Kwetsbaarheden week 42

Het CSIRT-DSP maakt op wekelijkse basis een selectie van kwetsbaarheden, waarbij het CSIRT-DSP de inschatting heeft gemaakt dat deze relevant zijn voor digitale dienstverleners.

Het betreft een selectie van 'Medium' en 'High' kwetsbaarheden. Voor de inschatting hiervan wordt er gebruik gemaakt van de CVSS 3.1 base scores indien deze beschikbaar zijn. Indien deze niet beschikbaar zijn, zal dit worden aangegeven met 'n/a'.

Critical & High

Juniper Networks Junos OS
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (9.8)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.4)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (5.6)
SRX5000 Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
SRX Series / QFX Series / MX Series / EX Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
SRX Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.2)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (6.8)
J-Web
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.1)
MX Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.1)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (6.8)
SRX4600 / SRX5000 Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.1)
SRX5K / SRX4600 / MX Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.1)
MX304 / MX with MPC10/11/LC9600/ EX9200 with EX9200-15C
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (6.8)

Kubernetes Image Builder
https://nvd.nist.gov/vuln/detail/CVE-2024-9594 (6.3)
https://nvd.nist.gov/vuln/detail/CVE-2024-9486 (9.8)

GitLab Community Edition (CE) / Enterprise Edition (EE)
https://about.gitlab.com/releases/2024/10/09/patch-release-gitlab-17-4-… (9.6-4.3) 
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3… (9.5-5.7)

Juniper Networks Junos OS Evolved
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.4)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.2)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (5.3)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (5.1)
ACX 7000 Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.7)
QFX5000 Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.1)

Juniper Networks Junos OS / Junos OS Evolved
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J…?  (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (8.7)
MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Series
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-J… (7.1)

Apache CloudStack
https://nvd.nist.gov/vuln/detail/CVE-2024-45219 (8.5)
https://nvd.nist.gov/vuln/detail/CVE-2024-45462 (6.3)
https://nvd.nist.gov/vuln/detail/CVE-2024-45461 (5.7)

Palo Alto Networks PAN-OS
https://security.paloaltonetworks.com/CVE-2024-9468 (8.2)
https://security.paloaltonetworks.com/CVE-2024-9471 (5.1)

DrayTek Vigor3900
https://github.com/advisories/GHSA-3hhh-46fw-chvg (8.0)

SolarWinds Platform
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45… (7.8)
https://nvd.nist.gov/vuln/detail/CVE-2024-45715 (7.1)

SonicWALL SSL-VPN SMA1000 
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017 (7.8-6.2)

SolarWinds Serv-U
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45… (7.5)
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-45… (7.5)

Centreon BI Server
https://nvd.nist.gov/vuln/detail/CVE-2024-45754 (7.2)

Hashicorp Vault Enterprise
https://nvd.nist.gov/vuln/detail/CVE-2024-9180 (7.2)

Medium

VMware NSX / Cloud Foundation
https://support.broadcom.com/web/ecx/support-content-notification/-/ext… (6.7-4.3)

Red Hat Podman / Buildah / CRI-O
https://nvd.nist.gov/vuln/detail/CVE-2024-9676 (6.5)

Palo Alto Networks Cortex XDR Agent
https://security.paloaltonetworks.com/CVE-2024-9469 (5.7)

Palo Alto Networks Cortex XSOAR
https://security.paloaltonetworks.com/CVE-2024-9470 (5.3)

Red Hat Buildah 
https://nvd.nist.gov/vuln/detail/CVE-2024-9675 (4.4)

Nagios XI
https://nvd.nist.gov/vuln/detail/CVE-2023-48082 (n/a)