Hermes 2.1 Analysisinfo

IOB - Indicator of Behavior (39)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en36
ru2
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Master Addons Plugin2
Auth0 Plugin2
Mozilla Firefox2
D-Link DIR-619L2
Pleasanter Community Edition2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Mozilla Firefox Random Number Generator Math.random cryptographic issues6.56.2$5k-$25k$0-$5kProof-of-ConceptNot Defined0.020530.04CVE-2010-3171
2OpenMage Magento Design Header cross site scripting3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.03CVE-2024-41676
3Hitachi Vantara Pentaho Data Integration & Analytics Search insufficiently protected credentials6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.04CVE-2024-28981
4randombit botan X.509 Certificate amplification7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.03CVE-2024-34703
5Microsoft Windows SMBv3 SMBGhost input validation10.09.8$25k-$100k$0-$5kHighOfficial Fix0.973890.00CVE-2020-0796
6Master Addons Plugin Template authorization5.95.8$0-$5k$0-$5kNot DefinedNot Defined0.000460.00CVE-2024-5382
7Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.08CVE-2005-4222
8nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.10CVE-2020-12440
9ThemeNectar Salient Core Plugin Shortcode nectar_icon filename control6.26.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.04CVE-2024-3812
10D-Link DIR-619L formWPS denial of service5.45.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.04CVE-2024-33771
11HDF5 H5HG_read heap-based overflow7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.000000.04CVE-2024-29157
12Allegro AI ClearML Fileserver direct request8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002010.00CVE-2024-24592
13HP Router/Switch SNMP information disclosure3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.002850.04CVE-2012-3268
14Wireshark Kafka Protocol Dissector memory leak4.64.6$0-$5k$0-$5kNot DefinedNot Defined0.001260.08CVE-2022-4344
15Apache Tomcat Application Listener access control8.28.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.003560.06CVE-2017-5648
16Microsoft Windows Kernel Privilege Escalation8.17.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.000660.00CVE-2023-35359
17Amministrazione Trasparente Plugin at_save_aturl_meta cross-site request forgery5.85.8$0-$5k$0-$5kNot DefinedNot Defined0.001460.00CVE-2021-4398
18MediaTek MT6879/MT6895/MT6983/MT8195 apu out-of-bounds write5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.03CVE-2023-20760
19Pleasanter Community Edition/Enterprise Edition path traversal6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001400.00CVE-2023-32608
20Apple Mac OS X memory corruption7.36.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.006570.00CVE-2008-0048

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
147.254.202.63Hermes 2.107/24/2018verifiedLow
2XXX.XXX.XXX.XXXxxxx-xx-x-xxx-xxxx.xxxXxxxxx X.x07/24/2018verifiedLow

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/etc/tomcat8/Catalina/attackpredictiveHigh
2File/mgmt/tm/util/bashpredictiveHigh
3Filexxx/xxxxxxxx/xxxxxxpredictiveHigh
4Filexxxxxx/xxxxxxxpredictiveHigh
5Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
6Filexxxxxxxxx.xxxpredictiveHigh
7Filexxxxx.xxxpredictiveMedium
8Filexxxxxxxxx.xxxpredictiveHigh
9Filexxxx.xxxpredictiveMedium
10ArgumentxxxpredictiveLow
11ArgumentxxxxxxpredictiveLow
12ArgumentxxxxxxxpredictiveLow
13Network Portxxx/xxxpredictiveLow
14Network Portxxx/xxx (xxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!