Tracking CVE-2021-26084 and Other Server-based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
Common Information
| Type | Value |
|---|---|
| UUID | 3aca6738-351b-42a7-87f7-65824081f0d6 |
| Fingerprint | 15a0ed33c738b78da5a6a2071e2c158d986cc0ce280485aebdda2c7271003ccb |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 18, 2021, 5:48 p.m. |
| Added to db | April 14, 2024, 10:13 a.m. |
| Last updated | Aug. 30, 2024, 10:30 p.m. |
| Headline | Tracking CVE-2021-26084 and Other Server-based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One |
| Title | Tracking CVE-2021-26084 and Other Server-based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One |
| Detected Hints/Tags/Attributes | 95/1/81 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 157 | www.oracle.com |
|
| Details | CVE | 80 | cve-2021-26084 |
|
| Details | CVE | 1 | cve-2021-260842 |
|
| Details | CVE | 1 | cve-2020-148823 |
|
| Details | CVE | 1 | cve-2020-147504 |
|
| Details | CVE | 1 | cve-2020-148835 |
|
| Details | CVE | 68 | cve-2020-14882 |
|
| Details | CVE | 27 | cve-2020-14750 |
|
| Details | CVE | 27 | cve-2020-14883 |
|
| Details | CVE | 1 | cve-2020-1475013 |
|
| Details | CVE | 1 | cve-2021-26048 |
|
| Details | Domain | 49 | trojan.sh |
|
| Details | Domain | 3 | com.bea.core.repackaged.springframework.context.support |
|
| Details | Domain | 6 | wb.sh |
|
| Details | Domain | 6 | www.springframework.org |
|
| Details | Domain | 150 | www.w3.org |
|
| Details | Domain | 1 | cve-2020-14750.sh |
|
| Details | Domain | 8 | trojan.sh.cve20207961.sm |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 243 | cve.mitre.org |
|
| Details | Domain | 8 | www.csa.gov.sg |
|
| Details | Domain | 28 | confluence.atlassian.com |
|
| Details | Domain | 280 | thehackernews.com |
|
| Details | Domain | 53 | blog.avast.com |
|
| Details | Domain | 13 | blog.lumen.com |
|
| Details | Domain | 84 | www.forbes.com |
|
| Details | Domain | 19 | securityboulevard.com |
|
| Details | File | 5 | bea.core |
|
| Details | File | 4 | wb.xml |
|
| Details | File | 4 | spring-beans.xsd |
|
| Details | File | 3 | alert-cve-2020-14750.html |
|
| Details | File | 252 | www.cs |
|
| Details | File | 64 | security.html |
|
| Details | File | 2 | detection-response.html |
|
| Details | File | 1 | advisory-2021-08-25-1077906215.html |
|
| Details | File | 1 | us-cyber-command-warns-of-ongoing.html |
|
| Details | File | 2 | cpuoct2020traditional.html |
|
| Details | File | 1 | workload-security.html |
|
| Details | File | 5 | hybrid-cloud.html |
|
| Details | File | 2 | sps.html |
|
| Details | md5 | 3 | 648effa354b3cbaad87b45f48d59c616 |
|
| Details | sha1 | 1 | 0e574fd30e806fe4298b3cbccb8d1089454f42f5 |
|
| Details | IPv4 | 40 | 10.3.6.0 |
|
| Details | IPv4 | 39 | 12.1.3.0 |
|
| Details | IPv4 | 60 | 12.2.1.3 |
|
| Details | IPv4 | 70 | 12.2.1.4 |
|
| Details | IPv4 | 58 | 14.1.1.0 |
|
| Details | IPv4 | 1 | 149.28.85.17 |
|
| Details | IPv4 | 4 | 194.38.20.199 |
|
| Details | IPv4 | 1 | 194.40.243.167 |
|
| Details | IPv4 | 4 | 188.166.137.241 |
|
| Details | IPv4 | 3 | 153.121.58.102 |
|
| Details | IPv4 | 3 | 3.10.224.87 |
|
| Details | Url | 1 | http://194.38.20.199/wb.xml |
|
| Details | Url | 5 | http://www.springframework.org/schema/beans |
|
| Details | Url | 50 | http://www.w3.org/2001/xmlschema-instance |
|
| Details | Url | 4 | http://www.springframework.org/schema/beans/spring-beans.xsd |
|
| Details | Url | 1 | http://194.40.243.167/kinsing |
|
| Details | Url | 3 | http://188.166.137.241/wp-content/themes/twentyseventeen/dk86 |
|
| Details | Url | 3 | http://153.121.58.102:80/wp-content/themes/zuki/m8 |
|
| Details | Url | 3 | http://3.10.224.87/.a/dk86 |
|
| Details | Url | 3 | http://194.38.20.199/wb.sh |
|
| Details | Url | 3 | http://194.38.20.199/kinsing |
|
| Details | Url | 1 | https://www.trendmicro.com/vinfo/us/security/definition/vulnerability/. |
|
| Details | Url | 1 | https://cve.mitre.org/cgi- |
|
| Details | Url | 3 | https://www.oracle.com/security-alerts/alert-cve-2020-14750.html |
|
| Details | Url | 1 | https://www.csa.gov.sg/singcert/alerts/al-2020-041. |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one-workload- |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/business/products/detection-response.html |
|
| Details | Url | 1 | https://confluence.atlassian.com/doc/confluence-security- |
|
| Details | Url | 1 | https://thehackernews.com/2021/09/us-cyber-command-warns-of-ongoing.html |
|
| Details | Url | 2 | https://blog.avast.com/hide-n-seek-botnet-continues. |
|
| Details | Url | 1 | https://blog.lumen.com/new-mozi-malware-family- |
|
| Details | Url | 1 | https://www.forbes.com/sites/thomasbrewster/2017/09/14/equifax-hack-the- |
|
| Details | Url | 2 | https://www.oracle.com/security-alerts/cpuoct2020traditional.html |
|
| Details | Url | 1 | https://www.trendmicro.com/vinfo/us/security/research-and- |
|
| Details | Url | 1 | https://securityboulevard.com/2021/09/attackers-exploit-cve-2021-26084-for-xmrig-crypto-mining-on- |
|
| Details | Url | 1 | https://www.bleepingcomputer.com/news/security/atlassian-confluence-flaw-actively-exploited-to-install- |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one- |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/business/products/hybrid-cloud.html |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/business/products/user-protection/sps.html |