Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
CISA’s Newest Headache: Adobe and Oracle Vulnerabilities Join the Party
Brace yourselves! CISA has added Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog. With vulnerabilities that sound like they belong in a cyber-thriller, it’s time to patch up before an attacker makes your system their new favorite playground.
Hot Take:
Looks like the CISA is on a vulnerability-adding spree, and Adobe ColdFusion and Oracle Agile PLM got their golden tickets to the “Known Exploited Vulnerabilities” VIP list. Who knew being vulnerable could make you so popular!
Key Points:
- CISA adds Adobe ColdFusion and Oracle Agile PLM vulnerabilities to its Known Exploited Vulnerabilities catalog.
- Adobe ColdFusion’s CVE-2017-3066 has a CVSS score of 9.8, allowing arbitrary code execution.
- Oracle Agile PLM’s CVE-2024-20953 scores 8.8, enabling a low-privileged attacker to take over via HTTP.
- Federal agencies must fix these vulnerabilities by March 24, 2025.
- Private organizations are advised to review and address these vulnerabilities.
Already a member? Log in here