CVE-2024-21182: Vulnerabilidad explotada activamente agregada al catálogo de CISA

Descripción

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-21182 Oracle WebLogic Server Unspecified Vulnerability This type of vulnerability is a frequent attack vectors for malicious cyber actors and poses significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the&nbsp

CVEs mencionados

• CVE-2024-21182

Fuente oficial

Alerta publicada por CISA / US-CERT. Consulta el advisory completo para detalles técnicos, indicadores de compromiso y mitigaciones específicas.