Het CSIRT-DSP maakt op wekelijkse basis een selectie van kwetsbaarheden, waarbij het CSIRT-DSP de inschatting heeft gemaakt dat deze relevant zijn voor digitale dienstverleners.
Het betreft een selectie van 'Medium' en 'High' kwetsbaarheden. Voor de inschatting hiervan wordt er gebruik gemaakt van de CVSS 3.1 base scores indien deze beschikbaar zijn. Indien deze niet beschikbaar zijn, zal dit worden aangegeven met 'n/a'.
Critical & High
GitHub Enterprise Server
https://nvd.nist.gov/vuln/detail/CVE-2022-46255 (9.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-46256 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-23741 (7.2)
NETGEAR Nighthawk WiFi6 Router
https://www.tenable.com/security/research/tra-2022-37 (9.6-6.3)
Proxmox Virtual Environment
https://nvd.nist.gov/vuln/detail/CVE-2022-31358 (9.0)
Lansweeper
https://nvd.nist.gov/vuln/detail/CVE-2022-29517 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-32573 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-27498 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2022-29511 (6.5)
https://nvd.nist.gov/vuln/detail/CVE-2022-32763 (6.1)
https://nvd.nist.gov/vuln/detail/CVE-2022-28703 (5.4)
xorg-x11-server
https://nvd.nist.gov/vuln/detail/CVE-2022-46340 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-46341 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-46342 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-46343 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-46344 (8.8)
https://nvd.nist.gov/vuln/detail/CVE-2022-4283 (7.8)
Symantec Identity Manager
https://support.broadcom.com/external/content/SecurityAdvisories/0/21136 (8.6-7.2)
Helm
https://nvd.nist.gov/vuln/detail/CVE-2022-23526 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2022-23525 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2022-23524 (7.5)
SolarWinds Serv-U
https://nvd.nist.gov/vuln/detail/CVE-2022-38106 (7.5)
https://nvd.nist.gov/vuln/detail/CVE-2021-35252 (7.5)
VMware vRealize Operations (vROps)
https://www.vmware.com/security/advisories/VMSA-2022-0034.html (7.2-4.4)
Zoho ManageEngine Device Control Plus
https://nvd.nist.gov/vuln/detail/CVE-2022-47577 (7.1)
https://nvd.nist.gov/vuln/detail/CVE-2022-47578 (7.1)
Dell OpenManage Server Administrator
https://www.dell.com/support/kbdoc/nl-nl/000206609/dsa-2022-321-dell-op… (7.0)
Devolutions Remote Desktop Manager
https://devolutions.net/security/advisories/DEVO-2022-0011 (high)
Netgear WNR2000
https://nvd.nist.gov/vuln/detail/CVE-2022-46423 (n/a)
https://nvd.nist.gov/vuln/detail/CVE-2022-46422 (n/a)
pfSense pfBlockerNG
https://nvd.nist.gov/vuln/detail/CVE-2022-40624 (n/a)
Medium
IBM Spectrum Scale
https://nvd.nist.gov/vuln/detail/CVE-2022-40607 (6.8)
OTRS
https://nvd.nist.gov/vuln/detail/CVE-2022-4427 (6.5)
pfSense
https://nvd.nist.gov/vuln/detail/CVE-2020-21219 (6.1)
HCL BigFix
https://nvd.nist.gov/vuln/detail/CVE-2022-38659 (6.0)
SolarWinds Platform / Hybrid Cloud Observability (HCO)
https://nvd.nist.gov/vuln/detail/CVE-2022-47512 (6.0)
Zabbix Web Service Report Generation
https://nvd.nist.gov/vuln/detail/CVE-2022-46768 (5.9)
Grafana Enterprise Metrics
https://nvd.nist.gov/vuln/detail/CVE-2022-44643 (5.7)
Trellix Endpoint Agent (xAgent)
https://nvd.nist.gov/vuln/detail/CVE-2022-4326 (5.5)