CISA Adds CVE-2022-36804 to the Known Exploited Vulnerabilities Catalog | allinfosecnews.com

Oct. 11, 2022, 9:17 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) recently added CVE-2022-36804 (Atlassian Bitbucket Server and Data Center Command Injection Vulnerability) to their Known Exploited Vulnerabilities catalog. The catalog list vulnerabilities that are being actively exploited in the wild and require federal agencies to apply patches by the due date. Successfully exploiting CVE-2022-36804 allows an attacker to execute arbitrary commands.Why is this Significant?This is significant because the vulnerability is in widely used Bitbucket Server and Data Center …

catalog cisa cve cve-2022-36804 known exploited vulnerabilities known exploited vulnerabilities catalog vulnerabilities

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Google Chromium in Visuals Use-After-Free Vulnerability (CVE-2024-4671) 3 days, 4 hours ago | fortiguard.fortinet.com

browser can chrome chromium +15

GitLab Password Reset Vulnerability (CVE-2023-7028) 6 days, 5 hours ago | fortiguard.fortinet.com

account administrator attacker cisa +23

Tinyproxy use-after-free Vulnerability (CVE-2023-49606) 1 week, 1 day ago | fortiguard.fortinet.com

actor arbitrary code can code +21

ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 week, 3 days ago | fortiguard.fortinet.com

access advisory application attackers +29

Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 2 weeks, 1 day ago | fortiguard.fortinet.com

CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 2 weeks, 2 days ago | fortiguard.fortinet.com

attackers attacks cisa cisa known exploited vulnerabilities +27

ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 3 weeks, 1 day ago | fortiguard.fortinet.com

adaptive security advisory april arcanedoor +22

Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 3 weeks, 1 day ago | fortiguard.fortinet.com

access advisory akira akira ransomware +17

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 month ago | fortiguard.fortinet.com

advisory attack code code injection +27

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Information System Security Engineer 2

@ Wyetech | Annapolis Junction, Maryland

View on infosec-jobs.com

Staff Vulnerability/Configuration Management Security Engineer

@ ServiceNow | Hyderabad, India

View on infosec-jobs.com

Security Engineer

@ AXS | London, England, UK

View on infosec-jobs.com