Outbreak Alert Coverage: CISA Top 20 Vulnerabilities

rmay · ‎11-17-2022

FortiRecon provides outside-in coverage for risks towards customers. External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise. Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides realistic view of impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
CVE ID	CVE-2021-44228
CVE Title	Apache Log4j2 Remote Code Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	45 Reports (Darknet / OSINT/ TECHINT)
Additional References	4 Darknet mentions for this vulnerability. 29 articles referencing this CVE on security blogs. 12 articles referencing possibly working exploit(s) for this vulnerability. 427 public code repositories containing possible POC exploits for this vulnerability 1481 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2019-11510
CVE Title	Pulse Connect Secure VPN arbitrary file reading vulnerability (COVID-19-CTI list)
CVE Severity	Critical
ACI Reporting Coverage	34 Reports (Darknet / OSINT/ TECHINT)
Additional References	10 Darknet mentions for this vulnerability. 16 articles referencing this CVE on security blogs. 3 articles referencing possibly working exploit(s) for this vulnerability. 14 public code repositories containing possible POC exploits for this vulnerability 1045 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2021-22205
CVE Title	GitLab Community and Enterprise Editions From 11.9 Remote Code Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	4 Reports (OSINT/ TECHINT)
Additional References	2 articles referencing this CVE on security blogs. 3 articles referencing possibly working exploit(s) for this vulnerability. 25 public code repositories containing possible POC exploits for this vulnerability 108 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2022-26134
CVE Title	Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	40 Reports (Darknet / OSINT/ TECHINT)
Additional References	18 articles referencing this CVE on security blogs. 4 articles referencing possibly working exploit(s) for this vulnerability. 68 public code repositories containing possible POC exploits for this vulnerability 580 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2021-26855
CVE Title	Microsoft OWA Exchange Control Panel (ECP) Exploit Chain
CVE Severity	Critical
ACI Reporting Coverage	43 Reports (Darknet / OSINT/ TECHINT)
Additional References	31 Darknet mentions for this vulnerability. 8 articles referencing this CVE on security blogs. 8 articles referencing possibly working exploit(s) for this vulnerability. 52 public code repositories containing possible POC exploits for this vulnerability 621 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2020-5902
CVE Title	F5 BIG-IP Traffic Management User Interface Remote Code Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	20 Reports (Darknet / OSINT/ TECHINT)
Additional References	22 Darknet mentions for this vulnerability. 33 articles referencing this CVE on security blogs. 7 articles referencing possibly working exploit(s) for this vulnerability. 57 public code repositories containing possible POC exploits for this vulnerability 1651 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2021-22005
CVE Title	VMware vCenter Server File Upload
CVE Severity	Critical
ACI Reporting Coverage	5 Reports (Darknet / OSINT)
Additional References	1 article referencing this CVE on security blogs. 1 article referencing possibly working exploit(s) for this vulnerability. 16 public code repositories containing possible POC exploits for this vulnerability 177 mentions on social media for this vulnerability
EASM Scanner	No

CVE	CVE-2019-19781
CVE Title	Citrix Application Delivery Controller and Citrix Gateway Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	31 Reports (Darknet / OSINT/ TECHINT)
Additional References	29 Darknet mentions for this vulnerability. 29 articles referencing this CVE on security blogs. 7 articles referencing possibly working exploit(s) for this vulnerability. 51 public code repositories containing possible POC exploits for this vulnerability 3006 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-20090
CVE Title	Arcadyan Buffalo Firmware Multiple Versions Path Traversal
CVE Severity	Critical
ACI Reporting Coverage	1 Report (TECHINT)
Additional References	1 article referencing this CVE on security blogs. 115 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-26084
CVE Title	Atlassian Confluence Server Webwork OGNL injection Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	16 Reports (Darknet / OSINT/ TECHINT)
Additional References	50 Darknet mentions for this vulnerability. 5 articles referencing this CVE on security blogs. 4 articles referencing possibly working exploit(s) for this vulnerability. 38public code repositories containing possible POC exploits for this vulnerability 287 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-42237
CVE Title	Sitecore XP Remote Command Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	2 Reports (OSINT)
Additional References	1 article referencing this CVE on security blogs. 1 article referencing possibly working exploit(s) for this vulnerability. 3 public code repositories containing possible POC exploits for this vulnerability 30 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2022-1388
CVE Title	BIG-IP iControl REST vulnerability
CVE Severity	Critical
ACI Reporting Coverage	13 Reports (Darknet / OSINT/ TECHINT)
Additional References	13 articles referencing this CVE on security blogs. 4 articles referencing possibly working exploit(s) for this vulnerability. 59 public code repositories containing possible POC exploits for this vulnerability 340 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2022-24112
CVE Title	Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header
CVE Severity	Critical
ACI Reporting Coverage	5 Reports (Darknet / OSINT)
Additional References	2 articles referencing this CVE on security blogs. 3 articles referencing possibly working exploit(s) for this vulnerability. 7 public code repositories containing possible POC exploits for this vulnerability 18 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-40539
CVE Title	API authentication bypass with resultant remote code execution in Zoho ManageEngine ADSelfService Plus version 6113 and prior
CVE Severity	Critical
ACI Reporting Coverage	15 Reports (Darknet / OSINT/ TECHINT)
Additional References	4 articles referencing this CVE on security blogs. 1 article referencing possibly working exploit(s) for this vulnerability. 2 public code repositories containing possible POC exploits for this vulnerability 121 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-26857
CVE Title	Microsoft Exchange Server Remote Code Execution Vulnerability
CVE Severity	High
ACI Reporting Coverage	23 Reports (Darknet / OSINT/ TECHINT)
Additional References	4 articles referencing this CVE on security blogs. 10 public code repositories containing possible POC exploits for this vulnerability 172 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-26858
CVE Title	Microsoft OWA Exchange Control Panel (ECP) Exploit Chain
CVE Severity	High
ACI Reporting Coverage	24 Reports (Darknet / OSINT/ TECHINT)
Additional References	5 articles referencing this CVE on security blogs. 8 public code repositories containing possible POC exploits for this vulnerability 150 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-27065
CVE Title	Microsoft OWA Exchange Control Panel (ECP) Exploit Chain
CVE Severity	High
ACI Reporting Coverage	33 Reports (Darknet / OSINT/ TECHINT)
Additional References	5 articles referencing this CVE on security blogs. 3 articles referencing possibly working exploit(s) for this vulnerability. 21 public code repositories containing possible POC exploits for this vulnerability 218 mentions on social media for this vulnerability
EASM Scanner	No

CVE ID	CVE-2021-41773
CVE Title	Apache HTTP Server Path Traversal Vulnerability
CVE Severity	High
ACI Reporting Coverage	7 Reports (OSINT/ TECHINT)
Additional References	1 Darknet mention for this vulnerability. 5 articles referencing this CVE on security blogs. 5 articles referencing possibly working exploit(s) for this vulnerability. 116 public code repositories containing possible POC exploits for this vulnerability 368 mentions on social media for this vulnerability
EASM Scanner	No