{"vulnerability": "CVE-2020-1487", "sightings": [{"uuid": "ebf1b02d-6d73-4f39-8708-5d9dd3ea75d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "c3c9e811-9197-46cb-90f8-7b49a61829f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "28fa6f6f-48e5-461c-a171-9a875821c4a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/722231ed-1535-455b-aae2-4705701f1258", "content": "", "creation_timestamp": "2020-11-02T19:35:04.000000Z"}, {"uuid": "6128c5a1-4e0d-4e26-9362-bb15b9cbf834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/5b10637e-d393-49ad-ad96-111efc6b0e9a", "content": "", "creation_timestamp": "2024-11-14T06:07:36.000000Z"}, {"uuid": "e7c2a1ba-4f63-4612-9c3f-7c5692285dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970961", "content": "", "creation_timestamp": "2024-12-24T20:22:20.917075Z"}, {"uuid": "2f8e0177-1e7d-4624-bcef-687520af459b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "75caddd4-7c34-4d29-ad28-585a1c28e342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:24.000000Z"}, {"uuid": "d3020be8-e9ef-4710-b986-d09ecb929cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:59.000000Z"}, {"uuid": "50a172fe-4d3a-4515-890c-68157ab58600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:46.000000Z"}, {"uuid": "4eefc2cf-efd1-4f27-b7d8-161cfecfadf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5060", "content": "#exploit\n1. CVE 2020-14871:\nSun Solaris PoC Exploit\nhttps://github.com/robidev/CVE-2020-14871-Exploit\n\n2. CVE-2021-45105: \nDoS via Uncontrolled Recursion in Log4j Strsubstitutor\nhttps://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor", "creation_timestamp": "2021-12-26T14:22:34.000000Z"}, {"uuid": "acf37f71-2f9c-4ff0-91c0-10f84c8e4ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/solaris/ssh/pam_username_bof.rb", "content": "", "creation_timestamp": "2020-12-16T21:08:38.000000Z"}, {"uuid": "dbadbcf2-bc17-44af-a090-9f15069bce48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-14871", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e2ce10ec-b4cf-4913-990c-d39f3f325466", "content": "", "creation_timestamp": "2026-02-02T12:28:59.139368Z"}, {"uuid": "12a7d089-6c59-4774-a0a8-e2e3336d8bc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "Telegram/0HYLGhUKfOaz0jB50dGhU2fq-G_e7X2GSHNTYyogkSMsgQo", "content": "", "creation_timestamp": "2025-06-06T21:00:09.000000Z"}, {"uuid": "50844e96-6af4-4507-9f65-47afbbf5069f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://t.me/CyberGovIL/906", "content": "\u05d4\u05ea\u05e8\u05e2\u05d4 - \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 Com1275 | Oracle Solaris\n\n\u05d7\u05d1\u05e8\u05ea \u05d0\u05d5\u05e8\u05e7\u05dc \u05e4\u05e8\u05e1\u05de\u05d4 \u05d1\u05de\u05e1\u05d2\u05e8\u05ea \u05d4\u05ea\u05e8\u05e2\u05ea \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05e8\u05d1\u05e2\u05d5\u05e0\u05d9\u05ea \u05d4\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e9\u05dc\u05d4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea (CVE-2020-14871) \u05d1\u05de\u05d5\u05e6\u05e8 Oracle Solaris, \u05d4\u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05d2\u05d5\u05e8\u05dd \u05d1\u05dc\u05ea\u05d9 \u05de\u05d5\u05e8\u05e9\u05d4 \u05d4\u05e9\u05ea\u05dc\u05d8\u05d5\u05ea \u05de\u05dc\u05d0\u05d4 \u05e2\u05dc \u05d4\u05e9\u05e8\u05ea \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05de\u05e1\u05e4\u05e8 \u05e4\u05e8\u05d5\u05d8\u05d5\u05e7\u05d5\u05dc\u05d9\u05dd.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05de\u05d3\u05d5\u05e8\u05d2\u05ea \u05d1\u05d3\u05d9\u05e8\u05d5\u05d2 \u05d4-CVSS \u05d4\u05d2\u05d1\u05d5\u05d4 \u05d1\u05d9\u05d5\u05ea\u05e8 (10 \u05de\u05ea\u05d5\u05da 10).", "creation_timestamp": "2020-11-04T11:40:09.000000Z"}, {"uuid": "1c8eaf99-82b2-4ae0-a3b1-305a7dc24366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://t.me/ctinow/25065", "content": "In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover \u2014 CVE-2020-14871\n\nhttps://ift.tt/38c28j2", "creation_timestamp": "2020-11-04T20:20:53.000000Z"}, {"uuid": "f0a0f5db-96fa-44b5-896f-41fc6e42eb2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://t.me/arpsyndicate/1369", "content": "#ExploitObserverAlert\n\nCVE-2020-14871\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2020-14871. Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).\n\nFIRST-EPSS: 0.135330000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T02:34:33.000000Z"}, {"uuid": "7b4d74b5-a24a-4bf4-83ed-0761b8f66677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "exploited", "source": "https://t.me/true_secator/1120", "content": "\u200b\u200b\u041a\u0430\u043a\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0432\u0435\u0449\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u0441\u044c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Hacker House \u043f\u0438\u0448\u0435\u0442 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-14871, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043d\u0430 \u0434\u043d\u044f\u0445. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u044b \u0438\u0437 FireEye \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u043e\u0432\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b UNC1945 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u041e\u0421 Solaris, \u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f, CVE-2020-14871 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0440\u044f\u0434\u043e\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0436 \u0441 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2014 \u0433\u043e\u0434\u0430, \u0442\u043e \u0435\u0441\u0442\u044c \u0448\u0435\u0441\u0442\u044c (!) \u043b\u0435\u0442. \u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u0432 \u0441\u043b\u0438\u0442\u043e\u0439 \u0432 2015 \u0433\u043e\u0434\u0443 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442\u043e\u043c \u0424\u0438\u043d\u0435\u0430\u0441\u043e\u043c \u0424\u0438\u0448\u0435\u0440\u043e\u043c \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 \u043d\u044b\u043d\u0435 \u0438\u0442\u0430\u043b\u044c\u044f\u043d\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Hacking Team. \u0422\u043e \u0435\u0441\u0442\u044c \u0448\u0435\u0441\u0442\u044c \u043b\u0435\u0442 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u044b \u0432\u0441\u0435\u0433\u043e \u043c\u0438\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0438\u0442\u0430\u043b\u044c\u044f\u043d\u0446\u044b \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438, \u043c\u043e\u0433\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CVE-2020-14871 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nHacking Team, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0432 2003 \u0433\u043e\u0434\u0443, \u0431\u044b\u043b\u0430 \u043f\u0438\u043e\u043d\u0435\u0440\u043e\u043c \u043d\u0430 \u0440\u044b\u043d\u043a\u0435 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u041f\u041a \u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u044f \u0438\u0445 \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043e\u0440\u0433\u0430\u043d\u0430\u043c \u0438 \u0441\u043f\u0435\u0446\u0441\u043b\u0443\u0436\u0431\u0430\u043c. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0431\u044b\u0441\u0442\u0440\u043e \u0432\u044b\u0448\u043b\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u044b\u043d\u043a\u0430 \u0438 \u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0432\u0435\u0440\u0448\u0438\u043d\u0435 \u0432 2015 \u0433\u043e\u0434\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0432 41 \u0441\u0442\u0440\u0430\u043d\u0443.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0432\u044b \u0438\u043c\u0435\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0433\u0443\u0442 \u0436\u0438\u0442\u044c 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u0441\u0438\u0441\u0442\u0435\u043c, \u0438 \u043a\u0430\u043a \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f.", "creation_timestamp": "2020-11-05T19:00:33.000000Z"}, {"uuid": "dff4d6be-4add-4c2f-a957-1881d93d0a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://t.me/true_secator/1110", "content": "\u0414\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u043d\u0435 \u0432\u0438\u0434\u0435\u043b\u0438 \u043c\u044b \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u043e\u0442 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u0435\u0432 \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u044b Mandiat \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0432\u0435\u043d\u0434\u043e\u0440\u0430 FireEye. \u0418 \u0432\u043e\u0442 \u0432\u044b\u0448\u0435\u043b \u043e\u0431\u0437\u043e\u0440 \u043f\u0440\u043e \u043d\u043e\u0432\u0443\u044e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0443\u044e \u0433\u0440\u0443\u043f\u043f\u0443, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u043b\u0438 \u043a\u0430\u043a UNC1945. \u0410 \u0433\u0440\u0443\u043f\u043f\u0430 - \u0441\u043a\u0438\u043b\u043b\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0438 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 FireEye \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 UNC1945 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 2020 \u0433\u043e\u0434\u0430, \u0445\u043e\u0442\u044f \u0435\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 \u043a\u043e\u043d\u0446\u0430 2018. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u044b \u0438 \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u0432\u0430 \u0444\u0430\u043a\u0442\u0430 \u0432\u0437\u043b\u043e\u043c\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u041e\u0421 Solaris \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 EVILSUN \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 CVE-2020-14871 \u0438 \u0441 \u043f\u043e\u0434\u0430\u0447\u0438 FireEye \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 Oracle, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043a\u0443\u043f\u043b\u0435\u043d\u044b UNC1945 \u043d\u0430 \u0447\u0435\u0440\u043d\u043e\u043c \u0440\u044b\u043d\u043a\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043e \u043f\u0440\u043e\u0434\u0430\u0436\u0435 \"\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0434\u043b\u044f Oracle Solaris\" \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0444\u043e\u0440\u0443\u043c\u043e\u0432 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2020 \u0433\u043e\u0434\u0430 \u043f\u043e \u0446\u0435\u043d\u0435 \u0432 3000 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432. \u0421 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b UNC1945 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u043b\u0438 Solaris, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0435\u0449\u0435 \u0441 \u043a\u043e\u043d\u0446\u0430 2018 \u0433\u043e\u0434\u0430.\n\n\u0425\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c FireEye, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u043e\u0439. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0441\u043a\u0438\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043e\u0432 \u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u041f\u041e, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 Mimikatz. \u0418\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0432\u0437\u043b\u043e\u043c\u0443 \u0441\u0435\u0442\u0435\u0439, \u0438\u0445 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438, \u0431\u043e\u043a\u043e\u0432\u043e\u043c\u0443 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044e, \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u043c\u0438 \u0446\u0435\u043d\u0442\u0440\u0430\u043c\u0438 \u0438 \u043f\u0440. \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0438 \u0432\u044b\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c\u0438. \u041e\u043d\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043a\u0430\u043a \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows, \u0442\u0430\u043a \u0438 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c NIX.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u0431\u043e\u0440\u043a\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b QEMU, \u0432 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0432\u0445\u043e\u0434\u0438\u043b\u0438 \u041e\u0421 Tiny Core Linux \u0438 \u043d\u0430\u0431\u043e\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f FireEye \u043e \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u0437\u043b\u043e\u043c\u0430\u0445 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b UNC1945, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043a\u0430\u043a\u0443\u044e-\u043b\u0438\u0431\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e \u0441\u0431\u043e\u0440\u0443 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439. \u0412 \u043e\u0434\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u043d\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 ransomware ROLLCOAST, \u043d\u043e \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u044d\u0442\u043e \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u043e\u0434\u0430\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c\u0443 \u0430\u043a\u0442\u043e\u0440\u0443.\n\n\u0427\u0442\u043e \u0436\u0435 \u0432 \u043e\u0441\u0442\u0430\u0442\u043a\u0435. \u0415\u0441\u043b\u0438 \u0431\u044b \u043d\u0435 \u0444\u0430\u043a\u0442 \u043f\u0440\u043e\u0434\u0430\u0436\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0443 ransomware, \u0442\u043e \u043c\u044b \u0431\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u044b \u043d\u0430\u0442\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e APT, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u0432\u0437\u043b\u043e\u043c\u044b \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441 \u0446\u0435\u043b\u044c\u044e \u0441\u0431\u043e\u0440\u0430 \u043c\u0430\u0441\u0441\u0438\u0432\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0410 \u0442\u0430\u043a - \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u0442\u043e \u0447\u0438\u0441\u0442\u043e \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u0438 \u0441\u043a\u0440\u044b\u0442\u043d\u043e. \u0418 \u0441 \u043d\u0435\u043f\u043e\u043d\u044f\u0442\u043d\u043e\u0439 \u043f\u043e\u043a\u0430 \u0446\u0435\u043b\u044c\u044e.", "creation_timestamp": "2020-11-03T11:47:22.000000Z"}, {"uuid": "778ec4b3-b3dc-40ee-a34b-b8b6159b6c91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/195", "content": "CVE-2020-14871 Oracle Solaris SunSSH PAM parse user name() \u7de9\u885d\u5340\u6ea2\u51fa\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-14871_Oracle_Solaris_SunSSH_PAM_parse_user_name()_%E7%B7%A9%E8%A1%9D%E5%8D%80%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-04-16T11:18:06.000000Z"}, {"uuid": "9b6cef54-4b16-49e4-8dd4-1eda18a6d6ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14874", "type": "seen", "source": "https://t.me/cibsecurity/21191", "content": "\u203c CVE-2020-14874 \u203c\n\nVulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Cloud Infrastructure Identity and Access Management accessible data as well as unauthorized read access to a subset of Oracle Cloud Infrastructure Identity and Access Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Cloud Infrastructure Identity and Access Management. CVSS 3.1 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-23T00:53:53.000000Z"}, {"uuid": "76e4853b-aad4-4b0c-8a5d-3a64b122023e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1565", "content": "#exploit\n1. CVE 2020-14871:\nSun Solaris PoC Exploit\nhttps://github.com/robidev/CVE-2020-14871-Exploit\n\n2. CVE-2021-45105: \nDoS via Uncontrolled Recursion in Log4j Strsubstitutor\nhttps://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor\n\n@BlueRedTeam", "creation_timestamp": "2021-12-26T08:45:29.000000Z"}, {"uuid": "a724a9b1-c2d1-4a34-ad97-80db71be6706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14871", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2030", "content": "#Threat_Research\nAn Overview of UNC1945\n(CVE-2020-14871 in Oracle Solaris 9)\nhttps://www.fireeye.com/blog/threat-research/2020/11/live-off-the-land-an-overview-of-unc1945.html", "creation_timestamp": "2020-12-31T19:18:36.000000Z"}, {"uuid": "49e96477-3648-4b86-b6ea-b46b478ba09a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14875", "type": "seen", "source": "https://t.me/cibsecurity/15456", "content": "\u203c CVE-2020-14875 \u203c\n\nVulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-21T19:01:21.000000Z"}, {"uuid": "7189ab25-13aa-4aee-b1f1-0d5adb11640a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14873", "type": "seen", "source": "https://t.me/cibsecurity/15473", "content": "\u203c CVE-2020-14873 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-21T19:04:28.000000Z"}, {"uuid": "752809fc-0529-4cbc-b297-2b2953664981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14877", "type": "seen", "source": "https://t.me/cibsecurity/15490", "content": "\u203c CVE-2020-14877 \u203c\n\nVulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-21T19:07:39.000000Z"}, {"uuid": "7a37e9a2-f19d-4bda-a5b4-b309c13b520e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14876", "type": "seen", "source": "https://t.me/cibsecurity/15492", "content": "\u203c CVE-2020-14876 \u203c\n\nVulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Trade Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Trade Management accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-21T19:07:41.000000Z"}]}