US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog | allinfosecnews.com

Sept. 9, 2023, 5:01 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-33246 (CVSS score 9.8) affecting Apache RocketMQ to its Known Exploited Vulnerabilities Catalog. Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. Threat actors […]

The post US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog appeared first on Security …

agency apache breaking news broker catalog cisa components critical critical flaw critical vulnerability cve cvss cybersecurity exploited exploited vulnerabilities flaw hacking information security news infrastructure infrastructure security it information security known exploited known exploited vulnerabilities known exploited vulnerabilities catalog nameserver pierluigi paganini rocketmq score security us cisa vulnerabilities vulnerability

More from securityaffairs.co / Security Affairs

Hackers may have accessed thousands of accounts on the California state welfare platform 4 hours ago | securityaffairs.co

accounts benefitscal breach breached +21

Brokewell Android malware supports an extensive set of Device Takeover capabilities 11 hours ago | securityaffairs.co

android android malware breaking news brokewell android malware +18

Experts warn of an ongoing malware campaign targeting WP-Automatic plugin 1 day, 5 hours ago | securityaffairs.co

automatic backdoors breaking news campaign +33

Cryptocurrencies and cybercrime: A critical intermingling 1 day, 7 hours ago | securityaffairs.co

breaking news critical cryptocurrencies cyber crime +14

Kaiser Permanente data breach may have impacted 13.4 million patients 1 day, 7 hours ago | securityaffairs.co

american breach breaking news care +27

Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug 1 day, 9 hours ago | securityaffairs.co

attacks breaking news bug critical +25

Sweden’s liquor supply severely impacted by ransomware attack on logistics company 1 day, 12 hours ago | securityaffairs.co

alcohol attack breaking news critical +17

CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities … 1 day, 22 hours ago | securityaffairs.co

actor agency asa breaking news +28

CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog 2 days, 5 hours ago | securityaffairs.co

agency breaking news catalog cisa +29

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client

View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote

View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States

View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States

View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA

View on infosec-jobs.com