cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Monthly Vulnerability Insights: June 2022

raslam
Level 7 Flexeran
Level 7 Flexeran
2 0 408

Summary of  Monthly Vulnerability Insights:

Total advisories:  517 (last month: 688).

June reported fewer advisories after we have seen an increase each month since the beginning of this year.

The Log4j vulnerability is still being reported by vendors  after almost  7 months:

  • Atlassian Confluence
  • Atlassian Jira
  • TRAVIS – Corporate
  • IBM PureData System for Operational Analytics
  • Amazon Linux

The trend that we’ve seen for the last few months with hackers focusing on the Low and Medium Vulnerabilities has increased again ( with May being an exception). These Moderate and Less Critical Vulnerabilities are normally not a priority for many organizations, but please make sure you include Threat Intelligence in your Software Vulnerability Management Process to improve your prioritization. 

Important conclusions from this month's report are:

  • No Extremely Critical Advisory reported
  • Only 1 Zero-Day Advisory was reported ( Atlassian)
  • No Browser Zero-Day Advisories were reported, which is still very rare.
  • Threat Intelligence indicates that more Medium and Low Vulnerabilities are targeted by hackers.
  • Most vulnerabilities  (54.5%) are disclosed by IBM, SUSE, Ubuntu (Canonical), and Redhat 

Last month we reported that 62.65% of all Secunia Advisories had a Threat ( exploits, malware, ransomware, etc.) associated with them, this month the number has been higher to 64.60%↑ , with an increase in the lower and medium criticality range.