Microsoft
Multiple Products
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows
Microsoft
Office, Multiple Versions
Microsoft Office Memory Corruption Vulnerability, CVE-2017-11882
Fortinet
FortiOS and FortiProxy 2.0.2, 2.0.1, 2.0.0, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6
FortiProxy - system file leak through SSL VPN special crafted HTTP resource requests
Joint CSAs:
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Ivanti
Pulse Secure Pulse Connect Secure versions, 9.0R1 to 9.0R3.3, 8.3R1 to 8.3R7, and 8.2R1 to 8.2R12
CISA Alerts:
Continued Exploitation of Pulse Secure VPN Vulnerability
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
ACSC Advisory:
2019-129: Recommendations to mitigate vulnerability in Pulse Connect Secure VPN Software
Joint CSA:
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
CCCS Alert:
Microsoft
Remote Desktop Services
Citrix
ADC and Gateway version 13.0 all supported builds before 13.0.47.24
NetScaler ADC and NetScaler Gateway, version 12.1 all supported builds before 12.1.55.18; version 12.0 all supported builds before 12.0.63.13; version 11.1 all supported builds before 11.1.63.15; version 10.5 all supported builds before 10.5.70.12
SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO all supported software release builds before 10.2.6b and 11.0.3b
Joint CSAs:
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
CCCS Alert:
F5
BIG IP versions 15.1.0, 15.0.0 to 15.0.1, 14.1.0 to 14.1.2, 13.1.0 to 13.1.3, 12.1.0 to 12.1.5, and 11.6.1 to 11.6.5
CISA Alert:
Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
Microsoft
Windows Server, Multiple Versions
Microsoft Security Update Guide: Netlogon Elevation of Privilege Vulnerability, CVE-2020-1472
ACSC Advisory:
2020-016: Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
Joint CSA:
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
CCCS Alert:
Microsoft Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472 - Update 1
Oracle
WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0
Oracle
WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0
SonicWALL
SSLVPN SMA100, Build Version 10.x
Confirmed Zero-day vulnerability in the SonicWall SMA100 build version 10.x
Microsoft
Exchange Server, Multiple Versions
Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-26855
CISA Alert:
Mitigate Microsoft Exchange Server Vulnerabilities
CISA Alert:
Mitigate Microsoft Exchange Server Vulnerabilities
Microsoft
Exchange Server, Multiple Versions
Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-26858
CISA Alert:
Mitigate Microsoft Exchange Server Vulnerabilities
Microsoft
Multiple Products
Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-27065
CISA Alert:
Mitigate Microsoft Exchange Server Vulnerabilities
SonicWALL
Email Security version 10.0.9.x Email Security
SonicWall Email Security pre-authentication administrative account creation vulnerability
Microsoft
Exchange Server, Multiple Versions
Microsoft Exchange Server Security Feature Bypass Vulnerability, CVE-2021-31207
CISA Alert:
Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
ACSC Alert:
Atlassian
Confluence Server and Data Center, versions: 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4, 7.18.1
CISA Alert:
CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog
ACSC Alert:
Remote code execution vulnerability present in Atlassian Confluence Server and Data Center
Microsoft
Exchange Server, Multiple Version
Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2021-34473
Joint CSA:
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Microsoft
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Updates 19 and 20
Microsoft Exchange Server 2019 Cumulative Updates 8 and 9
Microsoft Exchange Server Elevation of Privilege Vulnerability, CVE-2021-34523
CISA Alert:
Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
Jira Atlassian
Confluence Server and Data Center, versions 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
Jira Atlassian: Confluence Server Webwork OGNL injection - CVE-2021-26084
CISA Alert:
Atlassian Releases Security Updates for Confluence Server and Data Center
Zoho ManageEngineCorp.
ManageEngine ADSelfService Plus builds up to 6113
Security advisory - ADSelfService Plus authentication bypass vulnerability
ACSC Alert:
Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors
Apache
HTTP Server 2.4.48
Apache
Apache HTTP Server 2.4.49
Apache
Apache HTTP Server 2.4.50
SonicWall
SMA 100 Series (SMA 200, 210, 400, 410, 500v), versions 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24svSMA 100 series appliances
ACSC Alert:
CCCS Alert:
Apache
Log4j, all versions from 2.0-beta9 to 2.14.1
For other affected vendors and products, see CISA's GitHub repository.
Apache Log4j Security Vulnerabilities
For additional information, see joint CSA: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
CISA webpage:
Apache Log4j Vulnerability Guidance
CCCS Alert:
Active exploitation of Apache Log4j vulnerability - Update 7
ACSC Advisory:
2021-007: Log4j vulnerability – advice and mitigations
ACSC Publication:
Apache
Log4j 2.15.0Log4j
Fortinet
FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and
FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier
Zimbra
Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1)Collaboration Suite
SAP
NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53, and SAP Web Dispatcher Internet Communication Manager (ICM)
CISA Alert:
Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM)
VMware Tanzumware Tanzu
Spring Cloud Function versions 3.1.6, 3.2.2, and older unsupported versions
CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression
VMware
Workspace ONE Access, versions 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0
Identity Manager (vIDM) 3.3.6, 3.3.5, 3.3.4, 3.3.3
vRealize Automation (vIDM), 8.x, 7.6
VMware Cloud Foundation (vIDM), 4.x
vRealize Suite Lifecycle Manager (vIDM), 8.xWorkspace
ONE Access and Identity Manager
VMware
Workspace ONE Access, versions 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0
Identity Manager (vIDM) and vRealize Automation3.3.6, 3.3.5, 3.3.4, 3.3.3
vRealize Automation (vIDM), 8.x, 7.6
VMware Cloud Foundation (vIDM), 4.x
VMware Cloud Foundation (vRA), 3.x
vRealize Suite Lifecycle Manager (vIDM), 8.x
AtlassianWSO2
WSO2 API Manager 2.2.0 and above through 4.0.0
WSO2 Identity Server 5.2.0 and above through 5.11.0
WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0
WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0
WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0
Zimbra
Zimbra Collaboration Suite, 8.8.15 and 9.0
F5 Networks
F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and All 12.1.x and 11.6.x versions
Joint CSA:
Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Microsoft
Exchange Server, Multiple Versions
CISA Alert:
Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability
Microsoft
Multiple Products
QNAP
Certain QNAP NAS running Photo Station with internet exposure Ausustor Network Attached Storage
Microsoft
Exchange Server 2016 Cumulative Update 23, 2019 Cumulative Update 12, 2019 Cumulative Update 11, 2016 Cumulative Update 22, and 2013 Cumulative Update 23
Microsoft Exchange Server Remote Code Execution Vulnerability, CVE-2022-41082
ACSC Alert:
Vulnerability Alert – 2 new Vulnerabilities associated with Microsoft Exchange.
Fortinet
FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0
FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface