Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wizblogWiz BlogWIZBLOG:D6356F55FE1BA5A997CBCD7ADC183C06
HistoryDec 13, 2022 - 9:03 p.m.

CVE-2022-27518 exploited in the wild by APT5: everything you need to know

2022-12-1321:03:18
Wiz Blog
www.wiz.io
4

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.242 Low

EPSS

Percentile

96.6%

JSON

Detect and mitigate CVE-2022-27518, a Citrix ADC and Gateway unauthenticated RCE 0-day exploited in the wild by a nation state actor. Organizations should patch urgently.

Related

attackerkb 1
cisa_kev 1
rapid7blog 1
cisa 1
nessus 1
prion 1
cve 1
citrix 1
thn 3
trellix 2
qualysblog 1
attackerkb
attackerkb
CVE-2022-27518
2022-12-13 00:00:00
cisa_kev
cisa_kev
Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
2022-12-13 00:00:00
rapid7blog
rapid7blog
CVE-2022-27518: Critical Fix Released for Exploited Citrix ADC, Gateway Vulnerability
2022-12-13 23:19:21
cisa
cisa
Citrix Releases Security Updates for Citrix ADC, Citrix Gateway
2022-12-13 00:00:00
nessus
nessus
Citrix ADC and Citrix Gateway RCE (CTX474995)
2022-12-13 00:00:00
prion
prion
Remote code execution
2022-12-13 17:15:00
cve
cve
CVE-2022-27518
2022-12-13 17:15:00
citrix
citrix
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518
2022-12-13 12:01:35
thn
thn
Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities
2022-12-29 09:43:00
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
2022-12-14 04:40:00
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
2023-03-21 09:54:00
trellix
trellix
The Bug Report December 2022 Edition
2023-01-04 00:00:00
The Bug Report December 2022 Edition
2023-01-04 00:00:00
qualysblog
qualysblog
Qualys Threat Research Unit: Threat Thursdays, December 2022
2022-12-29 19:05:19

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.242 Low

EPSS

Percentile

96.6%

JSON
Related for WIZBLOG:D6356F55FE1BA5A997CBCD7ADC183C06
attackerkb1cisa_kev1rapid7blog1cisa1nessus1prion1cve1citrix1thn3trellix2qualysblog1