Sign In

Initial Access Intelligence

Leverage Exploit & Vulnerability Intelligence to make better decisions on which vulnerabilities need immediate remediation
Schedule A Demo
GET /v3/index/initial-access?cve=CVE-2023-22527
    {
  "data": [
    {
      "cve": "CVE-2023-22527",
      "inKEV": true,
      "inVCKEV": true,
      "artifacts": [
        {
          "vendor": "Confluence",
          "product": [
            "Confluence Server",
            "Confluence Data Center"
          ],
          "dateAdded": "2024-01-22T00:00:00Z",
          "artifactName": "Confluence Template Injection (text-inline.vm)",
          "exploit": true,
          "versionScanner": true,
          "pcap": true,
          "suricataRule": true,
          "snortRule": true,
          "yara": true,
          "nmapScript": true,
          "zeroday": false,
          "targetService": "HTTP",
          "targetDocker": true,
          "shodanQueries": [
            "https://www.shodan.io/search?query=%2Bhttp.favicon.hash%3A-305179312+%22X-Confluence-Request-Time%22+%2B%22Set-Cookie%3A+JSESSIONID%3D%22+%2Bhtml%3A%22confluence-context-path%22",
            "https://www.shodan.io/search?query=X-Confluence-Request-Time+%2B%22JSESSIONID%22+%2Bhtml%3A%22atlassian-authentication-plugin%22+-%22145DF9C4CDE560B2699212692B867CDA%22",
            "https://www.shodan.io/search?query=X-Confluence-Request-Time+%2B%22Set-Cookie%3A+JSESSIONID%22+%2Bhtml%3A%22SAML+POST+Binding%22"
          ],
          "censysQueries": [
            "https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=INCLUDE&q=labels%3A+%60atlassian-confluence%60+and+services.banner%3A%22Set-Cookie%3A+JSESSIONID%22"
          ],
          "greynoiseQueries": [
            "https://viz.greynoise.io/query?gnql=raw_data.web.paths%3A%22%2Ftemplate%2Faui%2Ftext-inline.vm%22",
            "https://viz.greynoise.io/tag/atlassian-confluence-template-injection-rce-attempt-cve-2023-22527"
          ],
          "shodanRawQueries": [
            "+http.favicon.hash:-305179312 \"X-Confluence-Request-Time\" +\"Set-Cookie: JSESSIONID=\" +html:\"confluence-context-path\"",
            "X-Confluence-Request-Time +\"JSESSIONID\" +html:\"atlassian-authentication-plugin\" -\"145DF9C4CDE560B2699212692B867CDA\"",
            "X-Confluence-Request-Time +\"Set-Cookie: JSESSIONID\" +html:\"SAML POST Binding\""
          ],
          "censysRawQueries": [
            "labels: `atlassian-confluence` and services.banner:\"Set-Cookie: JSESSIONID\""
          ],
          "cloneSSHURL": "git@git.vulncheck.com:vulncheck/initial-access.git"
        }
      ],
      "_timestamp": "2024-08-31T00:22:25.801484Z"
    }
  ]
}
VulnCheck Platform

Why VulnCheck Initial Access Intelligence

  • Focused on What Matters
    Unlike other emerging threat feeds, VulnCheck Initial Access focuses on vulnerabilities that matter, not simply vulnerabilities that are easy to collect PCAPs for.
  • Exclusively Initial Access
    Initial Access vulnerabilities, a subset of Remote Code Execution vulnerabilities, are the most dangerous vulnerabilities for organizations as they result in remote, unauthenticated, no-click, data breaches.
  • Detection Artifacts Early
    VulnCheck Initial Access Intelligence provides early detection artifacts to implement defenses quickly, such as Suricata signatures, YARA rules, and PCAPs.
  • Private Exploit PoCs
    When vulnerabilities break, it can be hard to know if you are protected. VulnCheck Initial Access Intelligence includes private exploit proof-of-concept code, which may be used to test your organizations defenses.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and
  • Vulnerability Prioritization
    Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
  • Early Warning System
    Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.
Schedule a Demo