1/22至1/28 Kown Exploited Vulnerabilities Catalog(KEV)週報

內容說明:

CISA於1/22至1/28在Kown Exploited Vulnerabilities Catalog(KEV)中發佈3個已遭駭客利用之漏洞。

 

影響平台:

受影響廠商與產品名稱如下:
VMware vCenter Server
Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit)
Atlassian Confluence Data Center and Server

 

處置建議:

修補說明請參考以下官方連結:
VMware vCenter Server:
https://www.vmware.com/security/advisories/VMSA-2023-0023.html

Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit):
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214056
https://support.apple.com/en-us/HT214057
https://support.apple.com/en-us/HT214058
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214061
https://support.apple.com/en-us/HT214063

Atlassian Confluence Data Center and Server:
https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
 

CVE編號:

CVE-2023-22527
CVE-2023-34048
CVE-2024-23222

 

參考資料:

1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
2. https://nvd.nist.gov/vuln/detail/CVE-2023-22527
3. https://nvd.nist.gov/vuln/detail/CVE-2023-34048
4. https://nvd.nist.gov/vuln/detail/CVE-2024-23222
5. https://www.vmware.com/security/advisories/VMSA-2023-0023.html
6. https://support.apple.com/en-us/HT214055
7. https://support.apple.com/en-us/HT214056
8. https://support.apple.com/en-us/HT214057
9. https://support.apple.com/en-us/HT214058
10. https://support.apple.com/en-us/HT214059
11. https://support.apple.com/en-us/HT214061
12. https://support.apple.com/en-us/HT214063
13. https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html