Sektor Police

Timeframe: -28 days

Default Categories (69): Access Management Software, Android App Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Audio Processing Software, Backup Software, Big Data Software, Business Process Management Software, Calendar Software, Chat Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Learning Management Software, Mail Client Software, Mail Server Software, Messaging Software, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux388
Microsoft120
Oracle68
Not Defined48
Juniper28

Produkt

Linux Kernel388
Microsoft Windows88
Oracle MySQL Server30
Microsoft SQL Server26
Juniper Junos OS26

Massnahmen

Official Fix772
Temporary Fix0
Workaround2
Unavailable0
Not Defined120

Ausnutzbarkeit

High6
Functional0
Proof-of-Concept8
Unproven112
Not Defined768

Zugriffsart

Not Defined0
Physical6
Local108
Adjacent430
Network350

Authentisierung

Not Defined0
High86
Low538
None270

Benutzeraktivität

Not Defined0
Required166
None728

C3BM Index

CVSSv3 Base

≤10
≤20
≤318
≤452
≤5202
≤6298
≤7140
≤8132
≤944
≤108

CVSSv3 Temp

≤10
≤20
≤318
≤458
≤5202
≤6358
≤7138
≤8102
≤910
≤108

VulDB

≤10
≤20
≤318
≤476
≤5214
≤6280
≤7130
≤8132
≤936
≤108

NVD

≤1894
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1648
≤22
≤30
≤44
≤542
≤658
≤740
≤858
≤934
≤108

Hersteller

≤1778
≤20
≤30
≤40
≤52
≤68
≤730
≤846
≤930
≤100

Exploit 0-day

<1k20
<2k138
<5k36
<10k440
<25k132
<50k114
<100k14
≥100k0

Exploit heute

<1k312
<2k206
<5k170
<10k124
<25k76
<50k6
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en694
es62
ja52
de34
ru34

Land

us140
ru60
de60
gb48
es40

Akteure

Mirai8
Cobalt Strike6
Sandworm5
RedLine Stealer4
Sliver3

Aktivitäten

Interesse

Zeitverlauf

Typ

Operating System96
Virtualization Software14
Business Process Management Software14
Database Software12
Web Browser10

Hersteller

Linux90
Not Defined22
IBM14
Microsoft14
Oracle14

Produkt

Linux Kernel90
IBM Cognos Controller14
cym1102 nginxWebUI10
Google Chrome8
Oracle VM VirtualBox6

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasEPSSCTICVE
1PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php Cross Site Scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.64CVE-2024-4293
2Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service Denial of Service6.55.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.48CVE-2024-4292
3Netgear DG834Gv5 Web Management Interface schwache Verschlüsselung2.72.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000450.48CVE-2024-4235
4PHPGurukul Doctor Appointment Management System view-appointment-detail.php erweiterte Rechte6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.16CVE-2024-4294
5SourceCodester Pisay Online E-Learning System controller.php erweiterte Rechte6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.21CVE-2024-4349
6Google Chrome Picture In Picture Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000450.48CVE-2024-4331
7Apache ActiveMQ Jolokia/REST API schwache Authentisierung7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.11CVE-2024-32114
8Google Chrome Dawn Pufferüberlauf6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000450.22CVE-2024-4368
9Adobe Acrobat Reader Pufferüberlauf7.06.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000530.26CVE-2024-30305
10MicroWorld eScan Antivirus Kernel ProcObsrvesx.sys Privilege Escalation8.08.0$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.27CVE-2024-28519
11Adobe Acrobat Reader File Information Disclosure7.06.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000530.11CVE-2024-30306
12IBM Cognos Controller schwache Authentisierung6.36.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.16CVE-2023-40695
13cym1102 nginxWebUI upload erweiterte Rechte4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.16CVE-2024-3736
14Adobe Acrobat Reader Pufferüberlauf7.06.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000530.11CVE-2024-30304
15Tinyproxy HTTP Connection Header Pufferüberlauf9.89.6$0-$5k$0-$5kNot DefinedNot Defined0.000910.21CVE-2023-49606
16Adobe Acrobat Reader Pufferüberlauf4.94.8$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000520.27CVE-2024-30302
17Veritas NetBackup/NetBackup Appliance Alta Recovery Vault erweiterte Rechte5.75.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-34404
18IBM Cognos Controller schwache Verschlüsselung4.84.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.43CVE-2020-4874
19Linux Kernel Netfilter nft_gc_seq_begin erweiterte Rechte6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.31CVE-2024-26925
20Xiamen Four-Faith RMP Router Management Platform SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.43CVE-2024-3688

IOC - Indicator of Compromise (51)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
12.57.122.0/24MiraiprädiktivHigh
22.58.95.0/24BashliteprädiktivHigh
35.255.117.0/24IRATAprädiktivHigh
45.255.127.0/24RaccoonprädiktivHigh
514.153.209.0/24MiraiprädiktivHigh
623.137.253.0/24FAKEUPDATESprädiktivHigh
7XX.XXX.XXX.X/XXXxxxxxxxprädiktivHigh
8XX.XXX.XX.X/XXXxx XxxxxprädiktivHigh
9XX.XXX.XX.X/XXXxxxxxxxxxprädiktivHigh
10XX.XX.XX.X/XXXxxxxxxxprädiktivHigh
11XX.XXX.XXX.X/XXXxxxxprädiktivHigh
12XX.XXX.XX.X/XXXxxxxxxxprädiktivHigh
13XX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
14XX.XX.XXX.X/XXXxxxxprädiktivHigh
15XX.XX.XXX.X/XXXxxxxxxxprädiktivHigh
16XX.XXX.XXX.X/XXXxxxxxxprädiktivHigh
17XX.XX.XXX.X/XXXxxxxxxxprädiktivHigh
18XX.XX.XXX.X/XXXxxxxxx XxxxxxprädiktivHigh
19XX.XXX.XXX.X/XXXxxxxxprädiktivHigh
20XX.XXX.XXX.X/XXXxxxxxxx XxxxprädiktivHigh
21XX.XXX.XX.X/XXXxxxxxxxprädiktivHigh
22XX.XXX.XX.X/XXXxxxxxxxxxxxxxxxx XxxprädiktivHigh
23XX.XXX.XXX.X/XXXxx XxxxxprädiktivHigh
24XXX.XXX.XXX.X/XXXxxxxxprädiktivHigh
25XXX.XXX.X.X/XXXxxxxxxxxprädiktivHigh
26XXX.XXX.X.X/XXXxxxxx XxxxxxprädiktivHigh
27XXX.XXX.X.X/XXXxxxxxxxxprädiktivHigh
28XXX.XXX.X.X/XXXxxxxxxprädiktivHigh
29XXX.XXX.X.X/XXXxxxxx XxxxxxprädiktivHigh
30XXX.XXX.XX.X/XXXxxxxprädiktivHigh
31XXX.XXX.XX.X/XXXxxxxprädiktivHigh
32XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
33XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
34XXX.XXX.XX.X/XXXxxxxxprädiktivHigh
35XXX.XX.XX.X/XXXxxxxxxxprädiktivHigh
36XXX.XXX.XXX.X/XXXxxxxxxxxxxxxprädiktivHigh
37XXX.XX.XX.X/XXXxxxxxx XxxxxxprädiktivHigh
38XXX.XXX.XXX.X/XXXxxxxprädiktivHigh
39XXX.XX.XXX.X/XXXxxxxprädiktivHigh
40XXX.XX.XXX.X/XXXxxxxprädiktivHigh
41XXX.XXX.XX.X/XXXxxxxx XxxprädiktivHigh
42XXX.XXX.XXX.X/XXXxxxxxprädiktivHigh
43XXX.XXX.XXX.X/XXXxxxxxxxprädiktivHigh
44XXX.XX.XX.X/XXXxxxxx_xxxprädiktivHigh
45XXX.XX.XX.X/XXXxxxxprädiktivHigh
46XXX.XXX.XXX.X/XXXxxxxxxxprädiktivHigh
47XXX.XX.XXX.X/XXXxxxxxprädiktivHigh
48XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxprädiktivHigh
49XXX.XX.XXX.X/XXXxxxxx XxxxxxprädiktivHigh
50XXX.XXX.XX.X/XXXxxxxprädiktivHigh
51XXX.XXX.XX.X/XXXxxxxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassifizierungSchwachstellenZugriffsartTypAkzeptanz
1T1006CAPEC-126CWE-22Path TraversalprädiktivHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
3T1059CAPEC-242CWE-94, CWE-1321Argument InjectionprädiktivHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
5T1068CAPEC-122CWE-269, CWE-284Execution with Unnecessary PrivilegesprädiktivHigh
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxprädiktivHigh
7TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx XxxxxxxxxxxprädiktivHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxprädiktivHigh
10TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
11TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxprädiktivHigh
12TXXXXCAPEC-102CWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
14TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
15TXXXXCAPEC-37CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
17TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxprädiktivHigh
18TXXXX.XXXCAPEC-142CWE-XXXXxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx XxxxxxxxprädiktivHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
20TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxprädiktivHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
22TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
23TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxprädiktivHigh
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (113)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/adminPage/conf/reloadprädiktivHigh
2File/adminPage/conf/saveCmdprädiktivHigh
3File/adminPage/main/uploadprädiktivHigh
4File/adminPage/www/addOverprädiktivHigh
5File/API/infoprädiktivMedium
6File/api/runs/search/run/prädiktivHigh
7File/CMD0/xml_modes.xmlprädiktivHigh
8File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=prädiktivHigh
9File/doctor/view-appointment-detail.phpprädiktivHigh
10File/drivers/tty/serial/serial_core.cprädiktivHigh
11File/fftools/ffmpeg_enc.cprädiktivHigh
12File/lesson/controller.phpprädiktivHigh
13File/proc/scsi/${proc_name}prädiktivHigh
14File/sys/bus/i2c/devices/i2c-2/new_deviceprädiktivHigh
15File/sys/kernel/notesprädiktivHigh
16File/xxxxxxxxx/prädiktivMedium
17Filexx_xxxxxxxxxxxxxx.xprädiktivHigh
18Filexxxxxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxx.xxxprädiktivHigh
19Filexxxxxx/xxxxxx_xxxxxx.xprädiktivHigh
20Filexx_xxx.xprädiktivMedium
21Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xprädiktivHigh
22Filexxxxxxx/xxx/xxxx/xxx.xprädiktivHigh
23Filexxxxxxx/xxxx/xxxx_xxxx.xprädiktivHigh
24Filexxxxxxx/xxxxx/xxx-xxxxxxxxx/xxxxxxx.xprädiktivHigh
25Filexxxxxxx/xxx/xxxxxxxx/xxx/xx.xprädiktivHigh
26Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xprädiktivHigh
27Filexxxxxxx/xxxx/xxx/xxxxxx.xprädiktivHigh
28Filexxxxxxx/xxx/xxxxxx/xxxx/xxxx_xxxx.xprädiktivHigh
29Filexxxxxxx/xxx/xxxx/xxxxx.xprädiktivHigh
30Filexxxxxxx/xxx/xxxx/xxx.xprädiktivHigh
31Filexxxxxxxxx.xxxprädiktivHigh
32Filexx/xxxxxx.xprädiktivMedium
33Filexx/xxxx/xxxxxxx.xprädiktivHigh
34Filexx/xxxxx/xxxx.xprädiktivHigh
35Filexx/xxxxxx/xxx.xprädiktivHigh
36FilexxxxxprädiktivLow
37Filexxxxx_xxxxxxprädiktivMedium
38Filexx/xxx/xxx_xx_xxx.xprädiktivHigh
39Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xprädiktivHigh
40Filexxxxxxx/xxxxx/xxxx.xprädiktivHigh
41Filexxxxxxx/xxxxx/xxxxxx.xprädiktivHigh
42Filexxxx/xxxx.xprädiktivMedium
43Filexxxxxx/xxx/xxxxxx.xprädiktivHigh
44Filexxxxxx/xxxx_xxxxx.xprädiktivHigh
45Filexxxxxxxxxx/xxx_xxxx_xxxxxx_xxxxxxxx.xprädiktivHigh
46Filexxxxxxxxxx/xxxxxx_xxxxxx.xprädiktivHigh
47Filexxxxxxxxxxx/xx_xxxxxxxxxxx.xprädiktivHigh
48Filexxxxxxxxxxx/xxxx_xxxxxxx.xprädiktivHigh
49Filexxxxxxxxxxx/xxx_xxxxxxxxxxxx.xprädiktivHigh
50Filexxxxxxxxxxx/xxx_xxxxxxxxx.xprädiktivHigh
51Filexxxxxxxxxxx/xxxxxxxx.xprädiktivHigh
52Filexxxxxxxxxxx/xxxx_xxxxxxxx.xprädiktivHigh
53Filexxxxxxxxxxx/x_xxxxxxx.xprädiktivHigh
54Filexxxxxxxxxxx/xx_xxxxxxxxx.xprädiktivHigh
55Filexxxxxxxxxxx/xx_xxxxxxxxxxxx.xprädiktivHigh
56Filexxxxxxxxx/xxxxxxxx.xprädiktivHigh
57Filexxxxxxxxx/xxx.xprädiktivHigh
58Filexx/xxxx.xprädiktivMedium
59Filexx/xxxxxxxx.xprädiktivHigh
60Filexxxxxxx/xxxxx/xxxxxx/xxxxxx.xxxprädiktivHigh
61Filexxx/xxxxxx/xx_xxxxxxxxx_xxxxx.xprädiktivHigh
62Filexxx/xxxx/xxx.xprädiktivHigh
63Filexxx/xxxx/xxxx.xprädiktivHigh
64Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xprädiktivHigh
65Filexxxx.xprädiktivLow
66Filexxxx.xxxprädiktivMedium
67Filexxx/xxxxxx.xprädiktivMedium
68Filexxx.xprädiktivLow
69Filexxxxx_xxxx.xprädiktivMedium
70Filexxxx_xxxxxx.xxprädiktivHigh
71Filexxxxxxxxxxxx/xxxxxxxxx.xprädiktivHigh
72Filexxxxxx_xxxxxxxx.xxxprädiktivHigh
73Filexxxx.xxxprädiktivMedium
74Libraryxxxxx-xx.xxprädiktivMedium
75Libraryxxxx.xxxprädiktivMedium
76Libraryxxxxxxx/xxx/xxxx_xxx.xprädiktivHigh
77Libraryxxx/xxxxxxxxxxxx.xprädiktivHigh
78Libraryxxx/xxxx_xxxxx.xprädiktivHigh
79Libraryxxx/xxxx_xxxxx.xprädiktivHigh
80Libraryxxx/xxxxxx.xprädiktivMedium
81Libraryxxx/xxxxxxxx.xprädiktivHigh
82Libraryxxx/xxx_xxxxxxx.xprädiktivHigh
83Libraryxxx/xxxxxxxxxxx.xprädiktivHigh
84Libraryxxx/xxxxxxxx.xprädiktivHigh
85Libraryxxxxxxxxxxxx.xxxprädiktivHigh
86Libraryxxxxxxxx.xxxprädiktivMedium
87Libraryxxxx-xxxxxx.xxxprädiktivHigh
88ArgumentxxxxxxprädiktivLow
89ArgumentxxxxprädiktivLow
90ArgumentxxxxxxxxxxxxxxxxprädiktivHigh
91ArgumentxxxprädiktivLow
92ArgumentxxxprädiktivLow
93ArgumentxxxxxxprädiktivLow
94ArgumentxxxxxxxprädiktivLow
95Argumentxxxxxxx_xxxxprädiktivMedium
96ArgumentxxxxprädiktivLow
97Argumentxxxxxxxx/xxxxxxprädiktivHigh
98ArgumentxxxxxxxprädiktivLow
99Argumentxx/xxx/xxxxxprädiktivMedium
100ArgumentxxxxxprädiktivLow
101ArgumentxxxxxprädiktivLow
102Argumentxxx_xxxxxxxprädiktivMedium
103ArgumentxxxxxxxxprädiktivMedium
104ArgumentxxxxxxxxxprädiktivMedium
105Argumentxxxxxxx_xxxxx_xxxxxxprädiktivHigh
106ArgumentxxxxxxxprädiktivLow
107ArgumentxxxxxprädiktivLow
108ArgumentxxxxxxxxxprädiktivMedium
109ArgumentxxxxprädiktivLow
110ArgumentxxxxxxxxprädiktivMedium
111Argumentxx_xxxxxprädiktivMedium
112Argumentxxx_xx_xxx_xxxxprädiktivHigh
113Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxprädiktivHigh
ZurückÜbersichtWeiter

Do you need the next level of professionalism?

Upgrade your account now!