Vulnerabilities

CVE-2020-19907

July 15, 2021

A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service.

Summary:

A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any command or service.

Reference Links(if available):

https://github.com/mitre/caldera/issues/462

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

CISA

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 23, 2024

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

November 23, 2024

CISA

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 23, 2024

CISA

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 23, 2024

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

November 23, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

CISA: CISA Releases Four Industrial Control Systems Advisories