Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2021-44028

Disclosure Date: December 22, 2021 (last updated October 07, 2023)

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285.

Attacker Value

Unknown

CVE-2018-1285

Disclosure Date: May 11, 2020 (last updated November 08, 2023)

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

Attack Vector: Network Privileges: None User Interaction: None

Hello Everyone! We have made some updates to AttackerKB in the last few months.

New tags:

New workers:

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2021-44028

Unknown

CVE-2018-1285

Hello Everyone! We have made some updates to AttackerKB in the last few months.

New tags:

New workers:

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2021-44028

Unknown

CVE-2018-1285

Quick Cookie Notification