CVE: CVE-2017-7440

Export to Word

Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00234
Percentile: 0.46229

CVSS Scoring

CVSS v3.1 Score: 6.5

Severity: MEDIUM

Mapped CWE(s)

CWE-1021 : Improper Restriction of Rendered UI Layers or Frames

All CAPEC(s)

CAPEC-103: Clickjacking
CAPEC-181: Flash File Overlay
CAPEC-222: iFrame Overlay
CAPEC-504: Task Impersonation
CAPEC-506: Tapjacking
CAPEC-587: Cross Frame Scripting (XFS)
CAPEC-654: Credential Prompt Impersonation

CAPEC(s) with Mapped TTPs

CAPEC-504: Task Impersonation
Mapped TTPs:
- T1036.004 : Masquerade Task or Service
CAPEC-654: Credential Prompt Impersonation
Mapped TTPs:
- T1056 : Input Capture
- T1548.004 : Elevated Execution with Prompt

Mapped ATT&CK TTPs

T1036.004 : Masquerade Task or Service
Kill Chain: defense-evasion
T1056 : Input Capture
Kill Chain: collection
T1548.004 : Elevated Execution with Prompt
Kill Chain: privilege-escalation

Malware

APTs Threat Group Associations

Campaigns

APT41 DUST
SolarWinds Compromise
RedDelta Modified PlugX Infection Chain Operations
Versa Director Zero Day Exploitation
Frankenstein
Leviathan Australian Intrusions
C0017
2022 Ukraine Electric Power Attack
KV Botnet Activity

Affected Products

cpe:2.3:a:gfi:kerio_connect:*:*:*:*:*:*:*:*
cpe:2.3:a:gfi:kerio_connect_client:*:*:*:*:*:*:*:*

← Back to Home