De inschatting van low/medium/high wordt gemaakt op basis van de CVSS 3.1 base score van de kwetsbaarheid. 0.0-3.9 is low, 4.0-6.9 is medium, 7.0-9.0 is high en 9.0-10.0 is critical. Kwetsbaarheden die als low worden geclassificeerd komen niet in dit overzicht terug.
Critical & High
Microsoft Azure
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0436 (9.9-7.3)
Ivanti Endpoint Manager (EPM)
https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022 (9.8-7.2)
Microsoft Windows
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0434 (9.8-5.9)
Dell Enterprise SONiC
https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities (9.1-9.0)
Ivanti Connect Secure (ICS) / Policy Secure (IPS) / Secure Access Client (ISAC)
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs (9.1-4.4)
Cisco Nexus Dashboard Fabric Controller
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL (8.8)
Apache CloudStack
https://nvd.nist.gov/vuln/detail/CVE-2024-50386 (8.5)
Zoom Apps
https://www.zoom.com/en/trust/security-bulletin/zsb-24043/ (8.5)
https://www.zoom.com/en/trust/security-bulletin/zsb-24041/ (8.1)
https://www.zoom.com/en/trust/security-bulletin/zsb-24044/ (6.5)
https://www.zoom.com/en/trust/security-bulletin/zsb-24042/ (4.3)
macOS
https://www.zoom.com/en/trust/security-bulletin/zsb-24039/ (6.0)
https://www.zoom.com/en/trust/security-bulletin/zsb-24040/ (5.4)
NetScaler ADC / Gateway
https://nvd.nist.gov/vuln/detail/CVE-2024-8534 (8.4)
https://nvd.nist.gov/vuln/detail/CVE-2024-8535 (5.8)
Dell Networking OS10
https://www.dell.com/support/kbdoc/en-us/000247217/dsa-2024-425-security-update-for-dell-networking-os10-vulnerabilities (7.8)
HashiCorp Nomad Community / Nomad Enterprise
https://nvd.nist.gov/vuln/detail/CVE-2024-10975 (7.7)
Veeam Backup Enterprise Manager
https://www.veeam.com/kb4682 (7.7)
Cisco Enterprise Chat and Email
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-Oqb9uFEv (7.5)
Ivanti Avalanche
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release (7.5)
Microsoft Exchange Server
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0438 (7.5)
Fortinet FortiClientWindows
https://www.fortiguard.com/psirt/FG-IR-24-199 (7.4)
https://www.fortiguard.com/psirt/FG-IR-24-144 (7.4)
https://www.fortiguard.com/psirt/FG-IR-24-205 (6.7)
Fortinet FortiManager / FortiAnalyzer / FortiAnalyzer-BigData
https://www.fortiguard.com/psirt/FG-IR-23-396 (7.1)
https://www.fortiguard.com/psirt/FG-IR-24-116 (6.3)
https://www.fortiguard.com/psirt/FG-IR-24-098 (6.3)
https://www.fortiguard.com/psirt/FG-IR-24-099 (4.8)
https://www.fortiguard.com/psirt/FG-IR-24-115 (4.7)
Fortinet FortiOS
https://www.fortiguard.com/psirt/FG-IR-23-475 (7.1)
Broadcom Brocade Fabric OS
https://nvd.nist.gov/vuln/detail/CVE-2024-7516 (7.0)
Medium
Zyxel GS1900
https://nvd.nist.gov/vuln/detail/CVE-2024-8881 (6.8)
https://nvd.nist.gov/vuln/detail/CVE-2024-8882 (4.5)
Fortinet FortiClientMacOS
https://www.fortiguard.com/psirt/FG-IR-24-022 (6.8)
Cisco Identity Services Engine
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE (6.5)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy (6.1)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5 (4.3)
Cisco Unified Communications Manager
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-SVCkMMW (6.1)
Cisco Evolved Programmable Network Manager / Prime Infrastructure
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-yyf2zkXs (5.4)
Cisco Secure Email and Web Manager / Secure Email Gateway /Secure Web Appliance
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n (5.4)
Cisco 6800, 7800, 8800, and 9800 Series Phones
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG (5.3)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF (4.8)
Cisco Nexus 3550-F Switches
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q (5.3)
Cloud Foundry Cloud Controller
https://nvd.nist.gov/vuln/detail/CVE-2024-38826 (5.3)
Devolutions Server
https://devolutions.net/security/advisories/DEVO-2024-0015/ (5.3)
Fortinet FortiManager / FortiAnalyzer
https://www.fortiguard.com/psirt/FG-IR-24-125 (5.3)
Fortinet FortiManager / FortiOS / FortiPAM / FortiPortal / FortiProxy / FortiSwitchManager
https://www.fortiguard.com/psirt/FG-IR-24-032 (5.2)
Citrix Virtual Apps and Desktops
https://nvd.nist.gov/vuln/detail/CVE-2024-8068 (5.1)
https://nvd.nist.gov/vuln/detail/CVE-2024-8069 (5.1)
Fortinet FortiPortal
https://www.fortiguard.com/psirt/FG-IR-23-448 (5.1)
https://www.fortiguard.com/psirt/FG-IR-22-155 (4.4)
Cisco Meeting Management
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-info-disc-9ZEMAhGA (4.3)
Citrix Hypervisor / XenServer
https://support.citrix.com/s/article/CTX692065-xenserver-and-citrix-hypervisor-security-update-for-cve202445818 (medium)
Linux Kernel Netfilter
https://nvd.nist.gov/vuln/detail/CVE-2024-50257 (n/a)
https://nvd.nist.gov/vuln/detail/CVE-2024-50256 (n/a)
https://nvd.nist.gov/vuln/detail/CVE-2024-50251 (n/a)