CISA Advisory: CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

  • CVE-2024-23897 Jenkins Command Line Interface (CLI) Path Traversal Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.



This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA )

https://www.cisa.gov/news-events/alerts/2024/08/19/cisa-adds-one-known-exploited-vulnerability-catalog

  • Ricardo Alonso

    Related Posts

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Serial number: AV24-511Date: September 10, 2024 On September 10, 2024, Adobe published security advisories to address vulnerabilities in the following products: Acrobat DC – versions 24.003.20054 and prior (Windows), version 24.002.21005 and…

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA ) Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    Adobe security advisory (AV24–511) – Canadian Centre for Cyber Security

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    CISA Advisory: Citrix Releases Security Updates for Citrix Workspace App for Windows

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    Microsoft security advisory – September 2024 monthly rollup (AV24-510)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    SAP security advisory – September 2024 monthly rollup (AV24-506)

    [Control systems] CISA ICS security advisories (AV24-500)

    [Control systems] CISA ICS security advisories (AV24-500)

    Red Hat security advisory (AV24-502)

    Red Hat security advisory (AV24-502)