Vulnerability Summary for the Week of April 27, 2020

Original release date: May 4, 2020The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet…

Comments Off on Vulnerability Summary for the Week of April 27, 2020

Unpatched Oracle WebLogic Servers Vulnerable to CVE-2020-2883

Oracle has released a blog post warning users that a previously disclosed Oracle WebLogic Server remote code execution vulnerability (CVE-2020-2883) is being exploited in the wild. Oracle disclosed the vulnerability…

Comments Off on Unpatched Oracle WebLogic Servers Vulnerable to CVE-2020-2883

SaltStack Patches Critical Vulnerabilities in Salt

SaltStack has released a security update to address critical vulnerabilities affecting Salt versions prior to 2019.2.4 and 3000.2. Salt is an open-source remote task and configuration management framework widely used in…

Comments Off on SaltStack Patches Critical Vulnerabilities in Salt

WordPress Releases Security Update

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and Infrastructure Security…

Comments Off on WordPress Releases Security Update

VMware Releases Security Updates for ESXi

VMware has released security updates to address a vulnerability in ESXi. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency…

Comments Off on VMware Releases Security Updates for ESXi

AA20-120A: Microsoft Office 365 Security Recommendations

As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the…

Comments Off on AA20-120A: Microsoft Office 365 Security Recommendations

Juniper Releases Security Updates for Junos OS

Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system.…

Comments Off on Juniper Releases Security Updates for Junos OS

Vulnerability Summary for the Week of April 20, 2020

Original release date: April 27, 2020The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet…

Comments Off on Vulnerability Summary for the Week of April 20, 2020

OpenSSL Releases Security Update

OpenSSL version 1.1.1g has been released to address a vulnerability affecting versions 1.1.1d–1.1.1f. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency…

Comments Off on OpenSSL Releases Security Update