Daily Threat/Vulnerability report (Orient DB vulnerability)
Posted: Sun Jan 03, 2016 4:42 pm
Please see this forum post for an explanation of the categories used in this report
ASL users
Summary: If you are using OrientDB install patch from vendor.
Already protect against/Known Method/No update required
CVE-2015-2912 (When OrientDB is protected by the ASL WAF)
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)
Potential Vulnerability/Solution
None.
Rules only users
Summary: If you are using OrientDB install patch from vendor.
Already protect against/Known Method/No update required
CVE-2015-2912 (When OrientDB is protected by webserver configured with default Atomicorp modsecurity rules.)
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)
Potential Vulnerability/Solution
None.
ASL users
Summary: If you are using OrientDB install patch from vendor.
Already protect against/Known Method/No update required
CVE-2015-2912 (When OrientDB is protected by the ASL WAF)
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)
Potential Vulnerability/Solution
None.
Rules only users
Summary: If you are using OrientDB install patch from vendor.
Already protect against/Known Method/No update required
CVE-2015-2912 (When OrientDB is protected by webserver configured with default Atomicorp modsecurity rules.)
Not already protected against/New Method/Update Available
None.
Not already protected against/Doesnt protect against/Solution
CVE-2015-2913 (Vulnerability in RNG in OrientDB, install patch from vendor)
Potential Vulnerability/Solution
None.