Vulnerability detail
Enriched intelligence for a single CVE
Medium
CVE-2022-39197
PUBLISHEDAn XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on...
- Vendor
- HelpSystems
- Product
- Cobalt Strike
- Published
- Sep 22, 2022
- EPSS
- —
Description
An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitation status
Exploited in the wild
Recorded 2023-03-30 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- partial
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Mar 30, 2023 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2022-10-22 10:11:37 UTC · 13 stars
CVE-2022-39197 RCE POC
github · Created 2022-10-14 11:46:01 UTC · 382 stars
CobaltStrike <= 4.7.1 RCE
github · Created 2022-10-09 04:06:23 UTC · 7 stars
CVE-2022-39197 bug fix patch
github · Created 2022-09-26 08:58:21 UTC · 315 stars
CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch.
github · Created 2022-09-23 08:20:07 UTC · 48 stars
CVE-2022-39197(CobaltStrike XSS <=4.7) POC
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel