p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Add Zerologon (and Drupal) information to "Immediate Threats"

This commit is contained in:
Shreya 2021-02-25 14:54:36 +05:30
parent f17c08d286
commit 3da1de39a6
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
View File

@ -38,7 +38,9 @@ class ReportPageComponent extends AuthComponent {
HADOOP: 10,
PTH_CRIT_SERVICES_ACCESS: 11,
MSSQL: 12,
VSFTPD: 13
VSFTPD: 13,
DRUPAL: 14,
ZEROLOGON: 15
};
Warning =
@ -296,6 +298,14 @@ class ReportPageComponent extends AuthComponent {
critical.</li> : null}
{this.state.report.overview.issues[this.Issue.MSSQL] ?
<li>MS-SQL servers are vulnerable to remote code execution via xp_cmdshell command.</li> : null}
{this.state.report.overview.issues[this.Issue.DRUPAL] ?
<li>Drupal servers are susceptible to a remote code execution vulnerability
(<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">
CVE-2019-6340</a>).</li> : null}
{this.state.report.overview.issues[this.Issue.ZEROLOGON] ?
<li>Machines are vulnerable to 'Zerologon'
(<a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
CVE-2020-1472</a>).</li> : null}
</ul>
</div>
: