.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
NW-2024-03: Multiple components within NetWitness Platform require a security update to address various vulnerabilities
Tags: Advisories, Security Advisories, Version 12.4.2
Advisory Type
be liable for any damages whatsoever including direct
Advisory Content
NetWitness Identifier
NW-2024-03
CVE Identifier
CRITICAL
CVE-2023-6816, 2016-1000027
MAJOR:
CVE-2021-47013, CVE-2023-52439, CVE-2023-3758, CVE-2023-52606, CVE-2023-20860, CVE-2023-20883, CVE-2023-50387, CVE-2023-50868, CVE-2023-4408, CVE-2023-4692, CVE-2023-45802, CVE-2023-31122, CVE-2023-44487, CVE-2024-25062, CVE-2024-3372, CVE-2024-33599, CVE-2023-6597, CVE-2023-43787, CVE-2020-15778, CVE-2019-25162, CVE-2023-5367, CVE-2024-21885, CVE-2024-0409, CVE-2024-21886, CVE-2024-0229, CVE-2024-22259, CVE-2024-22262, CVE-2021-41072, CVE-2021-40153, CVE-2022-46329, CVE-2024-2961, CVE-2024-1753, CVE-2024-32487, CVE-2022-2880, CVE-2023-2953, CVE-2022-48624
MODERATE:
CVE-2024-33602, CVE-2024-33601, CVE-2024-26659, CVE-2024-26897, CVE-2021-47118, CVE-2024-26593, CVE-2023-52513, CVE-2022-48627, CVE-2021-47171, CVE-2023-52595, CVE-2024-23307, CVE-2021-46934, CVE-2024-0340, CVE-2021-47185, CVE-2024-26872, CVE-2024-26693, CVE-2023-52528, CVE-2024-26694, CVE-2023-52477, CVE-2024-26892, CVE-2023-52594, CVE-2024-26642, CVE-2024-26643, CVE-2023-52578, CVE-2021-47153, CVE-2023-20861, CVE-2024-22232, CVE-2024-22231, CVE-2024-33600, CVE-2023-20592, CVE-2023-27043, CVE-2023-4693, CVE-2023-43786, CVE-2024-22365, CVE-2024-26615, CVE-2024-26933, CVE-2023-52520, CVE-2024-27056, CVE-2024-26993, CVE-2024-27048, CVE-2024-26743, CVE-2024-26919, CVE-2023-52607, CVE-2024-26973, CVE-2024-26934, CVE-2024-26901, CVE-2022-48669, CVE-2020-36777, CVE-2024-26603, CVE-2024-26964, CVE-2024-26779, CVE-2024-26744, CVE-2024-27059, CVE-2024-27052, CVE-2024-27014, CVE-2024-0408, CVE-2024-25744, CVE-2023-7008, CVE-2019-14865, CVE-2023-52598, CVE-2024-26664, CVE-2024-26610, CVE-2024-0450, CVE-2021-43618, CVE-2023-52610, CVE-2023-34055, CVE-2023-20863, CVE-2023-43785, CVE-2023-6240, CVE-2021-47356, CVE-2024-26907, CVE-2022-41715, CVE-2024-3651, CVE-2024-0450, CVE-2023-5090, CVE-2024-24786, CVE-2023-52881, CVE-2024-26974, CVE-2021-47310, CVE-2024-36004, CVE-2023-52686, CVE-2024-35960, CVE-2024-35958, CVE-2024-26906, CVE-2024-26826, CVE-2023-52667, CVE-2024-35959, CVE-2024-26675, CVE-2021-47353, CVE-2021-46972, CVE-2023-52675, CVE-2024-26759, CVE-2024-26804, CVE-2024-26735, CVE-2020-26555, CVE-2024-28176, CVE-2024-28182
MINOR:
CVE-2021-47055, CVE-2023-52445, CVE-2024-1048, CVE-2023-52565, CVE-2024-22243, CVE-2024-21011, CVE-2024-21094, CVE-2024-21068, CVE-2024-21085, CVE-2024-35235, CVE-2024-25629, CVE-2024-28180, CVE-2024-26859, CVE-2023-52560, CVE-2023-52464, CVE-2021-47073
Severity Rating
CVSS v3 Base Score: See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
Affected Products
NetWitness Platform versions prior to 12.4.2
Summary
Multiple components within the NetWitness Platform require a security update to address various vulnerabilities.
Details
The embedded components are updated for the following vulnerabilities:
- CVE-2024-22232 - SaltStack Multiple Vulnerabilities
- CVE-2024-22231 - SaltStack Multiple Vulnerabilities
- CVE-2023-50387 - AlmaLinux Security Update for bind and dhcp (ALSA-2024:3271)
- CVE-2023-50868 - AlmaLinux Security Update for bind and dhcp (ALSA-2024:3271)
- CVE-2023-4408 - AlmaLinux Security Update for bind and dhcp (ALSA-2024:3271)
- CVE-2024-2961 - AlmaLinux Security Update for glibc (ALSA-2024:3269)
- CVE-2024-33602 - AlmaLinux Security Update for glibc (ALSA-2024:3344)
- CVE-2024-33601 - AlmaLinux Security Update for glibc (ALSA-2024:3344)
- CVE-2024-33600 - AlmaLinux Security Update for glibc (ALSA-2024:3344)
- CVE-2024-33599 - AlmaLinux Security Update for glibc (ALSA-2024:3344)
- CVE-2023-43786 - AlmaLinux Security Update for libX11 (ALSA-2024:2973)
- CVE-2023-43785 - AlmaLinux Security Update for libX11 (ALSA-2024:2973)
- CVE-2023-43787 - AlmaLinux Security Update for libX11 (ALSA-2024:2973)
- CVE-2023-20592 - AlmaLinux Security Update for linux-firmware (ALSA-2024:3178)
- CVE-2022-46329 - AlmaLinux Security Update for linux-firmware (ALSA-2024:3178)
- CVE-2020-15778 - AlmaLinux Security Update for openssh (ALSA-2024:3166)
- CVE-2024-22365 - AlmaLinux Security Update for pam (ALSA-2024:3163)
- CVE-2024-0450 - AlmaLinux Security Update for python3 (ALSA-2024:3347 and ALSA-2024:4058)
- CVE-2023-6597 - AlmaLinux Security Update for python3 (ALSA-2024:3347 and ALSA-2024:4058)
- CVE-2023-27043 - AlmaLinux Security Update for python3.11 (ALSA-2024:3062)
- CVE-2021-41072 - AlmaLinux Security Update for squashfs-tools (ALSA-2024:3139)
- CVE-2021-40153 - AlmaLinux Security Update for squashfs-tools (ALSA-2024:3139)
- CVE-2023-3758 - AlmaLinux Security Update for sssd (ALSA-2024:3270)
- CVE-2023-7008 - AlmaLinux Security Update for systemd (ALSA-2024:3203)
- CVE-2024-21011 - ALSA-2024:1818 java-1.8.0-openjdk security update
- CVE-2024-21094 - ALSA-2024:1818 java-1.8.0-openjdk security update
- CVE-2024-21068 - ALSA-2024:1818 java-1.8.0-openjdk security update
- CVE-2024-21085 - ALSA-2024:1818 java-1.8.0-openjdk security update
- CVE-2024-1048 - ALSA-2024:3184 grub2 security update
- CVE-2023-4693 - ALSA-2024:3184 grub2 security update
- CVE-2019-14865 - ALSA-2024:3184 grub2 security update
- CVE-2023-4692 - ALSA-2024:3184 grub2 security update
- CVE-2021-43618 - ALSA-2024:3214 gmp security update
- CVE-2021-47055 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52445 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52565 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26659 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26897 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-47118 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26593 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52513 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2022-48627 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-47171 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52595 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-23307 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-46934 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-0340 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-47185 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26872 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26693 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52528 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26694 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52477 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26892 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52594 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26642 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26643 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52578 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-47153 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26615 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26933 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52520 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-27056 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26993 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-27048 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26743 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26919 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52607 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26973 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26934 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26901 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2022-48669 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2020-36777 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26603 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26964 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26779 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26744 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-27059 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-27052 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-27014 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-25744 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52598 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26664 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2024-26610 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52610 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-6240 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2021-47013 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52439 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-52606 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2019-25162 - AlmaLinux 8 : kernel update (ALSA-2024:3618)
- CVE-2023-45802 - ALSA-2024:3121 httpd:2.4 security update
- CVE-2023-31122 - ALSA-2024:3121 httpd:2.4 security update
- CVE-2023-44487 - ALSA-2024:3121 httpd:2.4 security update
- CVE-2024-25062 - ALSA-2024:3626 libxml2 security update
- CVE-2024-0408 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2023-5367 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2024-21885 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2024-0409 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2024-21886 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2024-0229 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2023-6816 - AlmaLinux 8: tigervnc and xorg-x11-server security update
- CVE-2024-22243 - Vulnerability in Spring Framework
- CVE-2023-20861 - Vulnerability in Spring Framework
- CVE-2023-34055 - Vulnerability in Spring Framework
its affiliates or its suppliers