CVE-2020-23451 - has been added to the list

[abuyv]

As a author of added CVE, wanted contributing to this project. So, could you please check and validate the CVE I have appended?

[mehaase]

Congratulations on the CVE and thank you for submitting this mapping to our project! Can you provide more details about the CVE so that we can confirm the mappings to ATT&CK? The domain abuyv.com is not working for me.

[abuyv]

Thanks @mehaase getting back to me, wanted to start with a simple CVE to see if I understood the mapping method correctly then could switch to the complex CVEs.

Its just a basic CSRF vulnerability and POC can be found on the link below:
https://abuyv.github.io/com/cve/spiceworks-csrf-via-xss

Overall, you need to have a valid credential on the target system then from there you can target and force an admin user to change your privilege to the higher level.

[mehaase]

Thank you for the detailed reference. Per the CVE mapping methodology:

For example, the cross-site scripting (XSS) vulnerability type includes an option of T1189 (Drive-by Compromise) or T1204.001 (User Execution: Malicious Link) depending on whether the attacked is stored or not.

Therefore, I recommend changing the exploitation technique to T1189 Drive-by Compromise, because admin users will trigger this XSS in the course of normal work and the attacker does not need to socially engineer them.

[abuyv]

True, I agree and modified the exploitation technique to the correct one now.