10/21至10/27 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-11-05
- 點閱次數:539
- 內容說明:
CISA於10/21至10/27在Known Exploited Vulnerabilities Catalog(KEV)中發布5個已遭駭客利用之漏洞。
- 影響平台:
Roundcube|Webmail
Cisco|Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Fortinet|FortiManager
Microsoft |SharePoint
ScienceLogic|SL1
- 處置建議:
修補說明請參考以下官方連結:
Roundcube|Webmail
https://github.com/roundcube/roundcubemail/releases/tag/1.5.7
https://github.com/roundcube/roundcubemail/releases/tag/1.6.7
Cisco|Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW
Fortinet|FortiManager
https://fortiguard.fortinet.com/psirt/FG-IR-24-423
Microsoft |SharePoint
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094
ScienceLogic|SL1
https://support.sciencelogic.com/s/article/15527
https://docs.sciencelogic.com/latest/Content/Web_Admin_and_Accounts/System_Administration/sys_admin_system_upgrade.htm
- CVE編號:
CVE-2024-9537
CVE-2024-20481
CVE-2024-37383
CVE-2024-38094
CVE-2024-47575