{"vulnerability": "cve-2020-3556", "sightings": [{"uuid": "47d7ca00-2cfc-49b1-a85f-0e287d317ae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3556", "type": "seen", "source": "MISP/dd7cd495-cd76-48fb-9aee-acfbf13a78cb", "content": "", "creation_timestamp": "2024-11-14T06:07:10.000000Z"}, {"uuid": "b4448944-d4fc-4c7a-9009-57231a15d58c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35567", "type": "seen", "source": "https://t.me/cibsecurity/23639", "content": "\u203c CVE-2020-35567 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:47:53.000000Z"}, {"uuid": "1484e797-4880-49e3-8caf-f492c52fb663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35565", "type": "seen", "source": "https://t.me/cibsecurity/23640", "content": "\u203c CVE-2020-35565 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:47:54.000000Z"}, {"uuid": "38ff1888-3354-42a4-9024-de3d665e8f9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35569", "type": "seen", "source": "https://t.me/cibsecurity/23648", "content": "\u203c CVE-2020-35569 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted cookie in the login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:48:07.000000Z"}, {"uuid": "5cbe7ae9-06d9-4a70-8a22-a07f93a514bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35560", "type": "seen", "source": "https://t.me/cibsecurity/23645", "content": "\u203c CVE-2020-35560 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:48:01.000000Z"}, {"uuid": "f25cc1dd-bc69-4257-8d25-aac05774b801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35563", "type": "seen", "source": "https://t.me/cibsecurity/23642", "content": "\u203c CVE-2020-35563 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an incomplete XSS filter allowing an attacker to inject crafted malicious code into the page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:47:58.000000Z"}, {"uuid": "c9cd5085-d416-4db9-a28f-43fdbb5a53ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35564", "type": "seen", "source": "https://t.me/cibsecurity/23638", "content": "\u203c CVE-2020-35564 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:47:52.000000Z"}, {"uuid": "f23209ff-b5f0-4c26-99c6-6dd2017f4967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35566", "type": "seen", "source": "https://t.me/cibsecurity/23637", "content": "\u203c CVE-2020-35566 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. An attacker can read arbitrary JSON files via Local File Inclusion.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:47:51.000000Z"}, {"uuid": "8f8620b0-be17-4100-8ae2-6189d79c288e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3556", "type": "seen", "source": "https://t.me/cibsecurity/16014", "content": "\u203c CVE-2020-3556 \u203c\n\nA vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listener. An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit could allow an attacker to cause the targeted AnyConnect user to execute a script. This script would execute with the privileges of the targeted AnyConnect user. In order to successfully exploit this vulnerability, there must be an ongoing AnyConnect session by the targeted user at the time of the attack. To exploit this vulnerability, the attacker would also need valid user credentials on the system upon which the AnyConnect client is being run. Cisco has not released software updates that address this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T22:51:34.000000Z"}, {"uuid": "9bbc38b2-4ee0-4401-a4e9-cd360687f985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35561", "type": "seen", "source": "https://t.me/cibsecurity/23650", "content": "\u203c CVE-2020-35561 \u203c\n\nAn issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T18:48:08.000000Z"}, {"uuid": "c315b421-6079-4b53-821d-b8871f7d5dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3556", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/41467", "content": "Cisco, the California based tech giant, has identified and disclosed a vulnerability via advisory CVE-2020-3556, regarding the InterProcess Communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software that would allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. Vulnerability The IPC channel of Cisco AnyConnect Secure Mobility [\u2026]\nThe post Cisco AnyConnect VPN zero-day Vulnerability, Exploit Code Available (https://gbhackers.com/cisco-anyconnect/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2020-11-05T12:29:22.000000Z"}]}