Mulesoft 漏洞

时间轴

类型

Not Defined	6
Automation Software	4

产品

MuleSoft Mule Community Edition	4
MuleSoft Mule Enterprise Edition	4
MuleSoft API Gateay	4
MuleSoft Mule	4
MuleSoft Mule Runtime Engine	2

修正

Official Fix	8
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	2

易受攻击性

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	10

访问向量

Not Defined	0
Physical	0
Local	0
Adjacent	2
Network	8

身份验证

Not Defined	0
High	0
Low	4
None	6

用户交互

Not Defined	0
Required	0
None	10

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	2
≤8	2
≤9	4
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	2
≤8	2
≤9	4
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	4
≤7	2
≤8	4
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	2
≤9	0
≤10	6

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	2

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	2
<2k	6
<5k	2
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	10
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Products (7): API Gateay (2), APIkit (1), Mule (4), Mule Community Edition (2), Mule Enterprise Edition (2), Mule Enterprise Management Console (1), Mule Runtime Engine (1)

已发布	Base	Temp	漏洞	Prod	易	修正	EPSS	CTI	CVE
2021-08-06	5.5	5.5	MuleSoft Mule XML External Entity	未知	Not Defined	Not Defined	0.00152	0.00	CVE-2021-1630
2021-03-27	7.6	7.3	MuleSoft Mule Runtime XML External Entity	未知	Not Defined	Official Fix	0.00222	0.00	CVE-2021-1628
2021-03-27	7.6	7.3	MuleSoft Mule Runtime 权限升级	未知	Not Defined	Official Fix	0.00222	0.00	CVE-2021-1627
2021-03-27	8.0	7.7	MuleSoft Mule Runtime Privilege Escalation	未知	Not Defined	Official Fix	0.00650	0.00	CVE-2021-1626
2020-05-29	6.4	6.1	MuleSoft Mule Community Edition 拒绝服务	Automation Software	Not Defined	Official Fix	0.00206	0.02	CVE-2020-6937
2020-03-27	8.5	8.5	MuleSoft APIkit RestXmlSchemaValidator.java XML External Entity	未知	Not Defined	Not Defined	0.00659	0.00	CVE-2020-10991
2019-12-02	9.0	8.9	MuleSoft Mule Community Edition 权限升级	Automation Software	Not Defined	Official Fix	0.01356	0.04	CVE-2019-15631
2019-10-16	8.5	8.4	MuleSoft Mule Runtime Engine Apache Commons Collections 权限升级	未知	Not Defined	Official Fix	0.03672	0.02	CVE-2019-13116
2014-11-20	6.3	6.3	Mulesoft Mule Enterprise Management Console 权限升级	未知	Not Defined	Not Defined	0.01407	0.00	CVE-2014-9000

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!