GreyNoise coverage for the top CVEs most used by Chinese state-sponsored attackers as identified by CISA: https://www.cisa.gov/uscert/ncas/alerts/aa22-279a

gn-cisa-aa22-279a.md

GreyNoise coverage for the top CVEs most used by Chinese state-sponsored attackers as identified by CISA: https://www.cisa.gov/uscert/ncas/alerts/aa22-279a

All of them in one GNQL by tag name.

All of them in one GNQL by CVE id.

Individual ones below:

• CVE-2019-11510: Pulse Secure VPN File Disclosure
• CVE-2019-19781: Citrix NetScaler LFI
• CVE-2020-5902: F5 BIG-IP TMUI RCE
• CVE-2020-5902: F5 BIG-IP TMUI RCE Vuln Check
• CVE-2021-1497: Cisco HyperFlex HX RCE Attempt
• CVE-2021-1497: Cisco HyperFlex HX RCE Vuln Check
• CVE-2021-22005: VMWare VCSA File Upload Attempt
• CVE-2021-22005: VMWare VCSA File Upload Check
• CVE-2021-22205: GitLab CE RCE
• CVE-2021-26084: Atlassian Confluence Server OGNL Injection Attempt
• CVE-2021-26084: Atlassian Confluence Server OGNL Injection Vuln Check
• CVE-2021-26855: ProxyLogon SSRF Attempt
• CVE-2021-26855: ProxyLogon SSRF Vuln Check
• CVE-2021-36260: Hikvision IP Camera RCE Attempt
• CVE-2021-40539: Zoho ManageEngine RCE Attempt
• CVE-2021-40539: Zoho ManageEngine RCE Check
• CVE-2021-41773: Apache HTTP Server Path Traversal Attempt
• CVE-2021-42237: Sitecore RCE Attempt
• CVE-2021-42237: Sitecore RCE Check
• CVE-2021-44228: Apache Log4j RCE Attempt
• CVE-2022-1388: F5 BIG-IP iControl REST Authentication Bypass
• CVE-2022-24112: Apache APISIX RCE Attempt
• CVE-2022-26134: Atlassian Confluence Server CVE-2022-26134 OGNL Injection Attempt