AttackerKBAKB:C7E01DFF-A28A-4977-992D-5FA54ACD051CCVE-2022-27518
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
90.3%
Unauthenticated remote arbitrary code execution
Recent assessments:
ccondon-r7 at December 13, 2022 11:06pm UTC reported:
Lots of advanced-ish threat notifications this week…Citrix published a security advisory and a companion blog on this zero-day bug today, noting that it’s been exploited in the wild. The NSA also released information about APT 5 targeting Citrix ADC installations; their bulletin includes threat intel.
ADC is always a nice target, and often hangs out on the internet. Leaving “Exploitability” as a medium for now since there’s not a ton on the vuln inself, other than that it’s SAML-related. I’d expect more vuln details out on this one shortly, and probably a rise in exploitation—just in time for the holidays.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 3
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
90.3%