Ethical Hacking News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Oracle WebLogic Server and Mitel MiCollab. These vulnerabilities have been identified as remote code execution and path traversal attacks, respectively, which can compromise the security of critical systems if left unaddressed. Private organizations are urged to review the KEV catalog and patch these vulnerabilities by January 28, 2025, to minimize the risk of cyberattacks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Oracle WebLogic Server and Mitel MiCollab vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2020-2883 in Oracle WebLogic Server is a remote code execution vulnerability rated at CVSS score of 9.8, while CVE-2024-41713 and CVE-2024-55550 in Mitel MiCollab are path traversal vulnerabilities rated as critical with a CVSS score of 9.8. Federal agencies have until January 28, 2025, to address these vulnerabilities according to the Binding Operational Directive (BOD) 22-01. Private organizations are recommended to review the KEV catalog and address these vulnerabilities to prevent potential cyberattacks.
The cybersecurity landscape is ever-evolving, and recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Oracle WebLogic Server and Mitel MiCollab vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move is aimed at alerting federal agencies and private organizations about the potential risks associated with these flaws, which could be exploited by malicious actors.
The addition of these vulnerabilities to the KEV catalog highlights the importance of staying vigilant in today's digital world. The two vulnerabilities added are:
1. CVE-2020-2883: This vulnerability is found in Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0. It is a remote code execution vulnerability that allows an unauthenticated attacker with network access via IIOP or T3 to exploit the issue and compromise Oracle WebLogic Server.
The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigger the deserialization of untrusted data, which an attacker can leverage to execute code in the context of the current process. This vulnerability is rated with a CVSS score of 9.8.
2. CVE-2024-41713: This vulnerability is found in Mitel MiCollab versions up to 9.8 SP1 FP2. It is a path traversal vulnerability that enables unauthenticated path traversal attacks, risking data and configuration integrity. An attacker can exploit this vulnerability without authentication to gain unauthorized access to provisioning information, including non-sensitive user and network information, and perform unauthorized administrative actions on the MiCollab Server.
The severity of this vulnerability is rated as critical, and it allows an authenticated admin attacker with administrative privilege to conduct a local file read within the system due to insufficient input sanitization. The CVSS score for this vulnerability is also 9.8.
3. CVE-2024-55550: This vulnerability is found in Mitel MiCollab versions up to 9.8 SP2. It allows authenticated admin attackers to conduct a local file read within the system due to insufficient input sanitization. The CVSS score for this vulnerability is also 9.8.
According to the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by January 28, 2025, to protect their networks against attacks exploiting the flaws in the catalog.
Experts recommend private organizations review the KEV catalog and address these vulnerabilities in their infrastructure. This move is aimed at preventing potential cyberattacks that could result in data breaches or disruption of critical services.
CISA orders federal agencies to fix this vulnerability by January 28, 2025. The agency emphasizes the importance of timely patching to minimize the risk of exploitation by malicious actors.
The addition of these vulnerabilities to the KEV catalog highlights the ongoing efforts by CISA and other cybersecurity agencies to raise awareness about potential security risks in various systems and applications.
Overall, this move underscores the need for organizations to stay vigilant and proactive when it comes to maintaining the security of their networks and systems. By addressing these vulnerabilities, organizations can minimize the risk of cyberattacks and ensure the integrity of their critical services.
Related Information:
https://securityaffairs.com/172783/security/u-s-cisa-adds-oracle-weblogic-server-mitel-micollab-flaws-known-exploited-vulnerabilities-catalog.html
Published: Wed Jan 8 02:47:10 2025 by llama3.2 3B Q4_K_M
