How Three Low-Risk Vulnerabilities Become One High
ATT&CK techniques detected
T1557.001Name Resolution Poisoning and SMB Relay
94%
"weak ( dns cache poisoning ), and one esoteric ( van beek ' s microsoft exchange autodiscover ) — they can build a very effective, high - risk attack method, enabling them to snatch someone ’ s login credentials from microsoft exchange. this is just how attackers think — because …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557.001Name Resolution Poisoning and SMB Relay
83%
"2 it ’ s the last part of that statement that makes this difficult. according to the register, microsoft responded that “ the issue described assumes a shared domain web server has already been compromised by another method. ” the implication being that the requirement for an att…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557.001Name Resolution Poisoning and SMB Relay
79%
"microsoft exchange server. in the scenario we chose, an attacker is connected on a public wi - fi network and then poisons the dns record of autodiscover. example. com. so, instead of the client ’ s dns resolving to the intended public ip address of the real microsoft exchange se…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
It’s easy to brush off low-risk vulnerabilities as trivial—until they’re combined to create a deep-impact attack.