Merge pull request #1180 from splunk/20127

tccontre · web-flow · commit ae2f044c41dc · 2026-06-09T14:39:22.000+02:00
20127
diff --git a/datasets/attack_techniques/T1190/cisco/CVE-2026-20127/CVE-2026-20127.yml b/datasets/attack_techniques/T1190/cisco/CVE-2026-20127/CVE-2026-20127.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: 176840b2-63ff-11f1-a152-629be353806a
+date: '2026-06-09'
+description: Generated datasets for CVE-2026-20127 in attack range.
+environment: attack_range
+directory: CVE-2026-20127
+mitre_technique:
+- T1190
+datasets:
+- name: auth_dummy_key.log
+  path: /datasets/attack_techniques/T1190/cisco/CVE-2026-20127/auth_dummy_key.log
+  sourcetype: 'cisco:sdwan:syslog'
+  source: /var/log/nms/containers/service-proxy/serviceproxy-access.log
diff --git a/datasets/attack_techniques/T1190/cisco/CVE-2026-20127/auth_dummy_key.log b/datasets/attack_techniques/T1190/cisco/CVE-2026-20127/auth_dummy_key.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:647ea6eb80b388b415ca6c7ad5b48945be11104287182f582552c618e507522a
+size 36882

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:647ea6eb80b388b415ca6c7ad5b48945be11104287182f582552c618e507522a`
	`3`	`+size 36882`