Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023-47246 Vulnerability
Tags
attack-pattern: Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Web Service - T1481 Tool - T1588.002 Vulnerabilities - T1588.006 Powershell - T1086 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID 18827b21-049b-4f10-b141-757c5288f904
Fingerprint 9d523d96c23d858f
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 9, 2023, 1:23 p.m.
Added to db Nov. 9, 2023, 2:44 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023-47246 Vulnerability
Title Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023-47246 Vulnerability
Detected Hints/Tags/Attributes 46/1/10
Source URLs
Redirection Url
Details Source https://socradar.io/path-traversal-leading-to-compromise-sysaid-on-prem-software-cve-2023-47246-vulnerability/
URL Provider
Details Provider Source level domain
Details socradar.io socradar.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 238 SOCRadar® Cyber Intelligence Inc. https://socradar.io/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 31 
cve-2023-47246
Details File 7 
c:\program files\sysaidserver\tomcat\webapps\usersfiles\user.exe
Details File 1209 
powershell.exe
Details sha256 9 
b5acf14cdac40be590318dee95425d0746e85b1b7b1cbd14da66f21f2522bf4d
Details IPv4 9 
81.19.138.52
Details IPv4 9 
45.182.189.100
Details IPv4 9 
179.60.150.34
Details IPv4 8 
45.155.37.105
Details Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) 39 
DEV-0950
Details Url 6 
http://179.60.150.34:80/a