Daily Threat/Vulnerability report (Orient DB vulnerability)

Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Daily Threat/Vulnerability report (Orient DB vulnerability)

Unread post by mikeshinn »

Please see this forum post for an explanation of the categories used in this report

ASL users

Summary: If you are using OrientDB install patch from vendor.

Already protect against/Known Method/No update required

CVE-2015-2912 (When OrientDB is protected by the ASL WAF)

Not already protected against/New Method/Update Available

None.

Not already protected against/Doesnt protect against/Solution

CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)

Potential Vulnerability/Solution

None.

Rules only users

Summary: If you are using OrientDB install patch from vendor.

Already protect against/Known Method/No update required

CVE-2015-2912 (When OrientDB is protected by webserver configured with default Atomicorp modsecurity rules.)

Not already protected against/New Method/Update Available

None.

Not already protected against/Doesnt protect against/Solution

CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)

Potential Vulnerability/Solution

None.
Post Reply