Base de Datos de Vulnerabilidades

The Vulnerability Notes Database provides information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Most vulnerability notes are the result of private coordination and disclosure efforts. For more comprehensive coverage of public vulnerability reports, consider the National Vulnerability Database (NVD). CERT/CC also publishes the Vulnerability Notes Data Archive on GitHub.

Security Update para Exchange On Premise

Security Update, afecta tanto a Servidores Exchange 2013, Exchange 2016 como así también Exchange 2019.

El listado de vulnerabilidades solucionadas por este Security Update es el siguiente.

La nota técnica con la información, pueden encontrarla en el siguiente vínculo.

Description of the security update for Microsoft Exchange Server 2019 and 2016: October 12, 2021 (KB5007012)

Los Security Updates correspondiente a cada versión de Exchange, pueden descargarlos de los siguientes vínculos.

Recuerde que en caso de no estar en las versiones de Cumulative Update descriptas en el paso anterior, deben actualizar a dicha versión, tal lo describe el siguiente diagrama.

Vulnerabilidades Publicadas Recientemente
CVE-2021-36146

ACRN versiones anteriores a 2.5, presenta una Desreferencia del Puntero NULL en el archivo devicemodel/hw/pci/xhci.c para un puntero trb

V.2.0: 6.5
Medium
V.3.1: 4.5
Medium
V.3.1: 4.5
Medium
CVE-2021-33192

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0

V.2.0: 4.5
Medium
V.3.1: 6.5
Medium
V.3.1: 6.5
Medium

The CERT/CC Vulnerability Notes Database is run by the CERT Division, which is part of the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. Together, we are leaders in cybersecurity, software innovation, and computer science.

cert division
Want to report a vulnerability?

The CERT Coordination Center (CERT/CC) prioritizes coordination efforts on vulnerabilities that affect multiple vendors or that impact safety, critical or internet infrastructure, or national security. We also prioritize reports that affect sectors that are new to vulnerability disclosure. We may be able to provide assistance for reports when the coordination process breaks down.

Before reporting a vulnerability to us, we recommend reading our vulnerability disclosure policy and guidance.

report a vulnerability
T-Cert / Tigo Copyright©, Guatemala todos los derechos reservados.