CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
99.6%
attack.mitre.org/versions/v13/software/S0160/
attack.mitre.org/versions/v13/software/S0160/
attack.mitre.org/versions/v13/software/S0404/
attack.mitre.org/versions/v13/software/S0404/
attack.mitre.org/versions/v14/
attack.mitre.org/versions/v14/techniques/T1003/001/
attack.mitre.org/versions/v14/techniques/T1003/001/
attack.mitre.org/versions/v14/techniques/T1003/002/
attack.mitre.org/versions/v14/techniques/T1003/002/
attack.mitre.org/versions/v14/techniques/T1016/001/
attack.mitre.org/versions/v14/techniques/T1016/001/
attack.mitre.org/versions/v14/techniques/T1036/005/
attack.mitre.org/versions/v14/techniques/T1036/005/
attack.mitre.org/versions/v14/techniques/T1036/008/
attack.mitre.org/versions/v14/techniques/T1036/008/
attack.mitre.org/versions/v14/techniques/T1046/
attack.mitre.org/versions/v14/techniques/T1046/
attack.mitre.org/versions/v14/techniques/T1059/007/
attack.mitre.org/versions/v14/techniques/T1059/007/
attack.mitre.org/versions/v14/techniques/T1070/004/
attack.mitre.org/versions/v14/techniques/T1070/004/
attack.mitre.org/versions/v14/techniques/T1071/001/
attack.mitre.org/versions/v14/techniques/T1071/001/
attack.mitre.org/versions/v14/techniques/T1082/
attack.mitre.org/versions/v14/techniques/T1082/
attack.mitre.org/versions/v14/techniques/T1083/
attack.mitre.org/versions/v14/techniques/T1083/
attack.mitre.org/versions/v14/techniques/T1087/001/
attack.mitre.org/versions/v14/techniques/T1087/001/
attack.mitre.org/versions/v14/techniques/T1087/002/
attack.mitre.org/versions/v14/techniques/T1087/002/
attack.mitre.org/versions/v14/techniques/T1105/
attack.mitre.org/versions/v14/techniques/T1105/
attack.mitre.org/versions/v14/techniques/T1140/
attack.mitre.org/versions/v14/techniques/T1140/
attack.mitre.org/versions/v14/techniques/T1190/
attack.mitre.org/versions/v14/techniques/T1190/
attack.mitre.org/versions/v14/techniques/T1482/
attack.mitre.org/versions/v14/techniques/T1482/
attack.mitre.org/versions/v14/techniques/T1484/001/
attack.mitre.org/versions/v14/techniques/T1484/001/
attack.mitre.org/versions/v14/techniques/T1505/003/
attack.mitre.org/versions/v14/techniques/T1505/003/
attack.mitre.org/versions/v14/techniques/T1518/
attack.mitre.org/versions/v14/techniques/T1518/
attack.mitre.org/versions/v14/techniques/T1564/001/
attack.mitre.org/versions/v14/techniques/T1564/001/
cisasurvey.gov1.qualtrics.com/jfe/form/SV_9n4TtB8uttUPaM6?product=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
github.com/cisagov/Decider/
github.com/cisagov/Decider/
github.com/Tas9er/ByPassGodzilla
github.com/Tas9er/ByPassGodzilla
learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic
learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic
media.defense.gov/2019/Sep/09/2002180325/-1/-1/0/Segment%20Networks%20and%20Deploy%20Application%20Aware%20Defenses%20-%20Copy.pdf
media.defense.gov/2019/Sep/09/2002180325/-1/-1/0/Segment%20Networks%20and%20Deploy%20Application%20Aware%20Defenses%20-%20Copy.pdf
media.defense.gov/2019/Sep/09/2002180334/-1/-1/0/Enforce%20Signed%20Software%20Execution%20Policies%20-%20Copy.pdf
media.defense.gov/2019/Sep/09/2002180334/-1/-1/0/Enforce%20Signed%20Software%20Execution%20Policies%20-%20Copy.pdf
nvd.nist.gov/vuln/detail/CVE-2023-26360
nvd.nist.gov/vuln/detail/CVE-2023-26360
packetstormsecurity.com/files/172079/Adobe-ColdFusion-Unauthenticated-Remote-Code-Execution.html
packetstormsecurity.com/files/172079/Adobe-ColdFusion-Unauthenticated-Remote-Code-Execution.html
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
social.technet.microsoft.com/wiki/contents/articles/8548.active-directory-sysvol-and-netlogon.aspx
social.technet.microsoft.com/wiki/contents/articles/8548.active-directory-sysvol-and-netlogon.aspx
twitter.com/CISAgov
twitter.com/intent/tweet?text=Threat%20Actors%20Exploit%20Adobe%20ColdFusion%20CVE-2023-26360%20for%20Initial%20Access%20to%20Government%20Servers+https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
www.bleepingcomputer.com/news/security/stealthy-new-javascript-malware-infects-windows-pcs-with-rats/
www.bleepingcomputer.com/news/security/stealthy-new-javascript-malware-infects-windows-pcs-with-rats/
www.cisa.gov/cpg
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/cross-sector-cybersecurity-performance-goals
www.cisa.gov/known-exploited-vulnerabilities-catalog
www.cisa.gov/known-exploited-vulnerabilities-catalog
www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
www.cisa.gov/securebydesign
www.cisa.gov/securebydesign
www.cisa.gov/sites/default/files/publications/layering-network-security-segmentation_infographic_508_0.pdf
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a&title=Threat%20Actors%20Exploit%20Adobe%20ColdFusion%20CVE-2023-26360%20for%20Initial%20Access%20to%20Government%20Servers
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
www.oig.dhs.gov/
www.usa.gov/
www.virustotal.com/gui/file/a3acb9f79647f813671c1a21097a51836b0b95397ebc9cd178bc806e1773c864/detection
www.virustotal.com/gui/file/a3acb9f79647f813671c1a21097a51836b0b95397ebc9cd178bc806e1773c864/detection
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Threat%20Actors%20Exploit%20Adobe%20ColdFusion%20CVE-2023-26360%20for%20Initial%20Access%20to%20Government%20Servers&body=www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a