Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Qlik | Sense

CVE-2023-48365

Qlik Sense HTTP Tunneling Vulnerability: Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Related CWE: CWE-444

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2025-01-13
Due Date: 2025-02-03

Additional Notes

Qlik | Sense

CVE-2023-41266

Qlik Sense Path Traversal Vulnerability: Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Date Added: 2023-12-07
Due Date: 2023-12-28

Additional Notes

Qlik | Sense

CVE-2023-41265

Related CWE: CWE-444

Known To Be Used in Ransomware Campaigns? Known

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Date Added: 2023-12-07
Due Date: 2023-12-28

Additional Notes

Veritas | Backup Exec Agent

CVE-2021-27876

Veritas Backup Exec Agent File Access Vulnerability: Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.

Related CWE: CWE-287

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-07
Due Date: 2023-04-28

Additional Notes

Veritas | Backup Exec Agent

CVE-2021-27877

Veritas Backup Exec Agent Improper Authentication Vulnerability: Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.

Related CWE: CWE-287

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-07
Due Date: 2023-04-28

Additional Notes

Veritas | Backup Exec Agent

CVE-2021-27878

Veritas Backup Exec Agent Command Execution Vulnerability: Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.

Related CWE: CWE-287

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-07
Due Date: 2023-04-28

Additional Notes

Fortra | Cobalt Strike

CVE-2022-42948

Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability: Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.

Related CWEs: CWE-79| CWE-116

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-30
Due Date: 2023-04-20

Additional Notes

Fortra | Cobalt Strike

CVE-2022-39197

Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability: Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.

Related CWEs: CWE-20| CWE-79

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-30
Due Date: 2023-04-20

Additional Notes

Fortra | GoAnywhere MFT

CVE-2023-0669

Fortra GoAnywhere MFT Remote Code Execution Vulnerability: Fortra (formerly, HelpSystems) GoAnywhere MFT contains a pre-authentication remote code execution vulnerability in the License Response Servlet due to deserializing an attacker-controlled object.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-02-10
Due Date: 2023-03-03

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates