Security Advisories and Release Notes
Release Notes R&S®Web Application Firewall 6.8.1 (Latest)
We are pleased to announce the availability of R&S®Web Application Firewall 6.8.1 (Latest).
R&S®WAF Security update 3.38.0 - Patterns ICX
A new security update for ICX patterns and rules is available!
CVE-2022-22965 - Spring4Shell - Spring Core Remote Code Execution Vulnerability
A vulnerability was discovered in Spring Framework that can leads to an RCE.
CVE-2022-22963 - Spring Cloud Function Remote Code Execution Vulnerability
A vulnerability was discovered in Spring Cloud that can leads to an RCE.
CVE-2022-22720: Http request smuggling
A vulnerability that can be exploited when each server, in a server chain architecture, interprets HTTP headers differently.
CVE-2022-23943: Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server
A vulnerability in mod_sed of Apache HTTP Server that allows an attacker to overwrite heap memory with possibly attacker provided data.
Release Notes R&S®Web Application Firewall 6.8.0 (Latest)
We are pleased to announce the availability of R&S®Web Application Firewall 6.8.0 (Latest).
CVE-2022-0778: A Denial of Service Vulnerability in OpenSSL
A vulnerability with a high severity was discovered in OpenSSL sofware library.
Release R&S®Web Application Firewall 6.5.6-patch12 (LTS)
We are pleased to announce the availability of R&S®Web Application Firewall 6.5.6-patch12 (LTS), intended for use in production. Release date: 2022-03-08.
CVE-2022-21907: IIS HTTP Protocol Stack RCE
A highly critical RCE vulnerability has been found in Microsoft Windows IIS.
CVE-2021-4034: pkexec Local Privilege Escalation
Qualys team has discovered a Local Privilege Escalation on pkexec command from the polkit component.
Apache httpd 2.4.52 security fixes - CVE-2021-44790 - CVE-2021-44224
The Apache httpd team has released the version 2.4.52 fixing two vulnerabilities.
R&S®WAF Security update 3.37.0 - ICX Patterns
Security update available for ICX patterns.
R&S®WAF Bot mitigation - Good bot database update 1.1
Good bot update for Bot Mitigation.
©2022 Rohde & Schwarz Cybersecurity |
Maintenance and Support Contract