Trusted Design

• 重大度: Unknown
• 公開日: 2014-10-10
• 更新日: 2024-08-06

概要

The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.

このCVEに関連するMITRE ATT&CKテクニック

• T1557 - Adversary-in-the-Middle
• T1583.007 - Serverless
• T1003.002 - Security Account Manager
• T1192 - Spearphishing Link
• T1121 - Regsvcs/Regasm
• T1564 - Hide Artifacts
• T1063 - Security Software Discovery
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1558 - Steal or Forge Kerberos Tickets
• T1555 - Credentials from Password Stores
• T1070.008 - Clear Mailbox Data
• T1518.002 - Backup Software Discovery
• T1218.003 - CMSTP
• T1525 - Implant Internal Image
• T1562.004 - Disable or Modify System Firewall
• T1145 - Private Keys
• T1535 - Unused/Unsupported Cloud Regions
• T1583.004 - Server
• T1598.004 - Spearphishing Voice
• T1215 - Kernel Modules and Extensions
• T1177 - LSASS Driver
• T1546.008 - Accessibility Features
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1049 - System Network Connections Discovery
• T1051 - Shared Webroot
• T1218.005 - Mshta
• T1608 - Stage Capabilities
• T1608.005 - Link Target
• T1598.002 - Spearphishing Attachment
• T1497.002 - User Activity Based Checks
• T1606 - Forge Web Credentials
• T1071.002 - File Transfer Protocols
• T1679 - Selective Exclusion
• T1219.003 - Remote Access Hardware
• T1562.001 - Disable or Modify Tools
• T1055.012 - Process Hollowing
• T1110.004 - Credential Stuffing
• T1486 - Data Encrypted for Impact
• T1587.004 - Exploits
• T1595.003 - Wordlist Scanning
• T1184 - SSH Hijacking
• T1028 - Windows Remote Management
• T1499 - Endpoint Denial of Service
• T1656 - Impersonation
• T1493 - Transmitted Data Manipulation
• T1500 - Compile After Delivery
• T1213.003 - Code Repositories
• T1565.002 - Transmitted Data Manipulation
• T1219.002 - Remote Desktop Software
• T1027.006 - HTML Smuggling
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1596.005 - Scan Databases
• T1137.002 - Office Test
• T1173 - Dynamic Data Exchange
• T1086 - PowerShell
• T1566.003 - Spearphishing via Service
• T1601.002 - Downgrade System Image

このCVEが関連しているPulses

このCVEが関連しているPulsesはありません。

CVEの関係性グラフ

---

← CVE一覧に戻る