Select your nation of interest

Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:
CYBER ALERT
Home / CYBER ALERT
/
Vulnerabilities resolved in Bitdefender (AL01/240607/CSIRT-ITA)

Vulnerabilities resolved in Bitdefender (AL01/240607/CSIRT-ITA)

Summary

Bitdefender releases security updates to remediate a vulnerability – with ‘high’ severity – in the GravityZone Console On-Premise security management console solution for corporate devices.

Risk

Estimated impact of the vulnerability on the target community: MEDIUM/LOW (64.23/100)1.

Type

  • Security Restrictions Bypass

Affected Products and Versions

GravityZone Console On-Premise, versions prior to 6.38.1-2

Mitigation Actions

In line with vendor statements, it is recommended that vulnerable products be updated by following the security bulletin in the References section.

Unique Vulnerability Identifiers

CVE-2024-4177

References

https://www.bitdefender.com/support/security-advisories/host-whitelist-parser-issue-in-gravityzone-console-on-premise-va-11554

1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, prevalence of affected software/devices in the target community.

Redazione
7 June 2024

Recommended to you

Apple: 0-day detected in WebKit rendering engine (AL02/250312/CSIRT-ITA)

12 March, 2025

Adobe: Security Updates (AL03/250312/CSIRT-ITA

12 March, 2025

Joomla! Updates (AL04/250312/CSIRT-ITA)

12 March, 2025

HONG KONG SUPERVISORY AUTHORITY: Publishes Investigation Findingson the Data Breach Incident of the Companies...

12 March, 2025

Zoom Vulnerability (AL05/250312/CSIRT-ITA)

12 March, 2025

Laravel: Public PoC for CVE-2024-13919 Exploitation (AL06/250312/CSIRT-ITA)

12 March, 2025

Resolved vulnerabilities in Cisco products (AL07/250312/CSIRT-ITA)

12 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

12 March, 2025

Schneider Electric: Vulnerabilities discovered in various products (AL03/250311/CSIRT-ITA)

11 March, 2025

Siemens Product Updates (AL04/250311/CSIRT-ITA)

11 March, 2025

Ivanti March Security Update (AL05/250311/CSIRT-ITA)

11 March, 2025

Fixed vulnerabilities in Google Chrome (AL06/250311/CSIRT-ITA)

11 March, 2025

ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR

11 March, 2025

Vulnerabilities discovered in Fortinet products (AL07/250311/CSIRT-ITA)

11 March, 2025

LATVIAN SUPERVISORY AUTHORITY: Can my personal data be transferred to extrajudicial debt collection or...

11 March, 2025

CROATIAN SUPERVISORY AUTHORITY: A new coordinated action by the EDPB has begun: the right...

11 March, 2025

CISCO Product Updates (AL01/230112/CSIRT-ITA)

10 March, 2025

HONG KONG SUPERVISORY AUTHORITY: A Female Arrested for Suspected Doxxing Arising from Online Shopping Dispute

10 March, 2025

Vulnerability in QNAP Products (AL01/250310/CSIRT-ITA)

10 March, 2025

ICELANDIC SUPERVISORY AUTHORITY: Information obligation for automated decision-making

7 March, 2025

Search in 365TRUST

Our services

LEGAL & COMPLIANCE
PRIVACY & DATA PROTECTION
CYBER & INTELLIGENCE
AUDIT & CERTIFICATION
GOVERNANCE & AWARENESS
TRAINING & KNOWLEDGE