Het CSIRT-DSP maakt op wekelijkse basis een selectie van kwetsbaarheden, waarbij het CSIRT-DSP de inschatting heeft gemaakt dat deze relevant zijn voor digitale dienstverleners. Deze selectie wordt gezamenlijk met relevant nieuws verspreid in de Mid of Week.
De inschatting van low/medium/high wordt gemaakt op basis van de CVSS 3.1 base score van de kwetsbaarheid. 0.0-3.9 is low, 4.0-6.9 is medium, 7.0-10.0 is high.
Kwetsbaarheden die als low worden geclassificeerd komen niet in dit overzicht terug.
High
Juniper Networks Technology Session Smart Router
https://nvd.nist.gov/vuln/detail/CVE-2021-31349 (9.8)
Zoho ManageEngine OpManager
https://nvd.nist.gov/vuln/detail/CVE-2021-40493 (9.8)
Kubernetes MinIO
https://nvd.nist.gov/vuln/detail/CVE-2021-41137 (8.8)
Zoho ManageEngine ADManager Plus
https://nvd.nist.gov/vuln/detail/CVE-2021-20131 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-20130 (8.8)
Juniper Networks Junos OS
https://nvd.nist.gov/vuln/detail/CVE-2021-31372 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31385 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31355 (8.0)
https://nvd.nist.gov/vuln/detail/CVE-2021-31373 (8.0)
https://nvd.nist.gov/vuln/detail/CVE-2021-31359 (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31379 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31383 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31374 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31368 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31353 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31376 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-0299 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31351 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31350 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31375 (7.2)
https://nvd.nist.gov/vuln/detail/CVE-2021-31384 (7.2)
https://nvd.nist.gov/vuln/detail/CVE-2021-31354 (7.1)
https://nvd.nist.gov/vuln/detail/CVE-2021-31360 (7.1)
Palo Alto Networks GlobalProtect
https://nvd.nist.gov/vuln/detail/CVE-2021-3057 (8.1)
Juniper Networks Junos OS Evolved
https://nvd.nist.gov/vuln/detail/CVE-2021-31359 (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31358 (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31357 (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31356 (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31383 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31353 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31350 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31374 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31354 (7.1)
https://nvd.nist.gov/vuln/detail/CVE-2021-31360 (7.1)
Oracle VirtualBox
https://www.oracle.com/security-alerts/cpuoct2021.html (7.8-4.4)
Juniper Networks CTPView server
https://nvd.nist.gov/vuln/detail/CVE-2021-0296 (7.4)
Medium
Juniper Networks Junos OS
https://nvd.nist.gov/vuln/detail/CVE-2021-31378 (6.8)
https://nvd.nist.gov/vuln/detail/CVE-2021-31367 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31370 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31366 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31365 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31363 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31362 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31382 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31377 (5.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31361 (5.3)
https://nvd.nist.gov/vuln/detail/CVE-2021-31371 (5.3)
https://nvd.nist.gov/vuln/detail/CVE-2021-31369 (5.3)
https://nvd.nist.gov/vuln/detail/CVE-2021-31386 (5.3)
Juniper Networks Junos OS Evolved
https://nvd.nist.gov/vuln/detail/CVE-2021-0297 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31363 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31362 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-0298 (4.7)
Juniper Networks SRC series
https://nvd.nist.gov/vuln/detail/CVE-2021-31381 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-31380 (5.3)
https://nvd.nist.gov/vuln/detail/CVE-2021-31352 (5.3)
Huawei IPS / NGFW
https://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20211020-01-outofwrite-en (5.9)
VMware vRealize Operations Tenant App (VMware Cloud Director)
https://www.vmware.com/security/advisories/VMSA-2021-0024.html (5.3)