Lucene search

AttackerKBAKB:38810292-4C26-493D-B5E1-D104C247E0D2

HistoryMar 24, 2023 - 12:00 a.m.

CVE-2022-42948

2023-03-2400:00:00

attackerkb.com

cobalt strike

html injection

remote code execution

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.025 Low

EPSS

Percentile

90.2%

JSON

Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42948

thesecmaster.com/how-to-fix-cve-2022-42948-a-critical-rce-vulnerability-in-cobalt-strike/

www.cobaltstrike.com/blog/

www.redpacketsecurity.com/helpsystems-cobalt-strike-code-execution-cve-2022-42948/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.025 Low

EPSS

Percentile

90.2%

JSON

Related for AKB:38810292-4C26-493D-B5E1-D104C247E0D2