2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event" : {
"analysis" : "2" ,
"date" : "2018-04-07" ,
"extends_uuid" : "" ,
"info" : "OSINT - Cisco IOS CVE-2018-0171 attack" ,
"publish_timestamp" : "1523942198" ,
"published" : true ,
"threat_level_id" : "2" ,
"timestamp" : "1523942190" ,
"uuid" : "5ac8cee2-2a78-4237-88a0-d0b802de0b81" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#ffffff" ,
"local" : "0" ,
"name" : "tlp:white" ,
"relationship_type" : ""
} ,
{
"colour" : "#001585" ,
"local" : "0" ,
"name" : "estimative-language:likelihood-probability=\"roughly-even-chance\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0026eb" ,
"local" : "0" ,
"name" : "estimative-language:confidence-in-analytic-judgment=\"moderate\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
"local" : "0" ,
"name" : "misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Network Service Scanning\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#00ffb3" ,
"local" : "0" ,
"name" : "cyber-threat-framework:Effect/Consequence=\"destroy-hardware-software-or-data\"" ,
"relationship_type" : ""
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523199647" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5ac8cfbb-3bec-48aa-9dcb-f0ae02de0b81" ,
"value" : "https://otx.alienvault.com/pulse/5ac8c6bca1061f185097cdc6" ,
"Tag" : [
{
"colour" : "#ffffff" ,
"local" : "0" ,
"name" : "OSINT" ,
"relationship_type" : ""
} ,
{
"colour" : "#002b4a" ,
"local" : "0" ,
"name" : "osint:source-type=\"technical-report\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "Artifacts dropped" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523261978" ,
"to_ids" : false ,
"type" : "other" ,
"uuid" : "5ac8d04e-0e90-4d58-8c6a-f0ad02de0b81" ,
"value" : "cisco IOS config change" ,
"Tag" : [
{
"colour" : "#00ffb3" ,
"local" : "0" ,
"name" : "cyber-threat-framework:Effect/Consequence=\"destroy-hardware-software-or-data\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523199898" ,
"to_ids" : false ,
"type" : "email-src" ,
"uuid" : "5ac8d0e1-d524-4f68-9262-f0c502de0b81" ,
"value" : "usafreedom_jht@tutanota.com"
} ,
{
"category" : "External analysis" ,
"comment" : "Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523199752" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5ac8d58c-8938-4a6a-a5f8-f0ae02de0b81" ,
"value" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2" ,
"Tag" : [
{
"colour" : "#ffffff" ,
"local" : "0" ,
"name" : "OSINT" ,
"relationship_type" : ""
} ,
{
"colour" : "#002b4a" ,
"local" : "0" ,
"name" : "osint:source-type=\"technical-report\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#001fc2" ,
"local" : "0" ,
"name" : "estimative-language:likelihood-probability=\"almost-certain\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523111354" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5ac8d5ba-1d84-4fa5-8484-439002de0b81" ,
"value" : "cisco-sa-20180328-smi2"
} ,
{
"category" : "Payload delivery" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523261877" ,
"to_ids" : false ,
"type" : "vulnerability" ,
"uuid" : "5ac8d65c-9ff0-40e6-b644-f0c502de0b81" ,
"value" : "CVE-2018-0171" ,
"Tag" : [
{
"colour" : "#008960" ,
"local" : "0" ,
"name" : "cyber-threat-framework:Engagement=\"exploit-vulnerabilities\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "Attacked Router's Startup-Config Source: https://twitter.com/xnetua/status/982316233411325952" ,
"data" : " / 9 j / 4 A A Q S k Z J R g A B A Q A A A Q A B A A D / 2 w B D A A U D B A Q E A w U E B A Q F B Q U G B w w I B w c H B w 8 L C w k M E Q 8 S E h E P E R E T F h w X E x Q a F R E R G C E Y G h 0 d H x 8 f E x c i J C I e J B w e H x 7 / 2 w B D A Q U F B Q c G B w 4 I C A 4 e F B E U H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 4 e H h 7 / w g A R C A I P A 0 k D A S I A A h E B A x E B / 8 Q A H A A B A A I D A Q E B A A A A A A A A A A A A A A Q F A g Y H A w g B / 8 Q A G g E B A Q E B A Q E B A A A A A A A A A A A A A A M E A Q I G B f / a A A w D A Q A C E A M Q A A A B k 3 O f t r y x l f j 3 t k k u + Y y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I y S I z 39 + d g p z i C n R j y T h B T h B P z x X 9 Y v F c m O P f P h x H 6E4 r 7 l 2 S t u d d 7 y B 4 e m 7461 U a 18 N s I l V s f g 7 S 3 f t 6 G F J t k b 15 r q 25 e f V b l d O 8 j y Z D 15 j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A j p A i S v L P n T 8 / J + / S H K i + / M z x 9 P P z 2 P N 8 s + e q u J M q s X 6 v p s G v e 0 q x f e F J n p 2 P i f c u G / q f L d s 0 b e O A L 745 c n 76 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 i 5 c O o u X D q L l w 6 f 481 H S n N R 0 r 0 5 i O l O a j p T m o 6 d D 58 d 6 D v f A + 7 c 7 t X t 72 P V B 87 / R P z L p y f R 3 A O / w D C 4315 K i x q e / 6 R y Y Q 3 r 5 A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A D u / C O 7 n R c / w B F B 8 z f T P z N r y f R 3 G e z / P 0 b W j V U q 7 P n q o 2 G X q Y 2 H C h A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A D u / C O 7 n S Q U P z L 9 N f M u r J 9 I c T 7 f w m V v C J + + 0 q + c n x 8 T G w g + h 5 n k W s b y x P C H Y 1 w A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A 7 v w j u 50 k F H 8 x / T 3 z D p y f S 3 A u / w D D 5 X 1 m L t S d N c / b / M 1 W Z a y z U 7 G y v D Q J m 3 U x r y 6 g k O R t P g a q 2 i W a Z 72 d g a q A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A B 3 f h H d z p I K j 5 e + p P l v T k + m / n L 6 K 4 X L R q a + i T 91 i 2 k l A s b A 173 m X Z q L Y / A o 0 z z I 6 / F A t v Q p V h M K N c + Z V L P E r l s K l d R i u b D E K l e V B 5 A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A d 34 R 3 c 6 S C t + W P q X 5 a 0 Z v o / h 3 c e F e K Q v a D D l W 58 Y f g W f p U C z s t a t z O K j k m L 6 w y 1 x r B b e 1 X H J c u p F 561 k Y 9 / P 0 y P X P D A 9 X n + G f t E 9 y 31 N M I Y D 38 A A A t q k A L O I R w A A A D 3 P B I 9 C G A A A A n Q Q A k f h 4 A A A A A A A A A A A A A A d 34 R 3 c 6 S C g + Z v p n 5 m 1 Z P o 7 i v a v n + V r a N r i V d n s d H G w + V d + E W 0 q x t 9 Z R i + r I g 2 e Z p g 2 O q g i X e a w N s 1 M L C x 14 b D O 1 A X + W v C + s t P D Z d a G z + N R k X 0 v S h t 9 N U g D Z J G p j c a y h E j Y t V H r e a 8 N 48 t M G 9 V m s C 2 i w x v F Z r Q 2 P 0 1 g X 1 C G z 460 N z p K c N 10 o b H j r w 26 P r I 2 r w 1 w X n v r g 3 b 0 0 U S 8 I 4 s f y v F h X g A A A A A A A A A 7 v w j u 50 k F B 8 z f T P z N q y f R 3 z / 9 A f P 8 r V P r 5 J V s Z d H c n t I q M y w 1 y z r A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A B 3 f h H d z p I K D 5 m + m f m b V k + j v n / w C g P n + V q k 9 Z V 8 m 5 + 5 o r Z R V 12 x T T U G 6 + B q M y + 9 D U W z 7 G c 1 e u R m s r o 1 H 2 v I h D r N u q y l k b X G N V b R Y G j t o / C g j 7 V i a u v M S l b N + m s O g 6 q V A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A H d + E d 3 O k g o P m b 6 Z + Z t W T 6 O + f / o D 5 / l a p E q g A A A A A W P 5 X i b C B 7 + A 9 f I A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A H d + E d 3 O k g o P m b 6 Z + Z t W T 6 O + f / o D 5 / l a p E q k q W V T 1 y P B Z 1 g W t e e T 3 m F Y W p V P X I 8 F n W B a 155 P e Y V h a l U 9 c j w W d Y E 7 z I q V k Q 0 4 Q U o R U z I g p 3 m R U r I h p w g p Q i p m R B T v M i p W R D T h B S h F T M i C n e Z F A A A A A A A A A A A A A A A A A A A 7 v w j u 50 k F B 8 z f T P z N q y f R 3 z / 9 A f P 8 r V I l W z R I 49 f I W F e F n W B 6 y 68 L O s D 18 h Y V 4 W d Y H r L r w s 6 w P X y F h X h e S d a G y 464 N h 8 q M b K 1 o b H j r w v J O t D Z c d c G w + V G N l a 0 N j x 14 X k n W h s u O u D Y f K j G y t a G x 468 L z 31 y Q R w A A A A A A A A A A A A A A A A A A O 78 I 7 u d J B Q f M 30 z 8 z a s n 0 d 8 / 8 A 0 B 8 / y t U i V b O s s a 4 u Y 9 c G 0 a u F z T C x r g 2 j V w u Y 9 c G 0 a u F z T C x r g 2 j V w u Y 9 c A J g I c y H M A E O Z D J g A I c y H M A E O Z D J g A I c y H M A E O Z D J g H v 4 e p X A A A A A A A A A A A A A A A A A A A d 34 R 3 c 6 S C g + Z v p n 5 m 1 Z P o 75 / + g P n + V q k S r K l 4 i D l 4 e p O r L C v L W v n V h 7 z I M s r 7 W q s y D l 4 e p O r L C v L W v n V h 7 z I M s r 7 W q s y D l 4 e p O r L C v J 3 n Z S S k y u c S q W f k V q 7 F N l a 4 l Z 52 U k p M r n E q l n 5 F a u x T Z W u J W e d l J K T K 5 x K p Z + R W r s U 2 V r i V n n Z e 5 r g A A A A A A A A A A A A A A A A A A H d + E d 3 O k g o P m b 6 Z + Z t W T 6 O + f / o D 5 / l a p E q y I 9 n W B c x y u N o N X L k p l j X B t G r h c x y u N o N X L k p l j X B t G r h c x y u A T B D J h D T B D T I Y T B D T B D J h D T B D T I Y T B D T B D J h D T B D T I Y T B D k e n u V g A A A A A A A A A A A A A A A A A A H d + E d 3 O k g o P m b 6 Z + Z t W T 6 O + f / o D 5 / l a p E q 2 N d K l l U 9 c j w W d Y F r X n k 95 h W F q V T 1 y P B Z 1 g W t e e T 3 m F Y W p V P X I 8 F n W E x l 5 k W Z j k G Q x h y h k Z G L L z I s z H I M h j D l D I y M W X m R Z m O Q Z D G H K G R k Y + u H m R Q A A A A A A A A A A A A A A A A A A O 78 I 7 u d J B Q f M 30 z 8 z a s n 0 d 8 //QHz/K1SJVs0SOPXyFhXhZ1gesuvCzrA9fIWFeFnWB6y68LOsD18hYV4XknWhsuOuDYfKjGytaGx468LyTrQ2XHXBsPlRjZWtDY8deF5J1obLjrg2HyoxsrWhseOvC899ckEcAAAAAAAAAAAAAAAAAADu/CO7nSQUHzN9M/M2rJ9HfP/ANAfP8rVIlWzrLGuLmPXBtGrhc0wsa4No1cLmPXBtGrhc0wsa4No1cLmPXACYCHMhzABDmQyYACHMhzABDmQyYACHMhzAep5Q5kMmAe/h6lcAAAAAAAAAAAAAAAAAAB3fhHdzpIKD5m+mfmbVk+jvn/6A+f5WqRKsqXiIOXh6k6ssK8ta+dWHvMgyyvtaqzIOXh6k6ssK8ta+dWHvMgyyvtaqzIOXh6k6ssK8nedlJKTK5xKpZ+RWrsU2VriVnnZSSkyucSqWfkVq7FNla4lZ52UkpMrnEqln5FauxTZWuJWedl7muAAAAAAAAAAAAAAAAAAAd34R3c6SCg+Zvpn5m1ZPo75/wDoD5/lapEqyI9n4ENMhhMENMEMmENMENMhhMENMEMmENMENMhhMENMEMmENMENMhhMENMEMmENMENMhhMENMEMmENMENMhhMEOR6e5WAAAAAAAAAAAAAAAAAAAd34R3c6SCg+Zvpn5m1ZPo75/+gPn+VqkSrY+WPoYw5QyMjFl5kWZjkGQxhyhkZGLLzIszHIMhjDlDIyMWXmRZmOQZDGHKGRkYsvMizMcgyGMOUMjIxZeZFmY5BkMYcoZGRj64eZFAAAAAAAAAAAAAA
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523199814" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5aca2f46-37b4-44b5-b112-623402de0b81" ,
"value" : "startup-config.jpg"
} ,
{
"category" : "Targeting data" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523261737" ,
"to_ids" : false ,
"type" : "target-location" ,
"uuid" : "5aca2f5e-7d9c-407b-94d2-4a5502de0b81" ,
"value" : "IR" ,
"Tag" : [
{
"colour" : "#001585" ,
"local" : "0" ,
"name" : "estimative-language:likelihood-probability=\"roughly-even-chance\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "Iranian & Russian Networks Attacked Using Cisco's CVE-2018-0171 Vulnerability" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523199921" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5aca2fb1-7e5c-4dda-a3cb-446602de0b81" ,
"value" : "https://www.bleepingcomputer.com/news/security/iranian-and-russian-networks-attacked-using-ciscos-cve-2018-0171-vulnerability/"
} ,
{
"category" : "Targeting data" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523261771" ,
"to_ids" : false ,
"type" : "target-location" ,
"uuid" : "5acb213f-301c-49d6-a1e3-5233950d210f" ,
"value" : "RU" ,
"Tag" : [
{
"colour" : "#001585" ,
"local" : "0" ,
"name" : "estimative-language:likelihood-probability=\"roughly-even-chance\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"data" : " J V B E R i 0 x L j U N C i W 1 t b W 1 D Q o x I D A g b 2 J q D Q o 8 P C 9 U e X B l L 0 N h d G F s b 2 c v U G F n Z X M g M i A w I F I v T G F u Z y h l b i 1 V U y k g L 1 N 0 c n V j d F R y Z W V S b 290 I D I 5 I D A g U i 9 N Y X J r S W 5 m b z w 8 L 0 1 h c m t l Z C B 0 c n V l P j 4 + P g 0 K Z W 5 k b 2 J q D Q o y I D A g b 2 J q D Q o 8 P C 9 U e X B l L 1 B h Z 2 V z L 0 N v d W 50 I D E v S 2 l k c 1 s g M y A w I F J d I D 4 + D Q p l b m R v Y m o N C j M g M C B v Y m o N C j w 8 L 1 R 5 c G U v U G F n Z S 9 Q Y X J l b n Q g M i A w I F I v U m V z b 3 V y Y 2 V z P D w v R m 9 u d D w 8 L 0 Y x I D U g M C B S L 0 Y y I D k g M C B S L 0 Y z I D E x I D A g U i 9 G N C A x M y A w I F I v R j U g M T g g M C B S L 0 Y 2 I D I w I D A g U j 4 + L 0 V 4 d E d T d G F 0 Z T w 8 L 0 d T N y A 3 I D A g U i 9 H U z g g O C A w I F I + P i 9 Y T 2 J q Z W N 0 P D w v S W 1 h Z 2 U y N y A y N y A w I F I + P i 9 Q c m 9 j U 2 V 0 W y 9 Q R E Y v V G V 4 d C 9 J b W F n Z U I v S W 1 h Z 2 V D L 0 l t Y W d l S V 0 g P j 4 v Q W 5 u b 3 R z W y A y N S A w I F I g M j Y g M C B S X S A v T W V k a W F C b 3 h b I D A g M C A 1 O T U u M z I g O D Q x L j k y X S A v Q 29 u d G V u d H M g N C A w I F I v R 3 J v d X A 8 P C 9 U e X B l L 0 d y b 3 V w L 1 M v V H J h b n N w Y X J l b m N 5 L 0 N T L 0 R l d m l j Z V J H Q j 4 + L 1 R h Y n M v U y 9 T d H J 1 Y 3 R Q Y X J l b n R z I D A + P g 0 K Z W 5 k b 2 J q D Q o 0 I D A g b 2 J q D Q o 8 P C 9 G a W x 0 Z X I v R m x h d G V E Z W N v Z G U v T G V u Z 3 R o I D g 4 N j g + P g 0 K c 3 R y Z W F t D Q p 4 n M U 9 a 3 P b O J L f U 5 X / w N o v J 23 F N P E i i V Q q d R 7 H m f X t z G Q 29 s z W V u Y + M L L s 6 E a x P J I 82 f z 7 Q z c e p E S A Z C T Q u 1 W b s U g Q 3 W g A / U J 34 / R s v V 3 c V r N t 8 u r V 6 d l 2 W 80 + z W + S D 6 f X q 4 f / P b 3 + + j A //bm6W9xX28Xq/vTq8eMWHv1tXt3M169fJ9+9OU/+eP4sSzP4X1kWJMkSIUXKaFJykkqarOfPn/3zr8n982ffXT9/dvqWJISnGU+ub58/g9ZZQhKay5SSpCiLlCbXn1Wz76+K5G6jek6yNJfqH0Z4sr7DN2X7zfvvnz/7MLn+YcomP7+cisn30xM2eX9x8dP0f5Pr/3n+7EKB/sfzZxFQZYylWdFAtYWhB7FkF43k4sfzJDn9GUj+4/nlmyQ7/aG6v0sm8/uT77+bHkZX6kFWsDJlScHUC4ssIjgIKRIBKR8FiWqq0CnUm6KF1NkWZm6rprCa/b6Bv5Mpn6ym5eQ+Ob9U03t1/i6ZFpPNl4VqoxrTiVqw6s9NMqsep/lkMx9hyjOcci/CySgrjMgAuBsY9mb9+KBogKNfrNSg70fAQuZhLBb3ABpm5qay01Als/lUTu7VDz6ZK/TWMHub6IjxkqZ5aPn0rWkaZU3LVOa7S7pgqUxy9RnNWzi9B+rM4Z/buaJJrv++BzLNgETHLVjWxoaSPM1ECJ2Xah9dq+k5ex8dLudpGYR7Eh9c0QHu7bLaqKX5KTrUvEwL9nSDLEgHOJqR6Uk5KaNDlTTNyNMNUn1AgoPMYoNjWZaSwg8uOYHOZaHE5ezDhMSHTbKUBhftcWzcC46m4um2JCOiA9yxQsoDTnGA4Lp5A1uj2kZnr4wVaR6AisuHSoar52X86eTh6Rx95QoaHPaHyWl8cHnKQ5tU7V+Cw8x4dLh5nuYBuGqYNJueyAmJDrUUaTFoYsvjFhX3wJZo0fhH/CpjBX8de7SySGVQX4rOJrji9zQ4pb+CUkazyWahFOkVKGT3sWeXMxqk8MgcgytmpYytwNiVIRYdIJdpwQfObUs/ZxH0c69cIigoiiJVNvm3IsXHMRqKLC2polSuPmjhdKVM3V9+BENB/SMmZ8rUQjviX7E3B1HGAqcBLPooI8aZLksZrlhxew29uweKJMqSohN6JDv0AJdlKngQ+I8VzMJ69km7JhCHjJRqel5okxienC/Ub7A+Zit4wCcPYOw9wj8fleW1XGympbJM0E5WJjT8oT+s4D8CP4U3s0eAsl5sv+oRRzdltJbvH2ml8ComfyqmqNAtgDOqcX/VuEbX/0u05PyIzFb3YDXPwMuzxrlfxFfpWFrIEAJoqt/B1BA7Qx/dhN5O9f9hvtbwkmlSAeHw2a3ayUv1iLDJl6mdaHiLny/Vi0xDwNa4vLD3xXKhvoSpz81H4HVh8anPS54Gx95aylefwTcHInOy1bS4xDmBNtsKh7SMjqJlCIwDr2rhuFQ4LmB5IB23L/QiZZrguM8Ws0/qgZq+JU6FwDeAcnRUiVKTWQjT6h72FKJWoZ9MU2z2u9JBYuOhdKyShBCJP2wp0U/hB7dduSlZP8JquXe/9VLSK367RnJYLqPezlY32mNmfq+c6wx/bj/ptyTXv+ttda89azs7ajnHCacEZx5WwGILjJxoAPAwjc5Z1AdCPtk0gGYtgrN+hsxmNlutb5CN3uNWUJyN8eYU7ex5IifXsOOX+B6eGkHXID8HXy8h9TTpSXU/P6MLH+SHaYabYCQeQWH/tRYgYmq334ksJyQvXyho8ENoETx38m4GNp5eEpr5qva3dgy4vnAJWsFNFFGbCxOaX6GCgE+xWRO0QWZbt0YeVf05ZYZmdSuUvQbGNwqN+GtZkJSRAIXjL2XB0dfhhXamaYR61XrlSH3rqGd+Opo3lYgH3PIgvUhG6okF6S1lY1G3yO5jKnti2k3mBn7k0AbZi0IEPryfjrjyieqnLcGbuicMYl/5jC0IFBYiiEwKNM2zydXifhbdMUdYCTZnAHR8kcdpSkLQgLaaCy6/Rges9HYSJHH8ceZ5eJxnD9pEWb6AmS2osV0MJ633yjK6zUCzNA+iFd9EoUqiihC4XWVuMx3DRhIFhEgEENA8R80Ad3SH+RDSMSBu+E/0sxSCRzdPNA0sU7ZKEQK3QgJ8tIpKrZhYmjiJrQhjrSn8YZm+lhfwBNVDlLPL6DySSYq+7acimsxRboc51b8fQB9crhY6pMDpheo/xeT88gpOUiDuQi2lsqE8q98QfmGlotWWgHxXSLrPjguitFX282XswUGISxZk+vd2LWzRAK/Gs00F2FttlXuQ8qBs15PyyFAJH+OmRSqDmMWXEyzrAPcb7jFhWVPBGypz/WwNf6LGolWy7fzG7FL10u1Y9fe+H049cn646EfwSqNhT0ZGWrAOcOe/qiFeRIdZypQVIZgjnPfTILjd0y6c0xHOxPOnGyyciYfA7Q42I0X8g0Um4OQjMNjoe4VBwKF4sr3CVMswOGvVRTdMGRw/B4BWs5mG61wsDCVpwZyLxTG/hv9Ee47XWoxGP5LjgGkA4dpSqSW51ppG8Y9C+F6ZB6ln3SSWRMsbhxM8FTtSI7oqIcAF/lR7BTQXUj7ZXhGqZRickivKTIguWITIU/lkrNaqYhBM0SdW8ujnhkr7Kf3ARxiq5CnJQtByVgrYR79N43t3ipSVAbDRHY6ESFg9XmDx1VdKcX94oV1jKGmtqiozE22b5RxcxeBCrGZb54Zcj3OypFZYRgIIfrFHkLUjvgIB1Dj42Dq1Or7OyllKQzOFQg3wWy+0FYbYITY1Sc8XG0AXTxn55PLdVYKWKB423s0TE5dz0v5w80UfHc0+OR8+Ur9yx0zRzXeuGLcIrZT4ApNnKDC90LTI1lLzrp7lmjyzlTuugFW6uHtEUa8dVgvtFE9uF0tz9JCiST+ajaxMG+5x5m9x61Sz352sH2cDEQL+4QAW0T2UhDDwhAfA4UqFKdnGZ2Qc7XA/3BH4ZpGSELQqmebIKZ1/aGN2dHQ0iq7J1f6qTzqMRgJa0ZlzmfIgGX6BxKVkSjKc8WWlDIJy58hQ6vPW9dy4LZ3fCrFd1pv4DntpuN8+2Q6Q1F+cMo+tjfnxcqqb/EWh8WaFzOK/YOVBIlU9OcIBdNQiBf6uzz3X8BOao0iZbRf1IODjv0RnfhJzxQJkTYGMe6I5tgJLtLniRwBXdB1IoKlcW3X3o0RLWWaaE0jQ2kfpoyXFbPV5bgNzAK363Lo+J6gWywpWSK0lpCMcH2VoffrRdbNnj8Ml6AtGiGvH6X
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1523430367" ,
"to_ids" : false ,
"type" : "attachment" ,
"uuid" : "5acdb395-d4d4-46fa-bd99-495902de0b81" ,
"value" : "CITAR-Flash-2018-010-CISCO-Switches v1.0.pdf" ,
"Tag" : [
{
"colour" : "#002b4a" ,
"local" : "0" ,
"name" : "osint:source-type=\"technical-report\"" ,
"relationship_type" : ""
}
]
}
] ,
"Object" : [
{
"comment" : "" ,
"deleted" : false ,
"description" : "Vulnerability object describing a common vulnerability enumeration which can describe unpublished, under review or embargo vulnerability for software, equipments or hardware." ,
"meta-category" : "network" ,
"name" : "vulnerability" ,
"template_uuid" : "81650945-f186-437b-8945-9f31715d32da" ,
"template_version" : "4" ,
"timestamp" : "1523941943" ,
"uuid" : "5ad58237-d42c-405c-9d1e-41a3950d210f" ,
"Attribute" : [
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : true ,
"object_relation" : "state" ,
"timestamp" : "1523941944" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5ad58238-3c1c-4d71-983a-4a03950d210f" ,
"value" : "Published"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "summary" ,
"timestamp" : "1523941944" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5ad58238-e6ec-4c98-bc94-454f950d210f" ,
"value" : "A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186."
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "id" ,
"timestamp" : "1523941944" ,
"to_ids" : false ,
2023-04-21 13:25:09 +00:00
"type" : "vulnerability" ,
2023-12-14 14:30:15 +00:00
"uuid" : "5ad58238-2488-4b5f-b47e-4814950d210f" ,
"value" : "CVE-2018-0171"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}