Security Framework Assessments
Department of Defense contractors need to prepare now for the new Cybersecurity Maturity Model Certification (CMMC) that will be required to bid on future contracts. UNS can help you identify shortcomings and develop a targeted plan to meet these new compliance requirements.
Our trained and experienced consultants will conduct an initial assessment of your organization against the same criteria used in the NIST SP 800-171 and CMMC audits. We will meet with your management, administrative, and operational staff to help you align the assessment results with your abilities and timelines to make targeted recommendations that will help you meet your compliance goals.
NIST Vulnerability Database
The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
Last 20 Scored Vulnerability IDs & Summaries
CVE-2022-34212 – A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.7 MEDIUM
V2.0: 3.5 LOW
CVE-2022-32987 – Multiple cross-site scripting (XSS) vulnerabilities in /bsms/?page=manage_account of Simple Bakery Shop Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34198 – Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier does not escape the name and description of Stash Branch parameters on views displaying parameters, resulting… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34197 – Jenkins Sauce OnDemand Plugin 1.204 and earlier does not escape the name and description of Sauce Labs Browsers parameters on views displaying parameters, resulting… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34196 – Jenkins REST List Parameter Plugin 1.5.2 and earlier does not escape the name and description of REST list parameters on views displaying parameters, resulting… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-1353 – A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access… Read More
Published: Apr 29, 2022 | Updated: Jun 29, 2022
Published: Apr 29, 2022 | Updated: Jun 29, 2022
CVE-2022-34195 – Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34194 – Jenkins Readonly Parameter Plugin 1.0.0 and earlier does not escape the name and description of Readonly String and Readonly Text parameters on views displaying… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34193 – Jenkins Package Version Plugin 1.0.1 and earlier does not escape the name of Package version parameters on views displaying parameters, resulting in a stored… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34192 – Jenkins ontrack Jenkins Plugin 4.0.0 and earlier does not escape the name of Ontrack: Multi Parameter choice, Ontrack: Parameter choice, and Ontrack: SingleParameter parameters… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34191 – Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and earlier does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34190 – Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34176 – Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2017-20085 – A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-34183 – Jenkins Agent Server Parameter Plugin 1.1 and earlier does not escape the name and description of Agent Server parameters on views displaying parameters, resulting… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-46824 – Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in student_profile.php. Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-20651 – A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in… Read More
Published: Jun 22, 2022 | Updated: Jun 29, 2022
Published: Jun 22, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-41432 – A stored cross-site scripting (XSS) vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content. Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-33113 – Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the… Read More
Published: Jun 23, 2022 | Updated: Jun 29, 2022
Published: Jun 23, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2022-30874 – There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02. Read More
Published: Jun 21, 2022 | Updated: Jun 29, 2022
Published: Jun 21, 2022 | Updated: Jun 29, 2022
CVSS Severity
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
Health Check
Don’t just go with your gut, use real data to make informed technology decisions.
Your organization’s technology and safety starts by understanding your current performance. Use our Health Check to assess the overall health and safety of your organization, and get a clear roadmap for improvement.
