Network Remediation - Update

network/cves/2015/CVE-2015-3306.yaml

@@ -11,6 +11,7 @@ info:
     - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html
     - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html
     - https://nvd.nist.gov/vuln/detail/CVE-2015-3306
+  remediation: Upgrade to ProFTPD 1.3.5a / 1.3.6rc1 or later.
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
     cvss-score: 10

network/cves/2016/CVE-2016-2004.yaml

@@ -11,6 +11,8 @@ info:
     - http://www.kb.cert.org/vuls/id/267328
     - https://www.exploit-db.com/exploits/39858/
     - http://packetstormsecurity.com/files/137199/HP-Data-Protector-A.09.00-Command-Execution.html
+  remediation: |
+    Upgrade to the most recent version of HP Data Protector.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2016/CVE-2016-3510.yaml

@@ -8,6 +8,8 @@ info:
     Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.
   reference:
     - https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py
+  remediation: |
+    Install the relevant patch as per the advisory provided in the Oracle Critical Patch Update for July 2016.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2017/CVE-2017-3881.yaml

@@ -12,6 +12,7 @@ info:
     - https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/auxiliary/dos/cisco/ios_telnet_rocem.md
     - https://nvd.nist.gov/vuln/detail/CVE-2017-3881
     - http://www.securitytracker.com/id/1038059
+  remediation: Deactivate a telnet connection or employ Access Control Lists (ACLs) to limit access.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2017/CVE-2017-5645.yaml

@@ -12,6 +12,8 @@ info:
     - http://www.openwall.com/lists/oss-security/2019/12/19/2
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
     - http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
+  remediation: |
+    Consider updating to Log4j 2.15.0 or a newer version, deactivating JNDI lookups, or implementing a Java Agent to safeguard against potentially harmful JNDI lookups.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2018/CVE-2018-2628.yaml

@@ -12,6 +12,7 @@ info:
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
     - http://web.archive.org/web/20211207132829/https://securitytracker.com/id/1040696
     - http://www.securitytracker.com/id/1040696
+  remediation: Install the suitable patch as per the Oracle Critical Patch Update advisory
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2018/CVE-2018-2893.yaml

@@ -11,6 +11,7 @@ info:
     - https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL
     - https://nvd.nist.gov/vuln/detail/CVE-2018-2893
     - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
+  remediation: Install the suitable patch as per the Oracle Critical Patch Update advisory  
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2020/CVE-2020-11981.yaml

@@ -9,6 +9,7 @@ info:
   reference:
     - https://github.com/apache/airflow/pull/9178
     - https://github.com/vulhub/vulhub/tree/master/airflow/CVE-2020-11981
+  remediation: Upgrade apache-airflow to version 1.10.11 or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2020/CVE-2020-1938.yaml

@@ -11,6 +11,9 @@ info:
     - https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
     - https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
     - http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html
+  remediation:
+    - https://access.redhat.com/solutions/4851251
+
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2020/CVE-2020-7247.yaml

@@ -12,6 +12,7 @@ info:
     - https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45
     - http://www.openwall.com/lists/oss-security/2020/01/28/3
     - http://packetstormsecurity.com/files/156145/OpenSMTPD-6.6.2-Remote-Code-Execution.html
+  remediation: Install patches for OpenBSD 6.6
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2021/CVE-2021-44521.yaml

@@ -11,6 +11,8 @@ info:
     - https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution/
     - https://lists.apache.org/thread/y4nb9s4co34j8hdfmrshyl09lokm7356
     - http://www.openwall.com/lists/oss-security/2022/02/11/4
+  remediation:
+    - https://thesecmaster.com/how-to-fix-apache-cassandra-rce-vulnerability-cve-2021-44521/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 9.1

network/cves/2022/CVE-2022-0543.yaml

@@ -15,6 +15,7 @@ info:
     - https://bugs.debian.org/1005787
     - https://www.debian.org/security/2022/dsa-5081
     - https://lists.debian.org/debian-security-announce/2022/msg00048.html
+  remediation: Update to the most recent versions currently available.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 10

network/cves/2022/CVE-2022-24706.yaml

@@ -12,6 +12,8 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-24706
     - http://www.openwall.com/lists/oss-security/2022/04/26/1
     - http://www.openwall.com/lists/oss-security/2022/05/09/1
+  remediation: |
+    Upgrade to versions 3.2.2 or newer. Starting from CouchDB 3.2.2, the previous default Erlang cookie value "monster" will be rejected upon startup. Upgraded installations will be required to select an alternative value.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

network/cves/2022/CVE-2022-31793.yaml

@@ -12,6 +12,7 @@ info:
     - https://derekabdine.com/blog/2022-arris-advisory
     - https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/
     - http://inglorion.net/software/muhttpd/
+  remediation: Update the application to version 1.10
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5

network/cves/2023/CVE-2023-33246.yaml

@@ -12,6 +12,7 @@ info:
     - http://packetstormsecurity.com/files/173339/Apache-RocketMQ-5.1.0-Arbitrary-Code-Injection.html
     - http://www.openwall.com/lists/oss-security/2023/07/12/1
     - https://lists.apache.org/thread/1s8j2c8kogthtpv3060yddk03zq0pxyp
+  remediation: Update the RocketMQ application to version 5.1.1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8