SecPod Cyber Bulletin 31st Issue

[saanidhyadwivedi]

SecPod Cyber Bulletin 31st Issue

Dell Enterprise SONiC Vulnerabilities

Dell Technologies has disclosed three critical security vulnerabilities (CVE-2024-45763, CVE-2024-45764, and CVE-2024-45765) affecting its Enterprise SONiC (Software for Open Networking in the Cloud) operating system. CVSS Score: 9.1, 9.0, 9.1

VMware vCenter Server RCE Vulnerability

Broadcom has issued an urgent warning that two critical vulnerabilities (CVE-2024-38812 and  CVE-2024-38813 ) in VMware vCenter Server are now being actively exploited in the wild. The more severe of the two flaws is a remote code execution (RCE) vulnerability. CVSS Score: 9.8, 7.5

Apache HertzBeat Vulnerability

A recently discovered vulnerability (CVE-2024-45791) in Apache HertzBeat affects versions prior to 1.6.1 and could allow unauthorized actors to access sensitive information. CVSS Score: 7.5

Microsoft Active Directory Certificate Services Flaw

Microsoft has recently disclosed a new security vulnerability, CVE-2024-49019, in Microsoft Patch Tuesday updates, affecting Active Directory Certificate Services (AD CS). CVSS Score: 7.8

Multiple Zoom Vulnerabilities Exposed

Zoom recently disclosed multiple vulnerabilities(CVE-2024-45421, CVE-2024-45422, and CVE-2024-45420) affecting its suite of applications, including a critical flaw that could allow attackers to execute remote code.

CVSS Score: 8.5,6.4 and 4

[Author]

Posts