Lucene search
CISACISA-KEV-CVE-2022-39197HistoryMar 30, 2023 - 12:00 a.m.
Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability
2023-03-3000:00:00
CISA
www.cisa.gov
5
fortra cobalt strike
teamserver
xss
vulnerability
remote code execution
beacon configuration
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.008
Percentile
81.3%
Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.
Related
prion
prion
Cross site scripting
2022-09-22 01:15:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-10-09 04:06:23
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-10-14 11:46:01
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
2022-10-17 07:26:51
nvd
nvd
CVE-2022-39197
2022-09-22 01:15:11
cve
cve
CVE-2022-39197
2022-09-22 01:15:11
attackerkb
attackerkb
CVE-2022-39197
2022-09-22 00:00:00
cvelist
cvelist
CVE-2022-39197
2022-09-22 00:43:41
thn
thn
qualysblog
qualysblog
Qualys Threat Research Thursday
2022-09-29 14:32:00
trellix
trellix
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.008
Percentile
81.3%
Related for CISA-KEV-CVE-2022-39197