Trusted Design

• 重大度: Unknown
• 公開日: 2015-05-30
• 更新日: 2024-08-06

概要

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID.

このCVEに関連するMITRE ATT&CKテクニック

• T1003.002 - Security Account Manager
• T1192 - Spearphishing Link
• T1587.001 - Malware
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1566.001 - Spearphishing Attachment
• T1608.001 - Upload Malware
• T1558 - Steal or Forge Kerberos Tickets
• T1050 - New Service
• T1525 - Implant Internal Image
• T1562.004 - Disable or Modify System Firewall
• T1145 - Private Keys
• T1155 - AppleScript
• T1177 - LSASS Driver
• T1546.008 - Accessibility Features
• T1550.003 - Pass the Ticket
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1218.005 - Mshta
• T1608 - Stage Capabilities
• T1606.001 - Web Cookies
• T1598.002 - Spearphishing Attachment
• T1556.008 - Network Provider DLL
• T1497.002 - User Activity Based Checks
• T1606 - Forge Web Credentials
• T1534 - Internal Spearphishing
• T1219.003 - Remote Access Hardware
• T1187 - Forced Authentication
• T1486 - Data Encrypted for Impact
• T1567.003 - Exfiltration to Text Storage Sites
• T1203 - Exploitation for Client Execution
• T1499 - Endpoint Denial of Service
• T1213.003 - Code Repositories
• T1565.002 - Transmitted Data Manipulation
• T1223 - Compiled HTML File
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1204.001 - Malicious Link

このCVEが関連しているPulses

• Blue Coat SSL Appliance contains multiple vulnerabilities

CVEの関係性グラフ

---

← CVE一覧に戻る