NVD disclosure day

Published threat advisories for April 26, 2022

CVE-2022-24706

Apache CouchDB Default Installation Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An improperly secured default installation of Apache CouchDB allows unauthenticated attackers to gain administrative privileges, impacting organizations using the database. This exposes them to risks of unauthorized data access and control, necessitating immediate security configuration reviews and updates.

NVD published: April 26, 2022 • CISA KEV

CVE advisoryKnown Exploit

CVE-2022-29499

Mitel MiVoice Connect Remote Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Mitel MiVoice Connect's Service Appliance component contains a data validation flaw enabling remote code execution. This impacts organizations by allowing unauthorized code execution on affected systems, posing a business risk.

NVD published: April 26, 2022 • CISA KEV