NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to databases/Users.mdb.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

• S1 – Steal Customer Account Information

EPSS

Score: 0.00676
Percentile: 0.70558

CVSS Scoring

Mapped CWE(s)

• CWE-552 : Files or Directories Accessible to External Parties

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

• T1003 : OS Credential Dumping
  Kill Chain: credential-access
• T1119 : Automated Collection
  Kill Chain: collection
• T1213 : Data from Information Repositories
  Kill Chain: collection
• T1530 : Data from Cloud Storage
  Kill Chain: collection
• T1555 : Credentials from Password Stores
  Kill Chain: credential-access
• T1602 : Data from Configuration Repository
  Kill Chain: collection
• T1039 : Data from Network Shared Drive
  Kill Chain: collection
• T1552.001 : Credentials In Files
  Kill Chain: credential-access
• T1552.003 : Bash History
  Kill Chain: credential-access
• T1552.004 : Private Keys
  Kill Chain: credential-access
• T1552.006 : Group Policy Preferences
  Kill Chain: credential-access

Malware

APTs Threat Group Associations

Campaigns

Affected Products

• cpe:2.3:a:nextweb:nextweb_\(i\)site:*:*:*:*:*:*:*:*

← Back to Home