Wordfence Intelligence Weekly WordPress Vulnerability Report (December 4, 2023 to December 10, 2023)
Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....
9.8CVSS
9.6AI Score
EPSS
Siemens User Management Component (UMC)
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
8.8CVSS
7.9AI Score
0.001EPSS
Philips Patient Monitoring Devices (Update C)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low attack complexity Vendor: Philips Equipment: Patient Information Center iX (PICiX); PerformanceBridge Focal Point; IntelliVue Patient Monitors MX100, MX400-MX850, and MP2-MP90; and IntelliVue X2, and X3 Vulnerabilities: Improper...
8.8CVSS
7AI Score
0.001EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.15 or 10.0.x prior to 10.0.12 or 10.1.x prior to 10.1.6. It is, therefore, affected by a vulnerability. An OS command injection vulnerability in the XML API...
6.3CVSS
6.8AI Score
EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24-h1 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.16 or 10.0.x prior to 10.0.12 or 10.1.x prior to 10.1.9 or 10.2.x prior to 10.2.4 or 11.0.x prior to 11.0.1. It is, therefore, affected by a...
4.9CVSS
5.5AI Score
EPSS
Palo Alto Networks PAN-OS 8.1.x < 8.1.26 / 9.0.x < 9.0.17-h1 / 9.1.x < 9.1.14 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.26 or 9.0.x prior to 9.0.17-h1 or 9.1.x prior to 9.1.14. It is, therefore, affected by a vulnerability. An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an...
5.5CVSS
5.5AI Score
EPSS
Palo Alto Networks PAN-OS 10.2.x < 10.2.4 / 11.0.x < 11.0.1 Authenticated Information Disclosure
The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.4 or 11.0.x prior to 11.0.1. It is, therefore, affected by a vulnerability: A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege...
5.5CVSS
6.8AI Score
0.001EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.25 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.16 or 10.0.x prior to 10.0.12 or 10.1.x prior to 10.1.9 or 10.2.x prior to 10.2.4 or 11.0.x prior to 11.0.1. It is, therefore, affected by a vulnerability. A.....
8.8CVSS
6.3AI Score
EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24-h1 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.12 or 10.0.x prior to 10.0.9 or 10.1.x prior to 10.1.3. It is, therefore, affected by a vulnerability. An OS command injection vulnerability in Palo Alto...
5.5CVSS
5.6AI Score
0.0005EPSS
Summary Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct...
5.3CVSS
6AI Score
0.002EPSS
Summary Due to the use of Jetty IBM UrbanCode Deploy (UCD) is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header. By sending a specially crafted request, a remote attacker could exploit this vulnerability to poison the web cache, bypass web application...
5.3CVSS
7.1AI Score
0.001EPSS
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
5.5CVSS
5.6AI Score
0.0005EPSS
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
4.7CVSS
0.0005EPSS
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
4.7CVSS
0.0005EPSS
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
5.5CVSS
5.4AI Score
0.0005EPSS
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API...
2.7CVSS
4AI Score
0.0004EPSS
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API...
2.7CVSS
0.0004EPSS
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
6.3CVSS
0.0005EPSS
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
6.3CVSS
6.8AI Score
0.0005EPSS
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
4.7CVSS
8.2AI Score
0.0005EPSS
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
6.3CVSS
8.3AI Score
0.0005EPSS
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API...
2.7CVSS
7AI Score
0.0004EPSS
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
4.7CVSS
7.9AI Score
0.0005EPSS
CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API...
2.7CVSS
4AI Score
0.0004EPSS
CVE-2023-6795 PAN-OS: OS Command Injection Vulnerability in the Web Interface
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
5.5CVSS
6.4AI Score
0.0005EPSS
CVE-2023-6794 PAN-OS: File Upload Vulnerability in the Web Interface
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
5.5CVSS
6.2AI Score
0.0005EPSS
CVE-2023-6792 PAN-OS: OS Command Injection Vulnerability in the XML API
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the...
5.5CVSS
7AI Score
0.0005EPSS
PAN-OS: OS Command Injection Vulnerability in the XML API
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. Work around: Customers with a Threat Prevention subscription can.....
6.3CVSS
7.8AI Score
EPSS
PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage. Work around: This issue requires the attacker to have authenticated access to the PAN-OS.....
2.7CVSS
6.7AI Score
EPSS
PAN-OS: OS Command Injection Vulnerability in the Web Interface
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. Work around: This issue requires the attacker to have authenticated access.....
5.5CVSS
7.9AI Score
EPSS
PAN-OS: File Upload Vulnerability in the Web Interface
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall. Work around: This issue...
5.5CVSS
7.5AI Score
EPSS
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack...
7.5CVSS
7.6AI Score
0.0005EPSS
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack...
7.5CVSS
0.0005EPSS
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack...
7.5CVSS
7.3AI Score
0.0005EPSS
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny...
5.3CVSS
0.001EPSS
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny...
5.3CVSS
5.4AI Score
0.001EPSS
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny...
5.3CVSS
7.4AI Score
0.001EPSS
CVE-2023-6534 TCP spoofing vulnerability in pf(4)
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-of-service attack...
7.8AI Score
0.0005EPSS
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny...
3.1CVSS
5.7AI Score
0.001EPSS
Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF027 and 23.0.1-IF005. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-46158 DESCRIPTION: **IBM WebSphere Application...
9.8CVSS
10AI Score
EPSS
Microsoft's Final 2023 Patch Tuesday: 34 Flaws Fixed, Including 4 Critical
Microsoft released its final set of Patch Tuesday updates for 2023, closing out 34 flaws in its software, making it one of the lightest releases in recent years. Of the 34 shortcomings, four are rated Critical and 30 are rated Important in severity. The fixes are in addition to 18 flaws Microsoft.....
9.8CVSS
8AI Score
0.128EPSS
Microsoft releases lightest Patch Tuesday in three years, no zero-days disclosed
Microsoft's monthly security update released Tuesday is the company's lightest in four years, including only 33 vulnerabilities. Perhaps more notable is that there are no zero-day vulnerabilities included in December's Patch Tuesday, a rarity for Microsoft this year. The company's regular set of...
8.8CVSS
9.7AI Score
0.035EPSS
Building an AppSec Program with Qualys WAS – Additional Configurations and Review & Confirm
Part 4 - Configuring a Web Application or API: Additional Configurations Now that we have completed the basic information, crawl settings, and default scan configurations, we can shift our attention to additional configurations designed to optimize scanning and provide granular control over how...
8AI Score
Security Bulletin: IBM Automation Decision Services November 2023 - Multiple CVEs addressed
Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details ** CVEID: CVE-2023-46233 DESCRIPTION: **Brix crypto-js...
9.8CVSS
10AI Score
0.003EPSS
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
By Raj Samani, SVP Chief Scientist, and Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7 Stepping into 2024 feels like opening the latest best-selling mystery novel – you know there's adventure ahead, but the plot is still up in the air. In the twist-riddled...
9.8CVSS
6.7AI Score
0.953EPSS
An Easy and Effective Strategy To Shield Your Business From Ransomware
Ransomware continues to make headlines and remains a top concern 2022 was a breakout year for ransomware as it wreaked havoc on individuals and organizations around the world. The numbers are staggering: Ransomware attacks surged dramatically in 2022 and were involved in 25% of all breaches,...
7.2AI Score
Non-Human Access is the Path of Least Resistance: A 2023 Recap
2023 has seen its fair share of cyber attacks, however there's one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only...
7.1AI Score
Summary Multipe security vulnerabilities have been identified in IBM Storage Scale Container Native that could allow access to container outside the current namespace. A fix for these vulnerabilities is available. Vulnerability Details ** CVEID: CVE-2022-41738 DESCRIPTION: **IBM Spectrum Scale...
7.5CVSS
7AI Score
0.0004EPSS
Intercepting MFA. Phishing and Adversary in The Middle attacks
3 of my last 5 business email compromise investigations have involved an Adversary in The Middle (AiTM) attack. Even the more security-aware people with bolstered Microsoft 365 (M365) configurations are coming up blank as to how their comprehensive MFA policies have been bypassed. It’s a technique....
7.7AI Score
K000137871 : Linux kernel vulnerability CVE-2023-35001
Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace (CVE-2023-35001) Impact This vulnerability may allow an authenticated attacker with local access to...
7.8CVSS
6.7AI Score
0.0005EPSS