| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2024-21893 | Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability is exploited through a Server-Side Request Forgery (SSRF) weakness in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted request to the /dana-ws/saml.ws endpoint, which can be accessed without authentication. This manipulation allows attackers to interact with internal services, potentially enabling further exploitation by chaining with other vulnerabilities.
References
|
| CVE-2024-21893 | Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability | primary_impact | T1078 | Valid Accounts |
Comments
This vulnerability is exploited through a Server-Side Request Forgery (SSRF) weakness in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted request to the /dana-ws/saml.ws endpoint, which can be accessed without authentication. This manipulation allows attackers to interact with internal services, potentially enabling further exploitation by chaining with other vulnerabilities.
References
|
| CVE-2024-21893 | Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability | secondary_impact | T1555 | Credentials from Password Stores |
Comments
This vulnerability is exploited through a Server-Side Request Forgery (SSRF) weakness in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted request to the /dana-ws/saml.ws endpoint, which can be accessed without authentication. This manipulation allows attackers to interact with internal services, potentially enabling further exploitation by chaining with other vulnerabilities.
References
|
| CVE-2024-21893 | Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability | secondary_impact | T1505.003 | Web Shell |
Comments
This vulnerability is exploited through a Server-Side Request Forgery (SSRF) weakness in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted request to the /dana-ws/saml.ws endpoint, which can be accessed without authentication. This manipulation allows attackers to interact with internal services, potentially enabling further exploitation by chaining with other vulnerabilities.
References
|
| CVE-2021-27103 | Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2021-27103 is a server-side request forgery vulnerability in Accellion File Transfer Appliance in Accellion that allows an adversary to manipulate server requests via a crafted POST request.
References
|
| CVE-2021-27103 | Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability | secondary_impact | T1005 | Data from Local System |
Comments
CVE-2021-27103 is a server-side request forgery vulnerability in Accellion File Transfer Appliance in Accellion that allows an adversary to manipulate server requests via a crafted POST request.
References
|
| CVE-2021-21975 | VMware Server Side Request Forgery in vRealize Operations Manager API | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This Server-Side Request Forgery (SSRF) vulnerability is exploited by an attacker with network access to the VMware server. This vulnerability enables the attacker to exploit an unauthenticated endpoint to send crafted requests to internal or external systems. By doing so, the attacker can potentially steal administrative credentials. Once these credentials are compromised, the attacker could gain maximum privileges within the application, enabling them to alter configurations and intercept sensitive data. This exploitation could lead to unauthorized access and manipulation of the application.
References
|
| CVE-2021-21973 | VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability is exploited through an SSRF (Server Side Request Forgery) flaw in the vSphere Client (HTML5) of VMware's vCenter Server, affecting the vCenter Server plugin. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted POST request to the vCenter Server plugin, thereby bypassing URL validation. This manipulation enables the disclosure of sensitive information. By exploiting this flaw, attackers can scan the company's internal network and retrieve specifics about open ports and services.
References
|
| CVE-2021-21973 | VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability | primary_impact | T1046 | Network Service Discovery |
Comments
This vulnerability is exploited through an SSRF (Server Side Request Forgery) flaw in the vSphere Client (HTML5) of VMware's vCenter Server, affecting the vCenter Server plugin. Attackers leverage this vulnerability to gain unauthorized access by sending a crafted POST request to the vCenter Server plugin, thereby bypassing URL validation. This manipulation enables the disclosure of sensitive information. By exploiting this flaw, attackers can scan the company's internal network and retrieve specifics about open ports and services.
References
|
| CVE-2023-2533 | PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability | exploitation_technique | T1566.002 | Spearphishing Link |
Comments
A CSRF vulnerability in PaperCut NG/MF can be exploited by an attacker targeting an admin with a current login session and tricking the admin into clicking a link. This exploit can lead to security setting modification and arbitrary code execution.
References
|
| CVE-2023-2533 | PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability | primary_impact | T1547 | Boot or Logon Autostart Execution |
Comments
A CSRF vulnerability in PaperCut NG/MF can be exploited by an attacker targeting an admin with a current login session and tricking the admin into clicking a link. This exploit can lead to security setting modification and arbitrary code execution.
References
|
| CVE-2023-2533 | PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
A CSRF vulnerability in PaperCut NG/MF can be exploited by an attacker targeting an admin with a current login session and tricking the admin into clicking a link. This exploit can lead to security setting modification and arbitrary code execution.
References
|
| CVE-2025-34028 | Commvault Command Center Path Traversal Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
Due to an issue with deployWebpackage.do, Commvault Command Center is vulnerable to SSRF attacks due to flawed host filtering, which an attacker can exploit to achieve remote code execution using malicious archives with .jsp files in them.
References
|
| CVE-2025-34028 | Commvault Command Center Path Traversal Vulnerability | primary_impact | T1059.007 | JavaScript |
Comments
Due to an issue with deployWebpackage.do, Commvault Command Center is vulnerable to SSRF attacks due to flawed host filtering, which an attacker can exploit to achieve remote code execution using malicious archives with JavaScript files in them.
References
|