{"uuid": "8d8eae4f-a5cb-4e9a-92c9-693b7adebce6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44228", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2134", "content": "You can download PowerBI for free from https://aka.ms/pbiSingleInstaller and you don't need an Microsoft account to use it.  Configuration    Get an NIST API key: https://nvd.nist.gov/developers/request-an-api-key  cp env_example .env  edit the .env file and add your API key  optional: edit docker-compose file and adjust the cron schedule  optional: edit data/vulnerability-tables-logstash/config/logstash.conf  docker-compose up -d  you will find the files in data/vulnerability-tables-cron/output/ after the script completed. It needs several minutes.    Run  You can either wait for cron to execute the download script on a schedule.\n  Alternatively you can execute the download script manually by running:  docker exec -it vulnerability-tables-cron bash /opt/scripts/download.sh\n  Container Description  There are three docker containers.\n  The cron container downloads the information once a week (Monday 06:00) and stores the files in the output directory.\n  It uses curl and wget to download files. jq is used work with json.  The filebeat container reads the json files and forwards it to the logstash container.\n  The logstash container can be used to send to a OpenSearch instance, upload it to Azure Log Analytics, or other supported outputs.\n  Filebeat and logstash are optional and are only included for continence.  Example output files  Several output files will be generated. Here is an estimate:  316K   CISA_known_exploited.csv\n452K   CISA_known_exploited.json\n50M    CVSS.csv\n179M   CVSS.json\n206M   CVE.json\n56M    CVE.csv\n6.7M   EPSS.csv\n12M    EPSS.json\n49M    database.sqlite\n  You can expect this information for every CVE:  grep -i 'CVE-2021-44228' CVE.json | jq\n{\n  \"CVE\": \"CVE-2021-44228\",\n  \"CVSS2_accessComplexity\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\n  \"CVSS2_accessVector\": \"NETWORK\",\n  \"CVSS2_authentication\": \"MEDIUM\",\n  \"CVSS2_availabilityImpact\": \"NONE\",\n  \"CVSS2_baseScore\": \"COMPLETE\",\n  \"CVSS2_baseSeverity\": \"COMPLETE\",\n  \"CVSS2_confidentialityImpact\": \"COMPLETE\",\n  \"CVSS2_exploitabilityScore\": \"9.3\",\n  \"CVSS2_impactScore\": \"null\",\n  \"CVSS2_integrityImpact\": \"8.6\",\n  \"CVSS2_vectorString\": \"10\",\n  \"CVSS3_attackComplexity\": \"null\",\n  \"CVSS3_attackVector\": \"null\",\n  \"CVSS3_availabilityImpact\": \"null\",\n  \"CVSS3_baseScore\": \"null\",\n  \"CVSS3_baseSeverity\": \"null\",\n  \"CVSS3_confidentialityImpact\": \"null\",\n  \"CVSS3_exploitabilityScore\": \"null\",\n  \"CVSS3_impactScore\": \"null\",\n  \"CVSS3_integrityImpact\": \"null\",\n  \"CVSS3_privilegesRequired\": \"null\",\n  \"CVSS3_scope\": \"null\",\n  \"CVSS3_userInteraction   \": \"null\",\n  \"CVSS3_vectorString\": \"null\",\n  \"CVSS3_acInsufInfo\": \"null\",\n  \"CVSS3_obtainAllPrivilege\": \"null\",\n  \"CVSS3_obtainUserPrivilege\": \"null\",\n  \"CVSS3_obtainOtherPrivilege\": \"null\",\n  \"CVSS3_userInteractionRequired\": \"null\",\n  \"EPSS\": \"0.97095\",\n  \"EPSS_Percentile\": \"0.99998\",\n  \"CISA_dateAdded\": \"2021-12-10\",\n  \"CISA_RequiredAction\": \"For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.\"\n}\n  Links    https://www.first.org/epss/user-guide  https://www.cisa.gov/known-exploited-vulnerabilities-catalog  https://nvd.nist.gov/developers/vulnerabilities    \n\nDownload CVE-Vulnerability-Information-Downloader (https://github.com/trinitor/CVE-Vulnerability-Information-Downloader)", "creation_timestamp": "2023-02-25T16:17:24.000000Z"}