TLP:CLEAR PAP:WHITE
Nessus Network Monitor 6.2.2 corrige varias vulnerabilidades
Descripción
Nessus Network Monitor aprovecha el software de terceros para ayudar a proporcionar la funcionalidad subyacente. Se descubrió que varios de los componentes de terceros contenían vulnerabilidades, y los proveedores han puesto a disposición versiones actualizadas.
Por precaución y de acuerdo con las mejores prácticas, Tenable ha optado por actualizar estos componentes para abordar el impacto potencial de los problemas.
Por precaución y de acuerdo con las mejores prácticas, Tenable ha optado por actualizar estos componentes para abordar el impacto potencial de los problemas.
- CVE-2023-32067 | High
- CVE-2023-31147 | Medium
- CVE-2023-31130 | Medium
- CVE-2023-31124 | Low
- CVE-2022-4904 | High
- CVE-2021-3672 | Medium
- CVE-2017-1000381 | High
- CVE-2016-5180 | Critical
- CVE-2022-22576 | High
- CVE-2022-27774 | Medium
- CVE-2022-27775 | High
- CVE-2022-27776 | Medium
- CVE-2022-27781 | High
- CVE-2022-27782 | High
- CVE-2022-32205 | Medium
- CVE-2022-32206 | Medium
- CVE-2022-32207 | Critical
- CVE-2022-32208 | Medium
- CVE-2022-35252 | Low
- CVE-2022-32221 | Critical
- CVE-2022-42915 | High
- CVE-2022-42916 | High
- CVE-2022-43551 | High
- CVE-2022-43552 | Medium
- CVE-2023-23914 | Critical
- CVE-2023-23915 | Medium
- CVE-2023-23916 | Medium
- CVE-2023-27533 | High
- CVE-2023-27534 | High
- CVE-2023-27535 | High
- CVE-2023-27536 | Medium
- CVE-2023-27538 | Medium
- CVE-2023-28320 | Medium
- CVE-2023-28321 | Medium
- CVE-2023-28322 | Low
- CVE-2019-12900 | Critical
- CVE-2016-3189 | Medium
- CVE-2019-20838 | Medium
- CVE-2020-14155 | Medium
- CVE-2023-29469 | Medium
- CVE-2023-28484 | Medium
- CVE-2022-40304 | High
- CVE-2022-40303 | High
- CVE-2022-29824 | Medium
- CVE-2022-23308 | High
- CVE-2021-3541 | Medium
- CVE-2021-3537 | Medium
- CVE-2021-3518 | High
- CVE-2021-3517 | High
- CVE-2020-24977 | Medium
- CVE-2020-7595 | High
- CVE-2019-20388 | High
- CVE-2019-19956 | High
- CVE-2018-14567 | Medium
- CVE-2018-14404 | High
- CVE-2018-9251 | Medium
- CVE-2017-18258 | Medium
- CVE-2017-16932 | Medium
- CVE-2017-16931 | Critical
- CVE-2017-15412 | High
- CVE-2017-9050 | High
- CVE-2017-9049 | High
- CVE-2017-9048 | High
- CVE-2017-9047 | High
- CVE-2017-8872 | Critical
- CVE-2017-7376 | Critical
- CVE-2017-7375 | Critical
- CVE-2017-5969 | Medium
- CVE-2017-5130 | High
- CVE-2016-9598 | Medium
- CVE-2016-9597 | High
- CVE-2016-9596 | Medium
- CVE-2016-5131 | High
- CVE-2016-4658 | Critical
- CVE-2016-4483 | High
- CVE-2016-4449 | High
- CVE-2016-4448 | Critical
- CVE-2016-4447 | High
- CVE-2016-3709 | Medium
- CVE-2016-3705 | High
- CVE-2016-3627 | High
- CVE-2016-2073 | Medium
- CVE-2016-1840 | High
- CVE-2016-1839 | Medium
- CVE-2016-1838 | Medium
- CVE-2016-1837 | Medium
- CVE-2016-1836 | Medium
- CVE-2016-1834 | High
- CVE-2016-1833 | Medium
- CVE-2016-1762 | High
- CVE-2015-8806 | High
- CVE-2015-8710 | Critical
- CVE-2015-8317 | Medium
- CVE-2015-8242 | Medium
- CVE-2015-8241 | Medium
- CVE-2015-8035 | Low
- CVE-2015-7942 | Medium
- CVE-2015-7941 | Medium
- CVE-2015-7500 | Medium
- CVE-2015-7499 | Medium
- CVE-2015-7498 | Medium
- CVE-2015-7497 | Medium
- CVE-2015-5312 | High
- CVE-2014-3660 | Medium
- CVE-2013-2877 | Medium
- CVE-2013-1969 | High
- CVE-2013-0339 | Medium
- CVE-2013-0338 | Medium
- CVE-2012-5134 | Medium
- CVE-2012-2871 | Medium
- CVE-2012-0841 | Medium
- CVE-2011-1944 | High
- CVE-2010-4494 | High
- CVE-2010-4008 | Medium
- CVE-2022-29824 | Medium
- CVE-2021-30560 | High
- CVE-2019-13118 | Medium
- CVE-2019-13117 | Medium
- CVE-2019-11068 | Critical
- CVE-2019-5815 | High
- CVE-2017-5029 | High
- CVE-2016-4609 | Critical
- CVE-2016-4607 | Critical
- CVE-2016-1684 | High
- CVE-2016-1683 | High
- CVE-2015-9019 | Medium
- CVE-2015-7995 | Medium
- CVE-2013-4520 | Medium
- CVE-2012-6139 | Medium
- CVE-2012-2870 | Medium
- CVE-2011-3970 | Medium
- CVE-2011-1202 | Medium
- CVE-2017-1000061 | High
- CVE-2022-46908 | High
- CVE-2022-35737 | High
- CVE-2021-45346 | Medium
- CVE-2021-36690 | High
- CVE-2021-31239 | High
- CVE-2021-20227 | Medium
- CVE-2020-35527 | Critical
- CVE-2020-35525 | High
- CVE-2020-15358 | Medium
- CVE-2020-13871 | High
- CVE-2020-13632 | Medium
- CVE-2020-13631 | Medium
- CVE-2020-13630 | High
- CVE-2020-13435 | Medium
- CVE-2020-13434 | Medium
- CVE-2020-11656 | Critical
- CVE-2020-11655 | High
- CVE-2020-9327 | High
- CVE-2019-20218 | High
- CVE-2019-19959 | High
- CVE-2019-19926 | High
- CVE-2019-19925 | High
- CVE-2019-19924 | Medium
- CVE-2019-19923 | High
- CVE-2019-19880 | High
- CVE-2019-19646 | Critical
- CVE-2019-19645 | Medium
- CVE-2019-19603 | High
- CVE-2019-19317 | Critical
- CVE-2019-19244 | High
- CVE-2019-19242 | Medium
- CVE-2019-16168 | Medium
- CVE-2019-9937 | High
- CVE-2019-9936 | High
- CVE-2019-8457 | Medium
- CVE-2022-23395 | Medium
- CVE-2022-31160 | Medium
- CVE-2023-2650 | Medium
- CVE-2023-1255 | Medium
- CVE-2023-0465 | Medium
- CVE-2023-0466 | Medium
Productos afectados
- c-ares | 1.10.0
- curl | 7.79.1
- libbzip2 | 1.0.6
- libpcre | 8.42
- libxml2 | 2.7.7
- libxslt | 1.1.26
- libxmlsec | 1.2.18
- sqlite | 3.27.2
- jQuery Cookie | 1.3.1
- jQuery UI | 1.13.0
- OpenSSL | 3.0.8
Riesgo
Crítico
Soluciones
Se recomienda actualizar los productos a las siguientes versiones:
- c-ares | 1.19.1
- curl | 8.1.2
- libbzip2 | 1.0.8
- libpcre | 8.44
- libxml2 | 2.11.1
- libxslt | 1.1.37
- libxmlsec | 1.2.37
- sqlite | 3.40.1
- jQuery Cookie | 1.4.1
- jQuery UI | 1.13.2
- OpenSSL | 3.0.9
Referencias
Contacto
Para más información, cualquier otra incidencia o problema de seguridad, puede ponerse en contacto a través de nuestra dirección de correo csirt@seresco.es