Report Name: AA22-279A report
Generated: 2022-10-17 00:04:06

Vulristics Vulnerability Scores

All vulnerabilities: 20
Urgent: 20
Critical: 0
High: 0
Medium: 0
Low: 0

Basic Vulnerability Scores

All vulnerabilities: 20
Critical: 16
High: 4
Medium: 0
Low: 0

Products

Product Name Prevalence U C H M L Comment

Apache HTTP Server 0.9 1 Apache HTTP Server is a free and open-source web server that delivers web content through the internet

Apache Log4j2 0.9 1 Log4j2 is revamped version of Apache Logging framework

GitLab 0.9 1 GitLab is a DevOps software package that combines the ability to develop, secure, and operate software in a single application

Microsoft Exchange 0.8 4 Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft

BIG-IP 0.7 2 BIG-IP platform is a smart evolution of Application Delivery Controller (ADC) technology; solutions built on this platform are load balancers

Citrix Application Delivery Controller 0.7 1 Citrix Application Delivery Controller (ADC) is an advanced load balancer with features that enhance the performance of applications

Confluence Server 0.7 2 Confluence is a web-based corporate wiki

Pulse Connect Secure 0.7 1 Pulse Connect Secure provides a seamless, cost-effective, SSL VPN solution for remote and mobile users from any web- enabled device to corporate resources

VMware vCenter 0.7 1 VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds

Zoho ManageEngine ADSelfService Plus 0.7 1 Zoho ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud apps

Cisco HyperFlex HX 0.6 1 Cisco HyperFlex HX Data Platform is a purpose-built, high-performance, scale-out file system with a wide array of enterprise-class data management services

Sitecore Experience Platform (XP) 0.6 1 Sitecore Experience Platform provides you with tools for content management, digital marketing, and analyzing and reporting

Hikvision Web Server 0.5 1 Hikvision provides top-of-the-line IoT solutions and video security systems for a broad range of verticals

Apache APISIX 0.4 1 Apache APISIX is a dynamic, real-time, high-performance API Gateway

Buffalo WSR 0.3 1 Buffalo WSR is a product line of wireless routers

Product Name	Prevalence	U	Comment
Apache HTTP Server	0.9	1	Apache HTTP Server is a free and open-source web server that delivers web content through the internet
Apache Log4j2	0.9	1	Log4j2 is revamped version of Apache Logging framework
GitLab	0.9	1	GitLab is a DevOps software package that combines the ability to develop, secure, and operate software in a single application
Microsoft Exchange	0.8	4	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
BIG-IP	0.7	2	BIG-IP platform is a smart evolution of Application Delivery Controller (ADC) technology; solutions built on this platform are load balancers
Citrix Application Delivery Controller	0.7	1	Citrix Application Delivery Controller (ADC) is an advanced load balancer with features that enhance the performance of applications
Confluence Server	0.7	2	Confluence is a web-based corporate wiki
Pulse Connect Secure	0.7	1	Pulse Connect Secure provides a seamless, cost-effective, SSL VPN solution for remote and mobile users from any web- enabled device to corporate resources
VMware vCenter	0.7	1	VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds
Zoho ManageEngine ADSelfService Plus	0.7	1	Zoho ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud apps
Cisco HyperFlex HX	0.6	1	Cisco HyperFlex HX Data Platform is a purpose-built, high-performance, scale-out file system with a wide array of enterprise-class data management services
Sitecore Experience Platform (XP)	0.6	1	Sitecore Experience Platform provides you with tools for content management, digital marketing, and analyzing and reporting
Hikvision Web Server	0.5	1	Hikvision provides top-of-the-line IoT solutions and video security systems for a broad range of verticals
Apache APISIX	0.4	1	Apache APISIX is a dynamic, real-time, high-performance API Gateway
Buffalo WSR	0.3	1	Buffalo WSR is a product line of wireless routers

Vulnerability Types

Vulnerability Type Criticality U C H M L Comment

Remote Code Execution 1.0 12 Remote Code Execution

Command Injection 0.97 4 Command Injection

Arbitrary File Reading 0.95 1 Arbitrary File Reading

Authentication Bypass 0.95 2 Authentication Bypass

Path Traversal 0.4 1 Path Traversal

Vulnerability Type	Criticality	U	Comment
Remote Code Execution	1.0	12	Remote Code Execution
Command Injection	0.97	4	Command Injection
Arbitrary File Reading	0.95	1	Arbitrary File Reading
Authentication Bypass	0.95	2	Authentication Bypass
Path Traversal	0.4	1	Path Traversal

Vulnerabilities

Urgent (20)

1. Remote Code Execution - Apache Log4j2 (CVE-2021-44228) - Urgent [981]

Description: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (CISA object, CISA object, CISA object), AttackerKB, Microsoft websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Apache Log4j 2 - Remote Code Execution Exploit, Apache Log4j2 2.14.1 - Information Disclosure Exploit, UniFi Network Application Unauthenticated Log4Shell Remote Code Execution Exploit, VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit, Log4Shell HTTP Header Injection Exploit, MobileIron Log4Shell Remote Command Execution Exploit, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Exploit for Deserialization of Untrusted Data in Apache Log4J, Exploit for Expression Language Injection in Apache Log4J, Apache Log4j2 2.14.1 Information Disclosure, Apache Log4j2 2.14.1 Remote Code Execution, MobileIron Log4Shell Remote Command Execution, UniFi Network Application Unauthenticated Log4Shell Remote Code Execution, VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution, Log4Shell HTTP Header Injection, MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell), Log4Shell HTTP Scanner)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.9	14	Log4j2 is revamped version of Apache Logging framework
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 10.0. Based on Vulners data

AA22-279A: Apache Log4j CVE-2021-44228 Remote Code Execution

2. Command Injection - GitLab (CVE-2021-22205) - Urgent [975]

Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Code Injection in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Improper Input Validation in Gitlab, Exploit for Improper Input Validation in Gitlab, GitLab Unauthenticated Remote ExifTool Command Injection, GitLab Unauthenticated Remote ExifTool Command Injection Exploit, GitLab 13.10.2 - Remote Code Execution Exploit, GitLab Unauthenticated Remote ExifTool Command Injection, GitLab 13.10.2 Remote Code Execution, GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated))
Criticality of Vulnerability Type	0.97	15	Command Injection
Vulnerable Product is Common	0.9	14	GitLab is a DevOps software package that combines the ability to develop, secure, and operate software in a single application
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 10.0. Based on Vulners data

AA22-279A: GitLab CE/EE CVE-2021-22205 Remote Code Execution

3. Remote Code Execution - Apache HTTP Server (CVE-2021-41773) - Urgent [954]

Description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object, AttackerKB object, CISA object), AttackerKB, AttackerKB, AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution, Apache HTTP Server 2.4.50 Remote Code Execution, Apache HTTP Server 2.4.49 Path Traversal, Apache HTTP Server 2.4.50 Path Traversal / Code Execution, Apache HTTP Server 2.4.50 Remote Code Execution, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Files or Directories Accessible to External Parties in Apache Flink, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Fedoraproject Fedora, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Exploit for Path Traversal in Apache Http Server, Apache HTTP Server 2.4.50 - Remote Code Execution Exploit (3), Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution Exploit, Apache HTTP Server 2.4.49 - Path Traversal Vulnerability, Apache 2.4.50 Remote Code Execution Exploit, Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution Vulnerabilities, Apache HTTP Server 2.4.50 - Remote Code Execution Exploit (2), Apache 2.4.49/2.4.50 Traversal RCE, Apache 2.4.49/2.4.50 Traversal RCE scanner, Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (3), Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE), Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (2), Apache 2.4.50 RCE, Apache 2.4.50 Path Traversal)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.9	14	Apache HTTP Server is a free and open-source web server that delivers web content through the internet
CVSS Base Score	0.8	10	Vulnerability Severity Rating based on CVSS Base Score is 7.5. Based on Vulners data

AA22-279A: Apache HTTP Server CVE-2021-41773 Path Traversal

4. Remote Code Execution - Microsoft Exchange (CVE-2021-26855) - Urgent [948]

Description: Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB, Microsoft websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Deserialization of Untrusted Data in Microsoft, Exploit for Path Traversal in Microsoft, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit, Microsoft Exchange ProxyLogon Remote Code Execution Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange ProxyLogon RCE, Microsoft Exchange ProxyLogon Scanner, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange ProxyLogon Remote Code Execution, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange Proxylogon SSRF Proof Of Concept, Microsoft Exchange 2019 Unauthenticated Email Download, Microsoft Exchange 2019 SSRF / Arbitrary File Write , Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit), Microsoft Exchange 2019 - Unauthenticated Email Download, Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability, SRC-2021-0012 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0013 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy ruleParameters TOCTOU Remote Code Execution Vulnerability (patch bypass), SRC-2021-0011 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass))
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.8	14	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
CVSS Base Score	0.9	10	Vulnerability Severity Rating based on CVSS Base Score is 9.1. Based on Microsoft data

AA22-279A: Microsoft Exchange CVE-2021-26855 Remote Code Execution

5. Remote Code Execution - BIG-IP (CVE-2020-5902) - Urgent [943]

Description: In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Cross-site Scripting in F5 Big-Ip Access Policy Manager, Exploit for Path Traversal in F5 Big-Ip Access Policy Manager, Exploit for Server-Side Request Forgery in Sap Businessobjects Business Intelligence Platform, F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution, BIG-IP TMUI Remote Code Execution, F5 Big-IP 13.1.3 Build 0.0.6 Local File Inclusion, F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Vulnerability, BIG-IP 15.0.0 < 15.1.0.3 - Traffic Management User Interface (TMUI) Remote Code Execution (2), F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution Exploit, BIG-IP 15.0.0 < 15.1.0.3 - Traffic Management User Interface (TMUI) Remote Code Execution Exploit, F5 BIG-IP Traffic Management User Interface File Disclosure, BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution (PoC), F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion, BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.7	14	BIG-IP platform is a smart evolution of Application Delivery Controller (ADC) technology; solutions built on this platform are load balancers
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data

AA22-279A: F5 Big-IP CVE-2020-5902 Remote Code Execution

6. Remote Code Execution - Confluence Server (CVE-2021-26084) - Urgent [943]

Description: In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence Server, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence, Exploit for Injection in Atlassian Confluence, Exploit for OS Command Injection in Zeroshell, Exploit for Deserialization of Untrusted Data in Apache Log4J, Atlassian Confluence WebWork OGNL Injection, Confluence Server 7.12.4 OGNL Injection Remote Code Execution, Atlassian Confluence Namespace OGNL Injection, Atlassian Confluence WebWork OGNL Injection, Confluence Server 7.12.4 - (OGNL injection) Remote Code Execution Exploit, Atlassian Confluence WebWork OGNL Injection Exploit, Atlassian Confluence Namespace OGNL Injection Exploit, Confluence Server 7.12.4 - 'OGNL injection' Remote Code Execution (RCE) (Unauthenticated))
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.7	14	Confluence is a web-based corporate wiki
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: Atlassian Confluence Server and Data Center CVE-2021-26084 Remote Code Execution

7. Remote Code Execution - Confluence Server (CVE-2022-26134) - Urgent [943]

Description: In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (cisa_kev object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for CVE-2022-26134, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Exploit for Injection in Atlassian Confluence Data Center, Atlassian Confluence Namespace OGNL Injection, Confluence OGNL Injection Remote Code Execution Exploit, Confluence Data Center 7.18.0 - Remote Code Execution Exploit, Atlassian Confluence Namespace OGNL Injection Exploit, Confluence OGNL Injection Remote Code Execution, Atlassian Confluence Namespace OGNL Injection, Confluence Data Center 7.18.0 - Remote Code Execution (RCE))
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.7	14	Confluence is a web-based corporate wiki
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: Atlassian CVE-2022-26134 Remote Code Execution

8. Remote Code Execution - VMware vCenter (CVE-2021-22005) - Urgent [943]

Description: The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object, CISA object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (VMware vCenter Server Analytics (CEIP) Service File Upload, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Unrestricted Upload of File with Dangerous Type in Vmware Cloud Foundation, Exploit for Server-Side Request Forgery in Vmware Vrealize Operations Manager, VMware vCenter Server Analytics (CEIP) Service File Upload Exploit, VMware vCenter Server Analytics (CEIP) Service File Upload)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.7	14	VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: VMware vCenter Server CVE-2021-22005 Arbitrary File Upload

9. Remote Code Execution - Zoho ManageEngine ADSelfService Plus (CVE-2021-40539) - Urgent [943]

Description: Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object, CISA object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (ManageEngine ADSelfService Plus Authentication Bypass / Code Execution Exploit, ManageEngine ADSelfService Plus Authentication Bypass / Code Execution, ManageEngine ADSelfService Plus CVE-2021-40539, Exploit for Improper Authentication in Zohocorp Manageengine Adselfservice Plus, Exploit for Improper Authentication in Zohocorp Manageengine Adselfservice Plus)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.7	14	Zoho ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud apps
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: ZOHO CVE-2021-40539 Remote Code Execution

10. Remote Code Execution - Microsoft Exchange (CVE-2021-26857) - Urgent [935]

Description: Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB, Microsoft websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Deserialization of Untrusted Data in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Path Traversal in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit, Microsoft Exchange ProxyLogon Remote Code Execution Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange ProxyLogon RCE, Microsoft Exchange ProxyLogon Scanner, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange ProxyLogon Remote Code Execution, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange Proxylogon SSRF Proof Of Concept, Microsoft Exchange 2019 Unauthenticated Email Download, Microsoft Exchange 2019 SSRF / Arbitrary File Write , Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit), Microsoft Exchange 2019 - Unauthenticated Email Download, SRC-2021-0012 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0013 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy ruleParameters TOCTOU Remote Code Execution Vulnerability (patch bypass), SRC-2021-0011 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.8	14	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
CVSS Base Score	0.8	10	Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data

AA22-279A: Microsoft CVE-2021-26857 Remote Code Execution

11. Remote Code Execution - Microsoft Exchange (CVE-2021-26858) - Urgent [935]

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB, Microsoft websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Deserialization of Untrusted Data in Microsoft, Exploit for Path Traversal in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Microsoft Exchange ProxyLogon Remote Code Execution Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange ProxyLogon RCE, Microsoft Exchange ProxyLogon Scanner, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange ProxyLogon Remote Code Execution, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange 2019 Unauthenticated Email Download, Microsoft Exchange Proxylogon SSRF Proof Of Concept, Microsoft Exchange 2019 SSRF / Arbitrary File Write , Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit), Microsoft Exchange 2019 - Unauthenticated Email Download, SRC-2021-0012 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0011 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0013 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy ruleParameters TOCTOU Remote Code Execution Vulnerability (patch bypass), Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.8	14	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
CVSS Base Score	0.8	10	Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data

AA22-279A: Microsoft CVE-2021-26858 Remote Code Execution

12. Remote Code Execution - Microsoft Exchange (CVE-2021-27065) - Urgent [935]

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB, Microsoft websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Path Traversal in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Vulnerability in Microsoft, Exploit for Deserialization of Untrusted Data in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Exploit for Server-Side Request Forgery in Microsoft, Microsoft Exchange ProxyLogon Remote Code Execution Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit, Microsoft Exchange 2019 - Unauthenticated Email Download Exploit, Microsoft Exchange ProxyLogon RCE, Microsoft Exchange ProxyLogon Scanner, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange ProxyLogon Remote Code Execution, Microsoft Exchange ProxyLogon Collector, Microsoft Exchange 2019 Unauthenticated Email Download, Microsoft Exchange Proxylogon SSRF Proof Of Concept, Microsoft Exchange 2019 SSRF / Arbitrary File Write , Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit), Microsoft Exchange 2019 - Unauthenticated Email Download, SRC-2021-0012 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0011 : Microsoft Exchange Server ImportTransportRuleCollection ProcessE15Format Remote Code Execution Vulnerability (patch bypass), SRC-2021-0013 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy ruleParameters TOCTOU Remote Code Execution Vulnerability (patch bypass), Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability, Microsoft Exchange Server ProxyLogon vulnerability)
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.8	14	Microsoft Exchange Server is a mail server and calendaring server developed by Microsoft
CVSS Base Score	0.8	10	Vulnerability Severity Rating based on CVSS Base Score is 7.8. Based on Microsoft data

AA22-279A: Microsoft CVE-2021-27065 Remote Code Execution

13. Arbitrary File Reading - Pulse Connect Secure (CVE-2019-11510) - Urgent [933]

Description: In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Pulse Secure SSL VPN 8.1R15.1 / 8.2 / 8.3 / 9.0 Arbitrary File Disclosure, Pulse Connect Secure File Disclosure, Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Arbitrary File Disclosure (Metasploit), Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure Exploit, Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit))
Criticality of Vulnerability Type	0.95	15	Arbitrary File Reading
Vulnerable Product is Common	0.7	14	Pulse Connect Secure provides a seamless, cost-effective, SSL VPN solution for remote and mobile users from any web- enabled device to corporate resources
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 10.0. Based on NVD data

AA22-279A: Pulse Connect Secure CVE-2019-11510 Arbitrary File Read

14. Authentication Bypass - BIG-IP (CVE-2022-1388) - Urgent [933]

Description: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (cisa_kev object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager, F5 BIG-IP iControl REST vulnerability, F5 BIG-IP iControl REST vulnerability, F5 BIG-IP Remote Code Execution, F5 BIG-IP 16.0.x Remote Code Execution, F5 BIG-IP iControl Remote Code Execution, F5 BIG-IP iControl RCE via REST Authentication Bypass, F5 BIG-IP 16.0.x - Remote Code Execution (RCE))
Criticality of Vulnerability Type	0.95	15	Authentication Bypass
Vulnerable Product is Common	0.7	14	BIG-IP platform is a smart evolution of Application Delivery Controller (ADC) technology; solutions built on this platform are load balancers
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: F5 Big-IP CVE-2022-1388 Remote Code Execution

15. Command Injection - Cisco HyperFlex HX (CVE-2021-1497) - Urgent [918]

Description: Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Cisco HyperFlex HX Data Platform Command Execution, Cisco HyperFlex HX 未授权命令注入漏洞（CVE-2021-1497 CVE-2021-1498）, Cisco HyperFlex HX Data Platform Command Execution Exploit)
Criticality of Vulnerability Type	0.97	15	Command Injection
Vulnerable Product is Common	0.6	14	Cisco HyperFlex HX Data Platform is a purpose-built, high-performance, scale-out file system with a wide array of enterprise-class data management services
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data

AA22-279A: Cisco Hyperflex CVE-2021-1497 Command Line Execution

16. Command Injection - Sitecore Experience Platform (XP) (CVE-2021-42237) - Urgent [918]

Description: Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Deserialization of Untrusted Data in Sitecore Experience Platform, Exploit for Deserialization of Untrusted Data in Sitecore Experience Platform, Exploit for Deserialization of Untrusted Data in Sitecore Experience Platform, Sitecore Experience Platform (XP) Remote Code Execution, Sitecore Experience Platform (XP) Remote Code Execution Exploit)
Criticality of Vulnerability Type	0.97	15	Command Injection
Vulnerable Product is Common	0.6	14	Sitecore Experience Platform provides you with tools for content management, digital marketing, and analyzing and reporting
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: Sitecore XP CVE-2021-42237 Remote Code Execution

17. Command Injection - Hikvision Web Server (CVE-2021-36260) - Urgent [899]

Description: A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl Firmware, Hikvision IP Camera Unauthenticated Command Injection, Hikvision Web Server Build 210702 Command Injection, Hikvision Web Server Build 210702 - Command Injection Exploit, Hikvision IP Camera Unauthenticated Command Injection Exploit, Hikvision IP Camera Unauthenticated Command Injection, Hikvision Web Server Build 210702 - Command Injection)
Criticality of Vulnerability Type	0.97	15	Command Injection
Vulnerable Product is Common	0.5	14	Hikvision provides top-of-the-line IoT solutions and video security systems for a broad range of verticals
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: Hikvision Webserver CVE-2021-36260 Command Injection

18. Remote Code Execution - Apache APISIX (CVE-2022-24112) - Urgent [886]

Description: An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (cisa_kev object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for Authentication Bypass by Spoofing in Apache Apisix, Exploit for CVE-2022-244112, APISIX Admin API default access token RCE, Apache APISIX 2.12.1 Remote Code Execution, Apache APISIX Remote Code Execution, Apache APISIX 2.12.1 - Remote Code Execution Exploit, Apache APISIX Remote Code Execution Exploit, Apache APISIX 2.12.1 - Remote Code Execution (RCE))
Criticality of Vulnerability Type	1.0	15	Remote Code Execution
Vulnerable Product is Common	0.4	14	Apache APISIX is a dynamic, real-time, high-performance API Gateway
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on Vulners data

AA22-279A: Apache CVE-2022-24112 Authentication Bypass by Spoofing

19. Authentication Bypass - Buffalo WSR (CVE-2021-20090) - Urgent [857]

Description: A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on AttackerKB website
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Buffalo和Arcadyan多款路由器认证绕过RCE等多个漏洞)
Criticality of Vulnerability Type	0.95	15	Authentication Bypass
Vulnerable Product is Common	0.3	14	Buffalo WSR is a product line of wireless routers
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data

AA22-279A: Buffalo WSR CVE-2021-20090 Relative Path Traversal

20. Path Traversal - Citrix Application Delivery Controller (CVE-2019-19781) - Urgent [821]

Description: An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

Component	Value	Weight	Comment
Exploited in the Wild	1.0	18	Exploitation in the wild is mentioned on Vulners (AttackerKB object, CISA object), AttackerKB websites
Public Exploit Exists	1.0	17	The existence of a public exploit is mentioned on Vulners website (Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for Path Traversal in Citrix Application Delivery Controller Firmware, Exploit for CVE-2019-19871, Exploit for Path Traversal in Pulsesecure Pulse Connect Secure, Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution Exploit, Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution Vulnerability (1), Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal Exploit, Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal, Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC), Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit), Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution, Immunity Canvas: NETSCALER_TRAVERSAL_RCE, Citrix Application Delivery Controller / Gateway 10.5 Remote Code Execution, Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution, Citrix Application Delivery Controller / Gateway Remote Code Execution / Traversal, Citrix ADC / Gateway Path Traversal, Citrix Application Delivery Controller / Gateway Remote Code Execution, Citrix ADC (NetScaler) Directory Traversal Scanner, Citrix ADC (NetScaler) Directory Traversal RCE, Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal, Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit), Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution, Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC))
Criticality of Vulnerability Type	0.4	15	Path Traversal
Vulnerable Product is Common	0.7	14	Citrix Application Delivery Controller (ADC) is an advanced load balancer with features that enhance the performance of applications
CVSS Base Score	1.0	10	Vulnerability Severity Rating based on CVSS Base Score is 9.8. Based on NVD data

AA22-279A: Citrix ADC CVE-2019-19781 Path Traversal

Critical (0)

High (0)

Medium (0)

Low (0)

Exploitation in the wild detected (20)

Remote Code Execution (12)

Apache Log4j2 (CVE-2021-44228)