Vulnerability Summary for the Week of November 6, 2023

High Vulnerabilities

Primary
Vendor — Product

Description

Published

CVSS Score

Source & Patch Info

1e — platform

The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. To remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI

2023-11-06

7.2

CVE-2023-45161
MISC
MISC

1e — platform

The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. To remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI

2023-11-06

This article has been indexed from Bulletins

Read the original article:

Vulnerability Summary for the Week of November 6, 2023

← Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite

New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine →

High Vulnerabilities

Read the original article:

Share this:

Related

Post navigation