Title | Versions 4.2 and 4.3 of Cobalt Strike’s server contain multiple Denial of Service vulnerabilities (CVE-2021-36798) |
---|
Description | The vulnerabilities can render existing Beacons unable to communicate with their C2 server, prevent new beacons from being installed, and have the potential to interfere with ongoing operations.
CVE-2021-36798
Poc: https://github.com/Sentinel-One/CobaltStrikeParser/blob/master/extra/communication_poc.py
Fix: HelpSystems released Cobalt Strike 4.4, which contains a fix for CVE-2021-36798. |
---|
Source | ⚠️ https://labs.sentinelone.com/hotcobalt-new-cobalt-strike-dos-vulnerability-that-lets-you-halt-operations/ |
---|
User | misc (ID 3) |
---|
Submission | 2021-08-04 19:14 (3 years ago) |
---|
Moderation | 2021-08-04 19:57 (43 minutes later) |
---|
Status | Przyjęty |
---|
VulDB Entry | 180073 |
---|