Spring4Shell CVE-2022-22965
|
Nginx Access, Splunk Stream HTTP, Sysmon EventID 11, Sysmon EventID 1, Sysmon for Linux EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2024-09-24
|
Splunk Vulnerabilities
|
Splunk Stream TCP, Splunk
|
Command And Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Resource Development
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2024-01-22
|
Text4Shell CVE-2022-42889
|
Nginx Access
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2022-10-26
|
Atlassian Confluence Server and Data Center CVE-2022-26134
|
Palo Alto Network Threat, Sysmon EventID 11, Sysmon EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2022-06-03
|
Log4Shell CVE-2021-44228
|
Bro, CrowdStrike ProcessRollup2, Nginx Access, Splunk Stream HTTP, Sysmon EventID 1, Sysmon EventID 3, Sysmon for Linux EventID 1, Windows Event Log Security 4688
|
Command And Control
Execution
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2021-12-11
|