|
ESXi Post Compromise
|
VMWare ESXi Syslog
|
Collection
Credential Access
Defense Evasion
Discovery
Execution
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2025-05-08
|
|
Spring4Shell CVE-2022-22965
|
Nginx Access, Splunk Stream HTTP, Sysmon for Linux EventID 11, Sysmon for Linux EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2024-09-24
|
|
Splunk Vulnerabilities
|
Splunk
|
Credential Access
Defense Evasion
Discovery
Execution
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2024-01-22
|
|
Text4Shell CVE-2022-42889
|
Nginx Access
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2022-10-26
|
|
Atlassian Confluence Server and Data Center CVE-2022-26134
|
Palo Alto Network Threat, Sysmon for Linux EventID 11, Sysmon for Linux EventID 1
|
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2022-06-03
|
|
Log4Shell CVE-2021-44228
|
Cisco Secure Firewall Threat Defense Connection Event, CrowdStrike ProcessRollup2, Nginx Access, Palo Alto Network Traffic, Splunk Stream HTTP, Sysmon EventID 1, Sysmon EventID 3, Sysmon for Linux EventID 1, Windows Event Log Security 4688
|
Command And Control
Execution
Initial Access
Persistence
|
Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
|
2021-12-11
|
