CVE-2018-6857 (GCVE-0-2018-6857)

Vulnerability from cvelistv5 – Published: 2018-07-09 18:00 – Updated: 2024-08-05 06:17
VLAI?
Summary
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2018-06-25 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://community.sophos.com/kb/en-us/131934"
          },
          {
            "name": "20180706 Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2018/Jul/20"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-09T17:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://community.sophos.com/kb/en-us/131934"
        },
        {
          "name": "20180706 Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2018/Jul/20"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6857",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.sophos.com/kb/en-us/131934",
              "refsource": "CONFIRM",
              "url": "https://community.sophos.com/kb/en-us/131934"
            },
            {
              "name": "20180706 Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities.",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2018/Jul/20"
            },
            {
              "name": "https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/",
              "refsource": "MISC",
              "url": "https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-6857",
    "datePublished": "2018-07-09T18:00:00.000Z",
    "dateReserved": "2018-02-08T00:00:00.000Z",
    "dateUpdated": "2024-08-05T06:17:17.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-6857",
      "date": "2026-04-25",
      "epss": "0.00019",
      "percentile": "0.05096"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:6.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F57138C-7C06-496F-994E-0966CE8212C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:6.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C35D6EE3-06A4-4720-A41F-A853CBF5AD31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:7.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EC3A868-4328-4C39-9846-8E1182E747CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:5.60.3:vs-nfd:*:*:*:*:*:*\", \"matchCriteriaId\": \"1831A4DA-2F50-411A-924F-FF0E15A593A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:6.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D8F90D7-7D25-418F-AE85-AD1D7E60DD18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:6.00.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"864E1982-8947-4EF7-912D-CDFD74E8D134\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:6.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60BBA33F-853D-407B-975B-A9182B259DB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:7.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88E54DC4-12A5-452F-8DCE-890645585097\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_enterprise_client:8.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3075C40D-1FF9-46D0-80F3-2EF8E8423974\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.90.1:ts:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BCE0FAF-54C0-420D-BA05-F90848408515\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.90.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CD621BA-6AB7-427D-B6D0-D2D75D1ADC18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.95.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C82A7CD5-0703-47E1-BA4F-3797986CE139\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.95.1:ts:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D0F50CA-6C19-4ECF-97B7-6636A2756961\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context.\"}, {\"lang\": \"es\", \"value\": \"Sophos SafeGuard Enterprise en versiones anteriores a la 8.00.5, SafeGuard Easy en versiones anteriores a la 7.00.3, y SafeGuard LAN Crypt en versiones anteriores a la 3.95.2 son vulnerables a una escalada de privilegios local mediante IOCTL 0x802022E0. Manipulando un b\\u00fafer de entrada, es posible controlar la ruta de ejecuci\\u00f3n al punto en el que la constante 0x12 se escribir\\u00e1 en una direcci\\u00f3n controlada por el usuario. Se puede aprovechar esta situaci\\u00f3n para modificar la estructura SEP_TOKEN_PRIVILEGES del objeto Token que pertenece al proceso del exploit y otorgar privilegios SE_DEBUG_NAME. Esto permite que el proceso del exploit interact\\u00fae con procesos con privilegios m\\u00e1s elevados que se ejecutan como SYSTEM, ejecutando c\\u00f3digo en su contexto de seguridad.\"}]",
      "id": "CVE-2018-6857",
      "lastModified": "2024-11-21T04:11:18.330",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-09T18:29:01.013",
      "references": "[{\"url\": \"http://seclists.org/fulldisclosure/2018/Jul/20\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://community.sophos.com/kb/en-us/131934\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2018/Jul/20\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://community.sophos.com/kb/en-us/131934\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6857\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-07-09T18:29:01.013\",\"lastModified\":\"2024-11-21T04:11:18.330\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context.\"},{\"lang\":\"es\",\"value\":\"Sophos SafeGuard Enterprise en versiones anteriores a la 8.00.5, SafeGuard Easy en versiones anteriores a la 7.00.3, y SafeGuard LAN Crypt en versiones anteriores a la 3.95.2 son vulnerables a una escalada de privilegios local mediante IOCTL 0x802022E0. Manipulando un b\u00fafer de entrada, es posible controlar la ruta de ejecuci\u00f3n al punto en el que la constante 0x12 se escribir\u00e1 en una direcci\u00f3n controlada por el usuario. Se puede aprovechar esta situaci\u00f3n para modificar la estructura SEP_TOKEN_PRIVILEGES del objeto Token que pertenece al proceso del exploit y otorgar privilegios SE_DEBUG_NAME. Esto permite que el proceso del exploit interact\u00fae con procesos con privilegios m\u00e1s elevados que se ejecutan como SYSTEM, ejecutando c\u00f3digo en su contexto de seguridad.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:6.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F57138C-7C06-496F-994E-0966CE8212C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C35D6EE3-06A4-4720-A41F-A853CBF5AD31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_easy_device_encryption_client:7.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EC3A868-4328-4C39-9846-8E1182E747CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:5.60.3:vs-nfd:*:*:*:*:*:*\",\"matchCriteriaId\":\"1831A4DA-2F50-411A-924F-FF0E15A593A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:6.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D8F90D7-7D25-418F-AE85-AD1D7E60DD18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:6.00.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"864E1982-8947-4EF7-912D-CDFD74E8D134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BBA33F-853D-407B-975B-A9182B259DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:7.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88E54DC4-12A5-452F-8DCE-890645585097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_enterprise_client:8.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3075C40D-1FF9-46D0-80F3-2EF8E8423974\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.90.1:ts:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCE0FAF-54C0-420D-BA05-F90848408515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.90.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD621BA-6AB7-427D-B6D0-D2D75D1ADC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.95.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C82A7CD5-0703-47E1-BA4F-3797986CE139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:safeguard_lan_crypt_client:3.95.1:ts:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D0F50CA-6C19-4ECF-97B7-6636A2756961\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2018/Jul/20\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://community.sophos.com/kb/en-us/131934\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2018/Jul/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://community.sophos.com/kb/en-us/131934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.