Merge branch 'DIVD-NL:main' into main

DIVD-NL · Dec 11, 2024 · 45f5acf · 45f5acf
2 parents 2597ddc + f678700
commit 45f5acf
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 4 deletions.
diff --git a/_cases/2024/DIVD-2024-00004.md b/_cases/2024/DIVD-2024-00004.md
@@ -33,6 +33,18 @@ timeline:
 - start: 2023-10-04
   end:
   event: "Case started"
+- start: 2024-03-01
+  end:
+  event: "Discovery of NGOs and their domains started."
+- start: 2024-09-30
+  end:
+  event: "Roughly 56.000 candidate NGOs found for scanning, continuing discovery."
+- start: 2024-11-04
+  end: 
+  event: "Vulnerability scanning has started on a first set of organisations."
+- start: 2024-11-20
+  end:
+  event: "Proceeding with first round of vulnerability notifications."
 ---
 
 ## Summary

diff --git a/_cases/2024/DIVD-2024-00041.md b/_cases/2024/DIVD-2024-00041.md
@@ -10,7 +10,8 @@ researchers:
 - Alwin Warringa
 - Max van der Horst
 cves:
-- CVE-2024-6670 
+- CVE-2024-6670
+- CVE-2024-7763
 product:
 - Progress Software WhatsUp
 versions: 
@@ -39,7 +40,12 @@ timeline:
 - start: 2024-10-17
   end:
   event: "Mails sent out."
-
+- start: 2024-11-12
+  end:
+  event: "Second mail round has been sent out."
+- start: 2024-11-12
+  end:
+  event: "Case closed."
 ---
 
 ## Summary
@@ -58,6 +64,7 @@ DIVD is currently working to identify parties that are running a vulnerable vers
 ## More information
 
 * {% cve CVE-2024-6670 %}
+* {% cve CVE-2024-7763 %}
 * [National Vulnerability Database for CVE-2024-6670](https://nvd.nist.gov/vuln/detail/CVE-2024-6670)
 - [WhatsUp Gold Security Bulletin](https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024)
 - [Summoning Team Analysis](https://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670/)
diff --git a/_cases/2024/DIVD-2024-00045.md b/_cases/2024/DIVD-2024-00045.md
@@ -3,7 +3,7 @@ layout: case
 title: "SysAid ITSM SQL Injection vulnerability" 
 author: Max van der Horst
 lead: Max van der Horst
-excerpt: "In May 2024, a SQL Injection vulnerability has been discovered in SysAid ITSM that has been reported to be actively exploited as recent as October 2024. Exploitation can result in unauthorized access to your ITSM system." 
+excerpt: "In March 2024, a SQL Injection vulnerability has been discovered in SysAid ITSM that has been reported to be actively exploited as recent as October 2024. Exploitation can result in unauthorized access to your ITSM system." 
 researchers: 
 - Max van der Horst
 cves:
@@ -34,8 +34,8 @@ timeline:
 ---
 
 ## Summary 
+DIVD has taken notice of active exploitation surrounding SysAid ITSM instances that are vulnerable to CVE-2024-36393. The vulnerability, which is an SQL Injection, was found in March 2024 and can lead to unauthorized actors gaining access to your organization's ITSM system.
 
-DIVD has taken notice of active exploitation surrounding SysAid ITSM instances that are vulnerable to CVE-2024-36393. The vulnerability, which is an SQL Injection, was found in May 2024 and can lead to unauthorized actors gaining access to your organization's ITSM system.
 
 ## Recommendation