Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

High
CISA KEV

CVE-2018-18325

DotNetNuke (DNN)DotNetNuke (DNN)

DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811.

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2018-18325

Vulnerability Overview

Severity
High
CISA KEV
Yes
Ransomware
Unknown
Published
Nov 3, 2021
KEV Added
Nov 3, 2021
Due Date
May 3, 2022
Related Articles
0

Vendor

DotNetNuke (DNN)

DotNetNuke (DNN)