| Ticket | Info |
|---|---|
| ATIBPS-8076 | Add CVSSv3 references for all strikes with a CVSSv3 metric assigned by NIST Note: only the CVSSv3 scores of 10.0 are regarded as "CVSS-Critical". |
| ATIBPS-16429 | Strikes E18-0yb81 and D14-q1y01 have been deprecated. All Strikes list description has been updated to better explain the usage. |
| ATIBPS-10125 | Changing the 'Destination Port' flow parameter in HTTP-based applications with dynamically created flows will have effect only on the flows exposed in UI. Dynamic flows are not configurable and may use different port values. |
| Name | Category | Info |
|---|---|---|
| Playstation | Games | Playstation is a video gaming brand that consists of four home video game consoles, as well as a media center, an online service, a line of controllers, two handhelds and a phone, as well as multiple magazines. The brand is produced by Sony Interactive Entertainment,a division of Sony. |
| Name | Category | Info |
|---|---|---|
| Playstation Download Game | Games | This simulates a Playstation Game Download. |
| Bandwidth BitTorrent File Upload | P2P | It simulates BittTorrent peer-to-peer communication and by default it generates a random file of size 256 KB. |
| Bandwidth DASH | Voice/Video/Media | This Super Flow simulates Dynamic Adaptive Streaming over HTTP (DASH) in popular OTT applications such as Amazon Prime Video. The implementation is in compliance with ISO/IEC 23009-1_2014 MPEG-DASH standard.It includes HD streaming with 4 media tracks: main video 1080p, main video 720p, ads video, and audio. | Box Oct 17 Bandwidth | Data Transfer/File Sharing | The user logs into the application, creates a Box Note and performs a series of actions on files like search, share, upload and download. The parameters here are set for high bandwidth that could be used in Sandvine profiles. | Commvault Jul 19 Bandwidth | Data Transfer/File Sharing | Simulates the use of Commvault Web Console as of July 2019. The user signs in, accesses the drive, creates a folder, renames a folder, moves a file to another folder, navigates to a drive folder, uploads a file, downloads a file, creates a public link for a file, moves a file to the drive's Trash folder, views the Trash folder, restores a file from the Trash folder, empties the Trash folder, views the created public links, deletes a public link and logs out. | Bandwidth SharePoint Sep 2014 | Enterprise Applications | Simulates the use of the SharePoint website as of Sep 2014. All of the available actions for this flow are exercised. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.8 | E20-7uat1 |
CVE-2019-19781 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVSSV3-9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H URL |
Exploits | An OS command injection vulnerability exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. The command injection is possible using a directory traversal flaw, due to improper sanitization of multiple fields in HTTP requests. The flaw may be exploited by an unauthenticated attacker to execute arbitrary commands on the target server. |
| 7.5 | E20-7nqv1 |
CVE-2019-11287 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) CVSSV3-7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H URL |
Exploits | A denial-of-service flaw exists in Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4. An authenticated attacker may crash the service by sending a crafted X-Reason HTTP header containing an Erlang format string which causes the server to allocate a massive memory region. |
| 7.5 | E20-7txn1 |
CVE-2019-19307 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVSSV3-9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H URL |
Exploits | An integer overflow vulnerability exists in 'parse_mqtt' (mongoose.c) in Cesanta Mongoose 6.16. By sending a crafted packet, a remote unauthenticated attacker may lead the server into a infinite loop, causing DoS conditions. |
| 6.8 | E20-0wwm1 |
CVE-2019-8038 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a heap double free vulnerability found in Adobe Acrobat and Reader. The vulnerability is due to improper input validation while parsing specific header fields of a PDF document. An attacker could exploit this vulnerability by creating a specially crafted PDF file and entice an user to open it. Successful exploitation could lead to arbitrary code execution on the target machine. |
| 6.8 | E20-0y9u1 |
CVE-2019-9810 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) CVSSV3-8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H URL |
Exploits | This strike exploits a vulnerability in Spidermonkey, the Javascript engine of Mozilla Firefox. The issue is caused by incorrect alias information for Array.prototype.slice method within IonMonkey JIT compiler component. This can lead to a denial of service or potentially allow for remote code execution to occur. |
| 6.8 | E20-0xie1 |
CVE-2019-8822 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) CVSSV3-8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H GOOGLE-1919 |
Exploits | This strike exploits a vulnerability in Apple Webkit. Specifically, an attacker can cause an integer overflow in NodeRareData::m_connectedFrameCount by inserting a large number of iframe elements into a DOM node that already has cached subframes. Doing this can cause type confusion to occur leading to a denial of service in the browser, and it can also lead to a UXSS attack. |
| 6.8 | E20-0m881 |
BID-103961 CVE-2018-4200 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) CVSSV3-8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H EXPLOITDB-44566 GOOGLE-1525 |
Exploits | This strike exploits a vulnerability in Apple Webkit JavaScriptCore. Specifically, a Use After Free occurs when the jsElementScrollHeightGetter function is invoked in a specific manner. When this happens a denial of service condition, or potentially remote code execution, may occur. |
| 4.0 | E20-0rtf1 |
CVE-2019-1443 CVSS-4.0 (AV:N/AC:L/AU:S/C:P/I:N/A:N) URL |
Exploits | This strike exploits an information disclosure vulnerability in Microsoft SharePoint. This vulnerability is due to insufficient validation of uploaded files. A remote, authenticated attacker could exploit this vulnerability by uploading a maliciously crafted file to a target SharePoint server. Successful exploitation of this vulnerability allows the attacker to disclose NTLM hashes, which in turn could allow the attacker access to the target server without any credentials. |
| Ticket | Info | ATIBPS-16403 | Fix typos in the strikes D08-liw01 and E13-vu101. |
|---|---|
| ATIBPS-16349 | Fixed E18-3hm81 to allow one-arm testing. |