Settore Finance

Timeframe: -28 days

Default Categories (81): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Banking Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Data Loss Prevention Software, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Linux360
Microsoft140
Oracle62
Google54
Not Defined36

Prodotto

Linux Kernel360
Microsoft Windows92
Microsoft SQL Server34
Microsoft OLE DB Driver30
Juniper Junos OS26

Contromisure

Official Fix796
Temporary Fix0
Workaround0
Unavailable0
Not Defined152

Sfruttabilità

High12
Functional0
Proof-of-Concept30
Unproven122
Not Defined784

Accesso al vettore

Not Defined0
Physical8
Local146
Adjacent398
Network396

Autenticazione

Not Defined0
High92
Low590
None266

Interazione dell'utente

Not Defined0
Required158
None790

C3BM Index

CVSSv3 Base

≤10
≤20
≤320
≤498
≤5194
≤6286
≤7112
≤8178
≤958
≤102

CVSSv3 Temp

≤10
≤20
≤322
≤4106
≤5194
≤6338
≤7124
≤8144
≤918
≤102

VulDB

≤10
≤22
≤326
≤4114
≤5192
≤6274
≤7114
≤8172
≤950
≤104

NVD

≤1948
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1676
≤22
≤38
≤46
≤552
≤670
≤724
≤872
≤932
≤106

Fornitore

≤1818
≤20
≤30
≤40
≤52
≤612
≤726
≤848
≤942
≤100

Exploiter 0 giorni

<1k28
<2k200
<5k30
<10k386
<25k164
<50k116
<100k24
≥100k0

Exploiter aujourd'hui

<1k314
<2k242
<5k176
<10k124
<25k88
<50k4
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en694
ja108
de60
ru32
fr28

Nazione

us226
jp124
gb100
de82
fr40

Attori

RedLine Stealer4
Sandworm3
Mirai2
Sliver2
Bashlite1

Attività

Interesse

Sequenza temporale

Genere

Operating System94
Web Browser20
Firewall Software18
Cloud Software16
Application Server Software14

Fornitore

Linux78
Oracle26
Not Defined22
Microsoft20
Google14

Prodotto

Linux Kernel78
Microsoft Windows12
Google Chrome10
SourceCodester Online Library System8
Microsoft Edge8

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service denial of service6.55.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.10CVE-2024-4292
2Nagios XI Dashlet Privilege Escalation6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000000.91CVE-2024-33775
3Google Chrome Picture In Picture buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.80CVE-2024-4331
4PHPGurukul Doctor Appointment Management System view-appointment-detail.php escalazione di privilegi6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.77CVE-2024-4294
5PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.66CVE-2024-4293
6Apache ActiveMQ Jolokia/REST API autenticazione debole7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.52CVE-2024-32114
7The R Project RDS escalazione di privilegi7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.66CVE-2024-27322
8QNAP QTS/QuTS hero/QuTScloud escalazione di privilegi9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.59CVE-2024-32766
9Apollo Router escalazione di privilegi8.58.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.44-CVE-2024-32971
10Google Chrome ANGLE escalazione di privilegi6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.39CVE-2024-4058
11Google Chrome Dawn buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.36CVE-2024-4368
12ejs vulnerabilità sconosciuta3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.31CVE-2024-33883
13SonicWall GMS Policy XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.32CVE-2024-29010
14Xiamen Four-Faith RMP Router Management Platform sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.30CVE-2024-3688
15cym1102 nginxWebUI upload escalazione di privilegi6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000460.33CVE-2024-3739
16iboss Secure Web Gateway Login Portal login cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.37CVE-2024-3378
17Netgear DG834Gv5 Web Management Interface crittografia debole2.72.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000450.34CVE-2024-4235
18Google Chrome GPU Process rivelazione di un 'informazione4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000450.28CVE-2024-3157
19Microsoft Windows SmartScreen Prompt escalazione di privilegi8.88.2$25k-$100k$5k-$25kHighOfficial Fix0.008750.28CVE-2024-29988
20PuTTY ECDSA Nonce Generation rivelazione di un 'informazione3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.31CVE-2024-31497

IOC - Indicator of Compromise (27)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
12.57.122.0/24MiraipredictiveAlto
214.161.30.0/24MiraipredictiveAlto
318.159.45.0/24FakeMBAMpredictiveAlto
4XX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
5XX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
6XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
7XX.XXX.XX.X/XXXxxxxx XxxxxxxpredictiveAlto
8XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
9XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
10XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
11XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
12XX.XXX.XXX.X/XXXxxxxxxxxxxpredictiveAlto
13XX.XXX.XX.X/XXXxxxxxxxxxxxxxxxx XxxpredictiveAlto
14XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
15XXX.XXX.XX.X/XXXxxxxpredictiveAlto
16XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
17XXX.XX.XXX.X/XXXxxxxxxx XxxpredictiveAlto
18XXX.XX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
19XXX.XX.XXX.X/XXXxxxxx XxxpredictiveAlto
20XXX.XX.XX.X/XXXxxxxpredictiveAlto
21XXX.XX.XXX.X/XXXxxxxxxxx XxxxxxpredictiveAlto
22XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
23XXX.XXX.XX.X/XXXxxxxxxpredictiveAlto
24XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
25XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
26XXX.X.XX.X/XXXxxxxxxxxxpredictiveAlto
27XXX.XXX.XX.X/XXXxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-25, CWE-35Path TraversalpredictiveAlto
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveAlto
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
5T1068CAPEC-122CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveAlto
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
10TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
12TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-37CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
15TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
16TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
17TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveAlto
18TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
19TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
20TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
21TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (128)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/adminPage/conf/reloadpredictiveAlto
2File/adminPage/conf/saveCmdpredictiveAlto
3File/adminPage/main/uploadpredictiveAlto
4File/adminPage/www/addOverpredictiveAlto
5File/CMD0/xml_modes.xmlpredictiveAlto
6File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveAlto
7File/doctor/view-appointment-detail.phppredictiveAlto
8File/drivers/tty/serial/serial_core.cpredictiveAlto
9File/loginpredictiveBasso
10File/proc/scsi/${proc_name}predictiveAlto
11File/Public/webuploader/0.1.5/server/fileupload.phppredictiveAlto
12File/Public/webuploader/0.1.5/server/fileupload2.phppredictiveAlto
13File/sys/bus/i2c/devices/i2c-2/new_devicepredictiveAlto
14File/sys/kernel/notespredictiveAlto
15File/u/:username/activity/reactionspredictiveAlto
16File/webeditor/predictiveMedia
17Fileactivate_jet_details_form_handler.phppredictiveAlto
18Fileadd-vehicle.phppredictiveAlto
19Filexxxxx-xxxxxx-xxxx.xxxpredictiveAlto
20Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveAlto
21Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxpredictiveAlto
22Filexxxxx/xxxxx/xxxxx.xxxpredictiveAlto
23Filexxxxx/xxxxxxxx/xxxxx.xxxpredictiveAlto
24Filexxxxx/xxxxx.xxxpredictiveAlto
25Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveAlto
26Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictiveAlto
27Filexxxxxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxx.xxxpredictiveAlto
28Filexxxx_xxxxxx.xpredictiveAlto
29Filexxxx_xxxxxxx.xxpredictiveAlto
30Filexxxxxx/xxxxxx_xxxxxx.xpredictiveAlto
31Filexx_xxx.xpredictiveMedia
32Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xpredictiveAlto
33Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
34Filexxxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
35Filexxxxxxx/xxxxx/xxx-xxxxxxxxx/xxxxxxx.xpredictiveAlto
36Filexxxxxxx/xxx/xxxxxxxx/xxx/xx.xpredictiveAlto
37Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveAlto
38Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveAlto
39Filexxxxxxx/xxx/xxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
40Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveAlto
41Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
42Filexxxx.xpredictiveBasso
43Filexxxxxxxxx.xxxpredictiveAlto
44Filexx/xxxxxx.xpredictiveMedia
45Filexx/xxxx/xxxxxxx.xpredictiveAlto
46Filexx/xxxxx/xxxx.xpredictiveAlto
47Filexx/xxxxxx/xxx.xpredictiveAlto
48Filexxxxxxx.xxpredictiveMedia
49FilexxxxxpredictiveBasso
50Filexxxxx_xxxxxxpredictiveMedia
51Filexx/xxx/xxx_xx_xxx.xpredictiveAlto
52Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
53Filexxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
54Filexxxx/xxxx.xpredictiveMedia
55Filexxxxxx/xxx/xxxxxx.xpredictiveAlto
56Filexxxxxx/xxxx_xxxxx.xpredictiveAlto
57Filexxx.xpredictiveBasso
58Filexxxxxxxxxxxxx.xxxpredictiveAlto
59Filexxx.xpredictiveBasso
60Filexx/xxxx.xpredictiveMedia
61Filexx/xxxxxxxx.xpredictiveAlto
62Filexxxxxxx/xxxxx/xxxxxx/xxxxxx.xxxpredictiveAlto
63Filexxx/xxxxxx/xx_xxxxxxxxx_xxxxx.xpredictiveAlto
64Filexxx/xxxx/xxx.xpredictiveAlto
65Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveAlto
66Filexxxx.xpredictiveBasso
67Filexxxx.xxxpredictiveMedia
68Filexxx/xxxxxx.xpredictiveMedia
69Filexxxxx.xpredictiveBasso
70Filexxxxx.xpredictiveBasso
71Filexxx.xpredictiveBasso
72Filexxxxx_xxxx.xpredictiveMedia
73Filexxxx-xxxxxxx.xxxpredictiveAlto
74Filexxxx_xxxxxx.xxpredictiveAlto
75Filexxx.xpredictiveBasso
76Filexxxxxx-xxxxx.xxxpredictiveAlto
77Filexxxxxx_xxxxxxxx.xxxpredictiveAlto
78Filexxxx.xxxpredictiveMedia
79Libraryxxxxx-xx.xxpredictiveMedia
80Libraryxxxx.xxxpredictiveMedia
81Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveAlto
82Libraryxxx/xxxxxxxxxxxx.xpredictiveAlto
83Libraryxxx/xxxx_xxxxx.xpredictiveAlto
84Libraryxxx/xxxx_xxxxx.xpredictiveAlto
85Libraryxxx/xxxxxx.xpredictiveMedia
86Libraryxxx/xxxxxxxx.xpredictiveAlto
87Libraryxxx/xxx_xxxxxxx.xpredictiveAlto
88Libraryxxx/xxxxxxxxxxx.xpredictiveAlto
89Libraryxxx/xxxxxxxx.xpredictiveAlto
90Libraryxxxxxxxx.xxxpredictiveMedia
91Libraryxxxx-xxxxxx.xxxpredictiveAlto
92ArgumentxxxxxxpredictiveBasso
93ArgumentxxxxpredictiveBasso
94ArgumentxxxxpredictiveBasso
95ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
96Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveAlto
97ArgumentxxxxxxxxpredictiveMedia
98ArgumentxxxpredictiveBasso
99ArgumentxxxpredictiveBasso
100ArgumentxxxxxxpredictiveBasso
101ArgumentxxxxxxxpredictiveBasso
102Argumentxxxxxxx_xxxxpredictiveMedia
103ArgumentxxxxpredictiveBasso
104Argumentxxxxxxxx/xxxxxxpredictiveAlto
105Argumentxxx_xxxx/xx_xxx_xxxxpredictiveAlto
106ArgumentxxxxxxxpredictiveBasso
107ArgumentxxxxpredictiveBasso
108ArgumentxxpredictiveBasso
109Argumentxx/xxx/xxxxxpredictiveMedia
110ArgumentxxxxxpredictiveBasso
111Argumentxxx_xxpredictiveBasso
112Argumentxxx_xxxxxxxpredictiveMedia
113ArgumentxxxxxxxxpredictiveMedia
114ArgumentxxxxxxxxxpredictiveMedia
115Argumentxxxxxxx_xxxxx_xxxxxxpredictiveAlto
116ArgumentxxxxxxxpredictiveBasso
117ArgumentxxxxxpredictiveBasso
118ArgumentxxxxxxxxxxxpredictiveMedia
119ArgumentxxxxpredictiveBasso
120Argumentxxxx/xxxxxxxxpredictiveAlto
121Argumentxxxx_xxpredictiveBasso
122ArgumentxxxxxxxxpredictiveMedia
123Argumentxx_xxxxxpredictiveMedia
124Argumentxxxxxx xxxxxpredictiveMedia
125Argumentxxxx_xxxxxpredictiveMedia
126Argumentxxxx_xxxxpredictiveMedia
127Argumentxxx_xx_xxx_xxxxpredictiveAlto
128Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveAlto
PrecedenteVisione D'insiemeIl prossimo

Do you know our Splunk app?

Download it now for free!