Tech »  Topic »  CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database

CISA Adds Actively Exploited Apache and Microsoft Vulnerabilities to its Database


The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations using affected software platforms.

🛡️ We added 4 CVEs for #Apache, #Microsoft, & #Paessler to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec pic.twitter.com/YCd7PypNOJ

— CISA Cyber (@CISACyber) February 4, 2025

Among these newly added vulnerabilities are severe flaws in Apache OFBiz, Microsoft .NET Framework, and Paessler PRTG Network Monitor.

These vulnerabilities, if exploited, could enable attackers to gain unauthorized access, execute malicious commands, or expose sensitive information, posing significant security risks.

Apache OFBiz Forced Browsing Vulnerability (CVE-2024-45195)

CVE-2024-45195 highlights a forced browsing issue in Apache OFBiz, an open-source enterprise resource planning (ERP) system.

The vulnerability, identified under CWE-425 (Direct Request), allows remote attackers to bypass authentication protocols and access restricted resources ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE