r The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two significant security flaws to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2017-3066 vulnerability in Adobe ColdFusion carries a CVSS score of 9.8, indicating high severity. Similarly, the Oracle Agile Product Lifecycle Management (PLM) vulnerability is also listed. CISA's actions reflect the agency's commitment to protecting critical infrastructure and national security. Organizations are urged to prioritize patch management and update their systems promptly to prevent potential exploitation of these vulnerabilities. Timely action can help minimize the risk of serious incidents and ensure public trust in digital services.
Key Points
The importance of regular software updates and patch management to mitigate the risk of known exploits.r
The potential consequences of unpatched vulnerabilities on critical infrastructure and national security.r
The role of agencies like CISA in disseminating information about exploited vulnerabilities to facilitate swift action by organizations.
Advertisement
Original Article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities in question are listed below -
CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting
Comments