News

CISA Adds 13 Exploited Vulnerabilities to List

As seen on ZDNet.

 

CISA released its latest update to the Known Exploited Vulnerabilities catalog, adding 13 new vulnerabilities. Nine of the vulnerabilities have a remediation date of February 1, and four of them have a remediation date of July 18. 

The list includes an October CMS Improper Authentication, a System Information Library for node.js Command Injection vulnerability, an Oracle Corporate Business Intelligence Enterprise Edition Path Traversal vulnerability, an Apache Airflow Experimental API Authentication Bypass vulnerability, a Drupal Core Unrestricted Upload of File vulnerability, and three Nagios XI OS Command Injection vulnerabilities.

CISA Known Exploited Vulnerabilities catalog

Neosec Vice President, Edward Roberts echoed that sentiment, adding that the volume of vulnerabilities involving APIs will continue to increase because there are more APIs being developed each day. Most organizations, he said, "don't even know how many APIs they have, let alone which ones have vulnerabilities, let alone consider how they are being defrauded by abusive behavior."

 

 

About Neosec

Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel. To learn more, visit Neosec.com.

news-cta-img

Test Drive the Neosec API Security Solution

One cloud-native platform, fully deployed in minutes, to protect your APIs.

Start Now