CISA Known Exploited Vulnerabilities

This dashboard displays the latest vulnerabilities published by the Cybersecurity & Infrastructure Security Agency (CISA).

CVE-2010-5326

SAP NetWeaver Remote Code Execution Vulnerability

Vendor: SAP

Product: NetWeaver

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.

Required Action:

Apply updates per vendor instructions.

CVE-2016-9563

SAP NetWeaver XML External Entity (XXE) Vulnerability

Vendor: SAP

Product: NetWeaver

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-611

CVE-2020-6287

SAP NetWeaver Missing Authentication for Critical Function Vulnerability

Vendor: SAP

Product: NetWeaver

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-306

CVE-2020-6207

SAP Solution Manager Missing Authentication for Critical Function Vulnerability

Vendor: SAP

Product: Solution Manager

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability which results in complete compromise of all SMDAgents connected to the Solution Manager.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-306

CVE-2016-3976

SAP NetWeaver Directory Traversal Vulnerability

Vendor: SAP

Product: NetWeaver

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-22

CVE-2019-16256

SIMalliance Toolbox Browser Command Injection Vulnerability

Vendor: SIMalliance

Product: Toolbox Browser

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve location and IMEI information or execute a range of other attacks by modifying the attack message.

Required Action:

Apply updates per vendor instructions.

CVE-2020-10148

SolarWinds Orion Authentication Bypass Vulnerability

Vendor: SolarWinds

Product: Orion

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-288

CVE-2021-35211

Ransomware

SolarWinds Serv-U Remote Code Execution Vulnerability

Vendor: SolarWinds

Product: Serv-U

Added: 2021-11-03

Due Date: 2021-11-17

Description:

SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-787

CVE-2016-3643

SolarWinds Virtualization Manager Privilege Escalation Vulnerability

Vendor: SolarWinds

Product: Virtualization Manager

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-264

CVE-2020-10199

Sonatype Nexus Repository Remote Code Execution Vulnerability

Vendor: Sonatype

Product: Nexus Repository

Added: 2021-11-03

Due Date: 2022-05-03

Description:

Sonatype Nexus Repository contains an unspecified vulnerability that allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-917

CVE-2021-20021

Ransomware

SonicWall Email Security Improper Privilege Management Vulnerability

Vendor: SonicWall

Product: SonicWall Email Security

Added: 2021-11-03

Due Date: 2021-11-17

Description:

SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-306

CVE-2019-7481

Ransomware

SonicWall SMA100 SQL Injection Vulnerability

Vendor: SonicWall

Product: SMA100

Added: 2021-11-03

Due Date: 2022-05-03

Description:

SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-89

CVE-2021-20022

Ransomware

SonicWall Email Security Unrestricted Upload of File Vulnerability

Vendor: SonicWall

Product: SonicWall Email Security

Added: 2021-11-03

Due Date: 2021-11-17

Description:

SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-434

CVE-2021-20023

Ransomware

SonicWall Email Security Path Traversal Vulnerability

Vendor: SonicWall

Product: SonicWall Email Security

Added: 2021-11-03

Due Date: 2021-11-17

Description:

SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-22

CVE-2021-20016

Ransomware

SonicWall SSLVPN SMA100 SQL Injection Vulnerability

Vendor: SonicWall

Product: SSLVPN SMA100

Added: 2021-11-03

Due Date: 2021-11-17

Description:

SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-89