內容說明：

CISA於1/22至1/28在Kown Exploited Vulnerabilities Catalog(KEV)中發佈3個已遭駭客利用之漏洞。

 

影響平台：

受影響廠商與產品名稱如下：
VMware vCenter Server
Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit)
Atlassian Confluence Data Center and Server

 

處置建議：

修補說明請參考以下官方連結：
VMware vCenter Server：
https://www.vmware.com/security/advisories/VMSA-2023-0023.html

Apple多項產品(iOS, iPadOS,、macOS、tvOS,及Safari WebKit)：
https://support.apple.com/en-us/HT214055
https://support.apple.com/en-us/HT214056
https://support.apple.com/en-us/HT214057
https://support.apple.com/en-us/HT214058
https://support.apple.com/en-us/HT214059
https://support.apple.com/en-us/HT214061
https://support.apple.com/en-us/HT214063

Atlassian Confluence Data Center and Server：
https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
 

CVE編號：

CVE-2023-22527
CVE-2023-34048
CVE-2024-23222

 

參考資料：

1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog
2. https://nvd.nist.gov/vuln/detail/CVE-2023-22527
3. https://nvd.nist.gov/vuln/detail/CVE-2023-34048
4. https://nvd.nist.gov/vuln/detail/CVE-2024-23222
5. https://www.vmware.com/security/advisories/VMSA-2023-0023.html
6. https://support.apple.com/en-us/HT214055
7. https://support.apple.com/en-us/HT214056
8. https://support.apple.com/en-us/HT214057
9. https://support.apple.com/en-us/HT214058
10. https://support.apple.com/en-us/HT214059
11. https://support.apple.com/en-us/HT214061
12. https://support.apple.com/en-us/HT214063
13. https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html