內容說明:
CISA於1/22至1/28在Kown Exploited Vulnerabilities Catalog(KEV)中發佈3個已遭駭客利用之漏洞。
影響平台:
受影響廠商與產品名稱如下:
VMware vCenter Server
Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit)
Atlassian Confluence Data Center and Server
處置建議:
修補說明請參考以下官方連結:
VMware vCenter Server:
https://www.vmware.com/security/advisories/VMSA-2023-0023.html
Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit):
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214056
https://support.apple.com/en-us/HT214057
https://support.apple.com/en-us/HT214058
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214061
https://support.apple.com/en-us/HT214063
Atlassian Confluence Data Center and Server:
https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
CVE編號:
CVE-2023-22527
CVE-2023-34048
CVE-2024-23222
參考資料:
1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
2. https://nvd.nist.gov/vuln/detail/CVE-2023-22527
3. https://nvd.nist.gov/vuln/detail/CVE-2023-34048
4. https://nvd.nist.gov/vuln/detail/CVE-2024-23222
5. https://www.vmware.com/security/advisories/VMSA-2023-0023.html
6. https://support.apple.com/en-us/HT214055
7. https://support.apple.com/en-us/HT214056
8. https://support.apple.com/en-us/HT214057
9. https://support.apple.com/en-us/HT214058
10. https://support.apple.com/en-us/HT214059
11. https://support.apple.com/en-us/HT214061
12. https://support.apple.com/en-us/HT214063
13. https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html