Alert Details


Computer Network Defence Alert State

 

secwiz blankback cro tp

The Computer Network Defence Alert State is designed to give a granular and more dynamic visualisation of the current security threat.  Increase in alert state will occur immediately upon detection of a new threat and drop again by one level each working day.  The rationale is that vulnerabilities often occur in clusters, therefore reducing the alert state again quickly, will increase your visibility of new threats to the same product.  It is important that the radar page is viewed at least daily in order to track these changes. Reductions in alert state occur at approximately 1900 GMT/UTC. Significant vulnerabilities may remain for longer. Vulnerabilities on this page are predominantly remotely executable, very few local server exploits will be shown.

 

                                                                                                       

Current Alerts

McAfee
High
Patch

Threat Intelligence Exchange server 2.0.1 Hotfix 1 fixes a Linux kernel vulnerability that allows remote attackers to cause a denial of service.

More info.

Fortinet
Increased
Patch

FortiOS XSS via srcintf during Firewall Policy Creation Impact can allow an attacker to execute unauthorized code or commands.

More info.

Linux
High
Patch

SuSE has updated tcpdump and libpcap.

More info.

Gentoo has updated flash.  More info.

BSD
High
Patch

FreeBSD has updated ipfilter.

More info.

Adobe
Guarded
Patch

Adobe has released security hotfixes for ColdFusion versions 10, 11 and the 2016 release. These hotfixes resolve an input validation issue that could be used in reflected XSS attacks. These hotfixes also include an updated version of Apache BlazeDS to mitigate java deserialization.

More info.

TrendMicro
Guarded
Patch

Trend Micro has released Critical Patches (CPs) for Trend Micro OfficeScan versions 11.0 and XG (12.0).  These CPs resolve multiple vulnerabilities related to potential privilege escalation and cross-site scripting (XSS) on affected machines.

More info.

HP
Guarded
Patch

Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that’s applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in disclosure of information.

More info.

Hitachi
Guarded
Patch

Cosminexus Developer's Kit for Java and Hitachi Developer's Kit for Java contain multiple vulnerabilities.

More info.

HMI
Guarded
Patch

An uncontrolled search path element vulnerability exists in the BLF-Tech LLC VisualView HMI.  Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code within the system.

More info.

Auto
Guarded
Patch

Details have been made available for man-in-the-middle and use of hard-coded cryptographic key vulnerabilities in Hyundai Motor America’s Blue Link.  Successful exploitation of these vulnerabilities may allow a remote attacker to gain access to insecurely transmitted sensitive information, which could allow the attacker to locate, unlock, and start a vehicle associated with the affected application.

More info.

 
 
 

 
 

 

 Return to the top of the Alert Details Page

 

Alert Definitions

Product
Guarded

GUARDED This alert state represents the return towards normalisation of an alert state, indicating that there was a higher alert state due to a product vulnerability during the previous few days.

Product
Increased

INCREASED This alert state indicates that a product vulnerability has been identified within the last few days. The vulnerability is either difficult to exploit, or if exploited, results in reduced impact to the target system.

Product
High

HIGH This alert state indicates a more serious vulnerability which is exploitable.

Product
Critical

CRITICAL This alert state indicates a significant threat to the product, where exploits exist or where the vulnerability is potentially devastating.

Product
Increased
New

NEW This bottom descriptor is used with a vulnerability which has been identified in the last 24 hours, with no patch or exploit. It will typically be paired with Increased.

Product
Guarded
+24hr

+24hr This bottom descriptor is used with Indicates an alert state which has been present for more than 24 hours. It will typically be paired with Guarded, and could be changed to +48hr for an item that came out as Critical.

Product
simple increasedxH200
Patch

PATCH This bottom descriptor indicates that patches are available for vulnerabilities, whether it is the initial report or a patch of a vulnerability that had been previously reported.  It could be paired with Increased or High, and on rare occasions Critical.

Product
High
Exploit

EXPLOIT This bottom descriptor indicates that an Exploit has been made public for a vulnerability, whether it is the initial report or an indication of an exploit for a vulnerability that had been previously reported.  It could be paired with High or Critical.

Product
Critical
0-Day

ZERO DAY This bottom descriptor indicates that a vulnerability has been announced without the opportunity for the vendor to patch it before the details are made known.  It could be paired with High or Critical.

 

                                                                                                       Return to the top of the Alert Details Page

 

Go to the Radar Page                                                 cndlogo 150x150

 

                                                                                                                            

Useful Links

 

These are links our analysts and radar page patrons find useful.  If you would like to suggest a link for this section, please send your suggestions to This email address is being protected from spambots. You need JavaScript enabled to view it.

 

http://isc.sans.edu/
http://www.us-cert.gov/
http://www.auscert.org.au/
http://cve.mitre.org/
http://atlas.arbor.net/

http://www.cert.org/advisories/
http://www.securityfocus.com/vulnerabilities
http://www.coresecurity.com/grid/advisories

http://www.iss.net/threats/ThreatList.php

https://testssl.sh/

Any other comments on our site or the Radar Page are welcome as well!

http://www.ubuntu.com/usn/usn-1215-1/