Merge pull request #1147 from e-m-b-a/known_exploited_update

CISA known exploited database update
e-m-b-a · May 5, 2024 · b8645bc · b8645bc
2 parents f6a7768 + b366e79
commit b8645bc
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/config/known_exploited_vulnerabilities.csv b/config/known_exploited_vulnerabilities.csv
@@ -819,7 +819,7 @@ CVE-2018-6530,D-Link,"Multiple Routers","D-Link Multiple Routers OS Command Inje
 CVE-2018-2628,Oracle,"WebLogic Server","Oracle WebLogic Server Unspecified Vulnerability",2022-09-08,"Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.","Apply updates per vendor instructions.",2022-09-29,Unknown,https://www.oracle.com/security-alerts/cpuapr2018.html
 CVE-2018-13374,Fortinet,"FortiOS and FortiADC","Fortinet FortiOS and FortiADC Improper Access Control Vulnerability",2022-09-08,"Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.","Apply updates per vendor instructions.",2022-09-29,Known,https://www.fortiguard.com/psirt/FG-IR-18-157
 CVE-2017-5521,NETGEAR,"Multiple Devices","NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability",2022-09-08,"Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.","Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.",2022-09-29,Unknown,https://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
-CVE-2011-4723,D-Link,"DIR-300 Router","D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability",2022-09-08,"The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.","The impacted product is end-of-life and should be disconnected if still in use.",2022-09-29,Unknown,https://www.dlink.ru/mn/products/2/728.html
+CVE-2011-4723,D-Link,"DIR-300 Router","D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability",2022-09-08,"The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.","The impacted product is end-of-life and should be disconnected if still in use.",2022-09-29,Unknown,https://www.dlink.com/uk/en/support/product/dir-300-wireless-g-router
 CVE-2011-1823,Android,"Android OS","Android OS Privilege Escalation Vulnerability",2022-09-08,"The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.","Apply updates per vendor instructions.",2022-09-29,Unknown,https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e
 CVE-2022-37969,Microsoft,Windows,"Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability",2022-09-14,"Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.","Apply updates per vendor instructions.",2022-10-05,Unknown,https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37969
 CVE-2022-32917,Apple,"iOS, iPadOS, and macOS","Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability",2022-09-14,"Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.","Apply updates per vendor instructions.",2022-10-05,Unknown,"https://support.apple.com/en-us/HT213445, https://support.apple.com/en-us/HT213444"
@@ -1102,3 +1102,5 @@ CVE-2022-38028,Microsoft,Windows,"Microsoft Windows Print Spooler Privilege Esca
 CVE-2024-4040,CrushFTP,CrushFTP,"CrushFTP VFS Sandbox Escape Vulnerability",2024-04-24,"CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2024-05-01,Unknown,https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update&version=34
 CVE-2024-20359,Cisco,"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","Cisco ASA and FTD Privilege Escalation Vulnerability",2024-04-24,"Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2024-05-01,Unknown,https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4h
 CVE-2024-20353,Cisco,"Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)","Cisco ASA and FTD Denial of Service Vulnerability",2024-04-24,"Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2024-05-01,Unknown,https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2
+CVE-2024-29988,Microsoft,"SmartScreen Prompt","Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability",2024-04-30,"Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2024-05-21,Unknown,https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988
+CVE-2023-7028,GitLab,"GitLab CE/EE","GitLab Community and Enterprise Editions Improper Access Control Vulnerability",2024-05-01,"GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",2024-05-22,Unknown,https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/