The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The three vulnerabilities are as follows –
CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability
CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control