Trusted Design

• 重大度: Unknown
• 公開日: 2016-03-16
• 更新日: 2024-08-05

概要

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.

このCVEに関連するMITRE ATT&CKテクニック

• T1003.002 - Security Account Manager
• T1192 - Spearphishing Link
• T1587.001 - Malware
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1070.007 - Clear Network Connection History and Configurations
• T1050 - New Service
• T1010 - Application Window Discovery
• T1525 - Implant Internal Image
• T1145 - Private Keys
• T1555.003 - Credentials from Web Browsers
• T1535 - Unused/Unsupported Cloud Regions
• T1563 - Remote Service Session Hijacking
• T1042 - Change Default File Association
• T1177 - LSASS Driver
• T1593.003 - Code Repositories
• T1546.008 - Accessibility Features
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1218.005 - Mshta
• T1497.002 - User Activity Based Checks
• T1679 - Selective Exclusion
• T1078 - Valid Accounts
• T1068 - Exploitation for Privilege Escalation
• T1110.004 - Credential Stuffing
• T1137.004 - Outlook Home Page
• T1027.004 - Compile After Delivery
• T1500 - Compile After Delivery
• T1213.003 - Code Repositories
• T1223 - Compiled HTML File
• T1538 - Cloud Service Dashboard

このCVEが関連しているPulses

• ArcSight ESM and ESM Express, Remote Arbitrary File Download

CVEの関係性グラフ

---

← CVE一覧に戻る