The landscape of potential cyberthreats for Linux was analyzed by specialists from Trend Micro. During the study, Trend Micro employees focused on the data from honeypots and various scanners. That’s how about malware attacks have been recorded targeting cloud environments running on Linux.

Trend Micro specialists identified 15 different vulnerabilities that are either actively exploited in the wild or have existing proofs of concept (PoC). These flaws are:

CVE-2017-5638 (CVSS - 10.0) - Apache Struts2 remote code execution (RCE) vulnerability;

CVE-2017-9805 (CVSS - 8.1) - Apache Struts 2 REST plugin XStream RCE vulnerability;

CVE-2018-7600 (CVSS - 9.8) - Drupal Core RCE vulnerability;

CVE-2020-14750 (CVSS - 9.8) - Oracle WebLogic server RCE vulnerability;

CVE-2020-25213 (CVSS - 10.0) - WordPress file manager plugin Remote Code Execution vulnerability;

CVE-2020-17496 (CVSS - 9.8) - vBulletin 'subwidgetConfig' unauthenticated Remote Code Execution vulnerability

CVE-2020-11651 (CVSS - 9.8) - SaltStack salt authorization weakness vulnerability;

CVE-2017-12611 (CVSS - 9.8) - Apache Struts OGNL remote code execution vulnerability;

CVE-2017-7657 (CVSS - 9.8) - Eclipse Jetty integer overflow vulnerability;

CVE-2021-29441 (CVSS - 9.8) - Alibaba Nacos AuthFilter authentication bypass vulnerability;

CVE-2020-14179 (CVSS - 5.3) - Atlassian Jira information disclosure vulnerability;

CVE-2013-4547 (CVSS - 8.0) - Nginx access restriction bypass vulnerability;

CVE-2019-0230 (CVSS - 9.8) - Apache Struts 2 remote code execution vulnerability;

CVE-2018-11776 (CVSS - 8.1) - Apache Struts OGNL remote code execution vulnerability;

CVE-2020-7961 (CVSS - 9.8) - Liferay Portal deserialization vulnerability.vulnerability

Source: anti-malware.ru