Trusted Design

• 重大度: Unknown
• 公開日: 2016-03-16
• 更新日: 2024-08-05

概要

HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.

このCVEに関連するMITRE ATT&CKテクニック

• T1003.002 - Security Account Manager
• T1587.001 - Malware
• T1484.002 - Trust Modification
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1558 - Steal or Forge Kerberos Tickets
• T1010 - Application Window Discovery
• T1525 - Implant Internal Image
• T1145 - Private Keys
• T1555.003 - Credentials from Web Browsers
• T1535 - Unused/Unsupported Cloud Regions
• T1563 - Remote Service Session Hijacking
• T1179 - Hooking
• T1593.003 - Code Repositories
• T1546.008 - Accessibility Features
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1552.001 - Credentials In Files
• T1218.005 - Mshta
• T1608.005 - Link Target
• T1497.002 - User Activity Based Checks
• T1679 - Selective Exclusion
• T1055.012 - Process Hollowing
• T1068 - Exploitation for Privilege Escalation
• T1110.004 - Credential Stuffing
• T1187 - Forced Authentication
• T1595.003 - Wordlist Scanning
• T1137.004 - Outlook Home Page
• T1095 - Non-Application Layer Protocol
• T1499 - Endpoint Denial of Service
• T1027.004 - Compile After Delivery
• T1065 - Uncommonly Used Port
• T1500 - Compile After Delivery
• T1213.003 - Code Repositories
• T1223 - Compiled HTML File
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings

このCVEが関連しているPulses

• ArcSight ESM and ESM Express, Remote Arbitrary File Download

CVEの関係性グラフ

---

← CVE一覧に戻る