7/15至7/21 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-08-07
- 點閱次數:357
- 內容說明:
CISA於7/15至7/21在Known Exploited Vulnerabilities Catalog(KEV)中發布4個已遭駭客利用之漏洞。
- 影響平台:
OSGeo | GeoServer GeoTools
VMware | VCenter Server
SolarWinds | SERV-U
Adobe | Commerce and Magento Open Source
- 處置建議:
補說明請參考以下官方連結:
OSGeo | GeoServer GeoTools
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv
https://github.com/geotools/geotools/pull/4797
VMware | VCenter Server
https://www.vmware.com/security/advisories/VMSA-2022-0009.html
SolarWinds | SERV-U
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
Adobe | Commerce and Magento Open Source
https://helpx.adobe.com/security/products/magento/apsb24-40.html
- CVE編號:
CVE-2022-22948
CVE-2024-28995
CVE-2024-34102
CVE-2024-36401
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2022-22948
- https://nvd.nist.gov/vuln/detail/CVE-2024-28995
- https://nvd.nist.gov/vuln/detail/CVE-2024-34102
- https://nvd.nist.gov/vuln/detail/CVE-2024-36401
- https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv
- https://github.com/geotools/geotools/pull/4797
- https://www.vmware.com/security/advisories/VMSA-2022-0009.html
- https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
- https://helpx.adobe.com/security/products/magento/apsb24-40.html