{"id":8375,"date":"2022-06-10T11:13:02","date_gmt":"2022-06-10T18:13:02","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8375"},"modified":"2023-03-03T14:40:42","modified_gmt":"2023-03-03T21:40:42","slug":"dhs-cisa-kevs-weekly-edition-6-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/dhs-cisa-kevs-weekly-edition-6-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 6: Patch Before you Hit the Deadline"},"content":{"rendered":"

On June 8, 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) has added 36 new vulnerabilities, bringing the total number of exploited bugs to 777.<\/p>\n

This blog lists all of the DHS CISA KEVs that need to be patched this week (June 1 to June 12, 2022).<\/p>\n

The federal agencies are expected to patch 14 known exploited vulnerabilities in the DHS CISA catalog this week in time for the June 1 to June 12, 2022 deadline. Based on our analysis of these\u00a0 KEVs, we found that –<\/p>\n

\"\"<\/p>\n

How Far Back Do They Go?<\/h2>\n

Of the 14 KEVs, 11 CVEs are old vulnerabilities dating from 2010 to 2021, with a patch deadline of June 1 to June 12, 2022.<\/p>\n

\"\"<\/p>\n

Which Vendors Are Affected?<\/h2>\n

These 14 CVEs that have a patch deadline of June 1 to June 12, 2022, affect 13 vendors such as Apache, Atlassian, RedHat, Vmware, and Linux.<\/p>\n

\"\"<\/p>\n

Severity Scores<\/h2>\n

\"\"<\/p>\n

Software Weaknesses<\/h2>\n

10 out of the 14 KEVs with a patch due date between June 1 to June 12, 2022 fall under the Top 40 Most Dangerous Software Weaknesses and OWASP Top 10:2021.<\/p>\n

\"\"<\/p>\n