Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2009-3960 | Adobe BlazeDS Information Disclosure Vulnerability | primary_impact | T1486 | Data Encrypted for Impact |
Comments
This vulnerability is exploited through an XML injection or XML external entity injection. In-the-wild reporting indicates adversaries have used this exploit to establish a web shell on a victim machine.
This adversary took actions to cover their tracks, establish persistence, exfiltrate Registry data, escalated privileges, moved laterally, disabled security software, installed and ran ransomware.
References
|
| CVE-2009-3960 | Adobe BlazeDS Information Disclosure Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability is exploited through an XML injection or XML external entity injection. In-the-wild reporting indicates adversaries have used this exploit to establish a web shell on a victim machine.
This adversary took actions to cover their tracks, establish persistence, exfiltrate Registry data, escalated privileges, moved laterally, disabled security software, installed and ran ransomware.
References
|