8/19至8/25 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-09-05
- 點閱次數:412
- 內容說明:
CISA於8/19至8/25在Known Exploited Vulnerabilities Catalog(KEV)中發布5個已遭駭客利用之漏洞。
- 影響平台:
受影響廠商與產品名稱如下:
Microsoft|Exchange Server
Linux|Kernel
Dahua|IP Camera Firmware
Versa|Director
- 處置建議:
修補說明請參考以下官方連結:
Microsoft|Exchange Server
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-31196
Linux|Kernel
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,可參考以下網址:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de2
Dahua|IP Camera Firmware
https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582
Versa|Director
客戶可以從供應商處下載更新,請使用以下連結:
https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/
- CVE編號:
CVE-2021-31196
CVE-2021-33044
CVE-2021-33045
CVE-2022-0185
CVE-2024-39717
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2021-31196
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
- https://nvd.nist.gov/vuln/detail/CVE-2022-0185
- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-31196
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de2
- https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582
- https://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dang