DATABASE RESOURCES PRICING ABOUT US

{"id": "FD29F3D8-6DCC-5B72-841C-22BC4B8F7C7B", "vendorId": null, "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Allocation of Resources Without Limits or Throttling in Helpsystems Cobalt Strike", "description": "# CVE-2021-36798\n\n\n\nCVE-2021-36798 Cobalt Strike < 4.3 dos \n\n...", "published": "2021-08-19T11:26:51", "modified": "2022-05-22T03:07:08", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "", "reporter": "", "references": [], "cvelist": ["CVE-2021-36798"], "immutableFields": [], "lastseen": "2022-05-22T14:29:35", "viewCount": 39, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:7F852D84-C725-46CF-9B3E-E27CF0E549E0"]}, {"type": "cve", "idList": ["CVE-2021-36798"]}, {"type": "githubexploit", "idList": ["2648C890-D87A-5DA2-8F34-FB2DFADF2541"]}], "rev": 4}, "score": {"value": 5.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:7F852D84-C725-46CF-9B3E-E27CF0E549E0"]}, {"type": "cve", "idList": ["CVE-2021-36798"]}, {"type": "githubexploit", "idList": ["2648C890-D87A-5DA2-8F34-FB2DFADF2541"]}, {"type": "kitploit", "idList": ["KITPLOIT:116690769744039319", "KITPLOIT:3914630022698029767"]}, {"type": "threatpost", "idList": ["THREATPOST:99DC4B497599503D640FDFD9A2DC5FA3"]}]}, "exploitation": null, "vulnersScore": 5.1}, "_state": {"dependencies": 0}, "_internal": {}, "privateArea": 1}

{"attackerkb": [{"lastseen": "2022-05-08T02:20:12", "description": "A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons\u2019 communication with it.\n\n \n**Recent assessments:** \n \n**Dviros** at August 04, 2021 2:19pm UTC reported:\n\nAs Cobalt Strike\u2019s source code got leaked in November 2020, it seems that versions 4.2 and 4.3 are both vulnerable to a Denial of Service attack that occurs when a new beacon registers with the Teamserver, thus causing a memory load and server crash. \nThe attacker need to the know the relevant beacon configuration prior to the execution, but this can be done rather easily with a multitude of tools released over GitHub, that performs config extraction from known Cobalt Strike C2 servers. \nCobalt Strike has become a tool which is used commonly by different threat actor groups worldwide, due to its availability, capabilities and effectiveness in covert channels.\n\nSentinel One have researched, reported and released a PoC code that triggers this vulnerability: \n<https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/>\n\nAs the PoC code got released, it is safe to assume that vulnerable C2 servers worldwide are being attacked.\n\nTo fix this issue, version 4.4 was released.\n\nAssessed Attacker Value: 4 \nAssessed Attacker Value: 4Assessed Attacker Value: 5\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-09T00:00:00", "type": "attackerkb", "title": "CVE-2021-36798", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36798"], "modified": "2021-08-18T00:00:00", "id": "AKB:7F852D84-C725-46CF-9B3E-E27CF0E549E0", "href": "https://attackerkb.com/topics/RvLR78bYki/cve-2021-36798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:52:51", "description": "A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-09T13:15:00", "type": "cve", "title": "CVE-2021-36798", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36798"], "modified": "2021-08-17T12:49:00", "cpe": ["cpe:/a:helpsystems:cobalt_strike:4.2", "cpe:/a:helpsystems:cobalt_strike:4.3"], "id": "CVE-2021-36798", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:helpsystems:cobalt_strike:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:helpsystems:cobalt_strike:4.2:*:*:*:*:*:*:*"]}], "githubexploit": [{"lastseen": "2022-05-24T16:10:27", "description": "# CobaltSpam\nTool based on [CobaltStrikeParser](https://github.c...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-20T16:36:23", "type": "githubexploit", "title": "Exploit for Allocation of Resources Without Limits or Throttling in Helpsystems Cobalt Strike", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36798"], "modified": "2022-05-24T08:55:57", "id": "E86C494D-3B8C-5EE4-A7FC-5D94C72DA7FE", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "privateArea": 1}, {"lastseen": "2022-06-12T11:20:33", "description": "A denial of service (DoS) vulnerability (CVE-2021-36798) was fou...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-06T11:49:03", "type": "githubexploit", "title": "Exploit for Allocation of Resources Without Limits or Throttling in Helpsystems Cobalt Strike", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36798"], "modified": "2022-06-12T10:00:40", "id": "2648C890-D87A-5DA2-8F34-FB2DFADF2541", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "privateArea": 1}]}