Lorenz Analysisinfo

IOB - Indicator of Behavior (87)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en68
es8
ru6
ar2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

GitLab Community Edition22
GitLab Enterprise Edition22
Violation Comments to GitLab Plugin4
Linux Kernel4
Geoff Davies Contact Forms4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.021470.00CVE-2007-1192
2Oracle REST Data Services denial of service7.06.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.026070.00CVE-2023-24998
3Extreme EXOS memory corruption7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.002580.00CVE-2017-14328
4SentryHD privileges management5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00
5GitLab Community Edition/Enterprise Edition Bowser Cache information disclosure5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000790.00CVE-2018-18640
6Linux Kernel af_unix __unix_gc denial of service2.62.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2024-26750
7Linux Kernel af_unix __unix_gc null pointer dereference6.16.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2024-36972
8Samsung NPU Driver improper check or handling of exceptional conditions4.64.5$0-$5k$0-$5kHighOfficial Fix0.000690.00CVE-2022-22265
9Google Chrome V8 out-of-bounds write7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.002230.00CVE-2024-4761
10Linux Kernel spi_sync null pointer dereference5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2024-36930
11Oracle REST Data Services General information disclosure4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000540.00CVE-2020-14745
12Oracle REST Data Services information disclosure5.35.2$5k-$25k$0-$5kHighOfficial Fix0.472840.00CVE-2021-34429
13HP System Management Homepage Access Restriction memory corruption10.09.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.210360.03CVE-2011-1541
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002410.97CVE-2020-12440
15Teltonika Remote Management System/RUT os command injection8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000700.00CVE-2023-32350
16python-jwt authentication spoofing8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000880.03CVE-2022-39227
17OpenSSH Forward Option roaming_common.c roaming_write memory corruption8.17.6$25k-$100k$0-$5kUnprovenOfficial Fix0.002630.00CVE-2016-0778
18Technicolor TC7337NET Password cleartext transmission7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.012180.00CVE-2020-10376
19Nextcloud Password Policy weak encoding for password2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.00CVE-2022-35931
20Citrix XenServer path traversal8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.023400.00CVE-2018-14007

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • CVE-2022-29499

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (26)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileconfig.xmlpredictiveMedium
2Filecontact.phppredictiveMedium
3Filecontact_support.phppredictiveHigh
4Filedata/gbconfiguration.datpredictiveHigh
5Filexxxx.xxxpredictiveMedium
6Filexxx/xxxxxx.xxxpredictiveHigh
7Filexxxxx.xxxpredictiveMedium
8Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
9Filexxxxxx_xxxx_xxx_xxx.xxxpredictiveHigh
10Filexxx_xxxxx.xpredictiveMedium
11Filexxxxxxxx.xxxpredictiveMedium
12Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
13Filexxxxxxx_xxxxxx.xpredictiveHigh
14Filexxxx-xxxxxxxx.xxxpredictiveHigh
15Filexxx.xpredictiveLow
16Filexx-xxxxxxx/xxxxxxx/xxxx/xxpredictiveHigh
17ArgumentxxxxxxxxpredictiveMedium
18ArgumentxxxxxxxxxxxxxxpredictiveHigh
19Argumentxxxxxxx_xxpredictiveMedium
20ArgumentxxxxxxxpredictiveLow
21ArgumentxxxxpredictiveLow
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxxxxxxpredictiveMedium
24ArgumentxxxxpredictiveLow
25ArgumentxxxpredictiveLow
26Network PortxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!