1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Resource Management Capability Group

Known Exploited Vulnerabilities Resource Management Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-27524 Apache Superset Insecure Default Initialization of Resource Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability is exploited by a remote attacker who forges a session cookie leveraging user_id or _user_id set to 1 in order to log in as an administrator. A successful exploitation could allow the adversary to gain authenticated access and gain access to unauthorized resources.
References
  1. https://www.horizon3.ai/attack-research/disclosures/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution
  2. https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html
CVE-2023-27524 Apache Superset Insecure Default Initialization of Resource Vulnerability primary_impact T1078 Valid Accounts
Comments
This vulnerability is exploited by a remote attacker who forges a session cookie leveraging user_id or _user_id set to 1 in order to log in as an administrator. A successful exploitation could allow the adversary to gain authenticated access and gain access to unauthorized resources.
References
  1. https://www.horizon3.ai/attack-research/disclosures/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution
  2. https://thehackernews.com/2024/01/cisa-flags-6-vulnerabilities-apple.html
CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability exploitation_technique T1091 Replication Through Removable Media
Comments
Attackers can use malicious Human Interface Devices (keyboard, mouse, etc.) to trigger a kernel-level memory leak due to improper initialization and use of uninitialized resources. This leads to the returning of the uninitialized kernel data, which can be collected and exfiltrated.
References
  1. https://www.blog.lineasdns.com/en/the-case-of-cve-2024-50302/
CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability primary_impact T1005 Data from Local System
Comments
Attackers can use malicious Human Interface Devices (keyboard, mouse, etc.) to trigger a kernel-level memory leak due to improper initialization and use of uninitialized resources. This leads to the returning of the uninitialized kernel data, which can be collected and exfiltrated.
References
  1. https://www.blog.lineasdns.com/en/the-case-of-cve-2024-50302/
CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability secondary_impact T1011 Exfiltration Over Other Network Medium
Comments
Attackers can use malicious Human Interface Devices (keyboard, mouse, etc.) to trigger a kernel-level memory leak due to improper initialization and use of uninitialized resources. This leads to the returning of the uninitialized kernel data, which can be collected and exfiltrated.
References
  1. https://www.blog.lineasdns.com/en/the-case-of-cve-2024-50302/

Capabilities

Capability ID Capability Name Number of Mappings
CVE-2023-27524 Apache Superset Insecure Default Initialization of Resource Vulnerability 2
CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability 3