2 matches found
CVE-2022-23317
CobaltStrike =4.5 HTTPS listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL...
CVE-2022-23317
CVE-2022-23317 concerns the Cobalt Strike HTTP(S) listener. The root cause is that the listener fails to determine whether the request URL begins with a “/”, allowing an attacker to obtain information by crafting the URL. Affected: Cobalt Strike versions