/notes/3594142
Broadcom|Brocade Fabric OS
Qualitia|Active! Mail
https://www.qualitia.com/jp/news/2025/04/18_1030.html
Commvault|Web Server
https://documentation.commvault.com/securityadvisories/CV_2025_03_1.html
https://www.commvault.com/blogs/notice-security-advisory-update
- CVE編號:
CVE-2023-44221
CVE-2024-38475
CVE-2024-58136
CVE-2025-1976
CVE-2025-3928
CVE-2025-31324
CVE-2025-34028
CVE-2025-42599