all InfoSec news
CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list
Malware Analysis, News and Indicators - Latest topics malware.news
The Cybersecurity and Infrastructure Security Agency (CISA) said two vulnerabilities from Oracle and SugarCRM are actively being exploited and ordered federal civilian agencies to patch them before February 23.
On Thursday, CISA added CVE-2022-21587 – affecting Oracle’s E-Business suite – and CVE-2023-22952 – which affects multiple products from SugarCRM – to its Known Exploited Vulnerabilities Catalog. As with all additions to the list, CISA explained that the vulnerabilities are “frequent attack vectors for malicious cyber actors and pose significant risks …
agency attack bugs business catalog cisa cve cve-2022-21587 cve-2023-22952 cybersecurity explained exploited february federal infrastructure infrastructure security known exploited vulnerabilities known exploited vulnerabilities catalog list oracle patch products security sugarcrm vulnerabilities