Lucene search
Yash VermaTRENDMICROBLOG:C00F7F935E0D1EAD0509B4C376B20A1FHistoryOct 18, 2021 - 12:00 a.m.
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
2021-10-1800:00:00
Yash Verma
www.trendmicro.com
308
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883.
Related
trendmicroblog
trendmicroblog
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
2021-10-18 00:00:00
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage
2021-09-21 00:00:00
A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities
2022-09-14 00:00:00
packetstorm
packetstorm
Oracle WebLogic Server Administration Console Handle Remote Code Execution
2020-11-19 00:00:00
Oracle WebLogic Server 12.2.1.0 Remote Code Execution
2021-01-26 00:00:00
Confluence Server 7.12.4 OGNL Injection Remote Code Execution
2021-09-01 00:00:00
zdt
zdt
Oracle WebLogic Server Administration Console Handle Remote Code Execution Exploit
2020-11-19 00:00:00
Confluence Server 7.12.4 - (OGNL injection) Remote Code Execution Exploit
2021-09-01 00:00:00
Atlassian Confluence WebWork OGNL Injection Exploit
2021-09-10 00:00:00
attackerkb
attackerkb
checkpoint_advisories
checkpoint_advisories
impervablog
impervablog
Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers
2021-09-13 14:57:52
Imperva Detects Undocumented 8220 Gang Activities
2023-12-14 13:48:35
Bug hunting for a quick buck using WebLogic vulnerability (CVE-2020–14882)
2020-11-02 15:47:04
githubexploit
githubexploit
Exploit for Vulnerability in Oracle Weblogic Server
2020-10-28 11:43:37
Exploit for Vulnerability in Oracle Weblogic Server
2020-11-12 06:59:54
Exploit for Vulnerability in Oracle Fusion Middleware
2020-11-06 12:46:03
nuclei
nuclei
Oracle WebLogic Server - Remote Command Execution
2021-04-23 12:39:54
Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution
2021-03-21 08:03:59
Confluence Server - Remote Code Execution
2021-08-31 20:40:27
cisa_kev
cisa_kev
Oracle WebLogic Server Remote Code Execution Vulnerability
2021-11-03 00:00:00
Oracle WebLogic Server Remote Code Execution Vulnerability
2021-11-03 00:00:00
Oracle WebLogic Server Unspecified Vulnerability
2021-11-03 00:00:00
thn
thn
Multiple Botnets Exploiting Critical Oracle WebLogic Bug — PATCH NOW
2020-12-02 09:20:00
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
2023-05-31 15:44:00
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
2023-12-19 06:58:00
threatpost
threatpost
WordPress Patches 3-Year-Old High-Severity RCE Bug
2020-10-30 20:56:19
Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw
2020-11-03 13:57:26
Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software
2020-11-12 22:19:20
rapid7blog
rapid7blog
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882/CVE-2020-14750): What You Need to Know
2020-10-29 20:43:56
Metasploit Wrap-Up
2021-10-22 14:25:55
cve
cve
prion
prion
Design/Logic Flaw
2020-11-02 21:15:00
Design/Logic Flaw
2020-10-21 15:15:00
Code injection
2021-08-30 07:15:00
cisa
cisa
Oracle Releases Out-of-Band Security Alert
2020-11-02 00:00:00
Atlassian Releases Security Updates for Confluence Server and Data Center
2021-09-03 00:00:00
metasploit
metasploit
Oracle WebLogic Server Administration Console Handle RCE
2020-11-18 16:56:02
Atlassian Confluence WebWork OGNL Injection
2021-10-14 21:58:04
nessus
nessus
atlassian
atlassian
Confluence Server Webwork OGNL injection - CVE-2021-26084
2021-07-27 05:13:48
RCE on Confluence Data Center via OGNL Injection - CVE-2021-39114
2021-08-27 03:55:57
Confluence Server Webwork OGNL injection - CVE-2021-26084
2021-07-27 05:13:48
exploitdb
exploitdb
hackerone
hackerone
U.S. Dept Of Defense: RCE on ███████ [CVE-2021-26084]
2021-09-02 02:58:10
U.S. Dept Of Defense: RCE in ███ [CVE-2021-26084]
2021-09-02 05:49:27
akamaiblog
akamaiblog
kitploit
kitploit
Melody - A Transparent Internet Sensor Built For Threat Intelligence
2022-04-13 12:30:00
Vulmap - Web Vulnerability Scanning And Verification Tools
2020-12-25 11:30:00
malwarebytes
malwarebytes
A week in security (October 26 – November 1)
2020-11-02 17:46:12
Update now! Atlassian Confluence vulnerability is being actively exploited
2023-10-12 04:00:00
The top 5 most routinely exploited vulnerabilities of 2021
2022-04-29 16:28:20
hivepro
hivepro
Cerber targeting organizations with publicly available exploits
2021-12-14 13:50:15
mmpc
mmpc
mssecure
mssecure
qualysblog
qualysblog
Why Is Snapshot Scanning Not Enough?
2022-11-01 13:27:50
Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities
2023-08-24 19:07:05
CISA Alert: Top 15 Routinely Exploited Vulnerabilities
2022-05-06 12:19:24
avleonov
avleonov
github
github
Bypassing OGNL sandboxes for fun and charities
2023-01-27 16:00:49
ics
ics
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
googleprojectzero
googleprojectzero
2022 0-day In-the-Wild Exploitation…so far
2022-06-30 00:00:00
securelist
securelist
IT threat evolution in Q3 2021. PC statistics
2021-11-26 12:00:36
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related for TRENDMICROBLOG:C00F7F935E0D1EAD0509B4C376B20A1F