CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list

The Cybersecurity and Infrastructure Security Agency (CISA) said two vulnerabilities from Oracle and SugarCRM are actively being exploited and ordered federal civilian agencies to patch them before February 23. On Thursday, CISA added CVE-2022-21587 – affecting Oracle’s E-Business suite – and CVE-2023-22952 – which affects multiple products from SugarCRM – to its Known Exploited Vulnerabilities […]

agency briefs bugs business cisa cve cve-2022-21587 cve-2023-22952 cybersecurity exploited february federal government infrastructure infrastructure security known exploited vulnerabilities list oracle patch products security sugarcrm technology vulnerabilities vulnerability