Panda Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en329
zh25
de4
es2
pl1

Country

us281
cn61
ir9
gb2
ch2

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-43943
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.88CVE-2010-0966
3Citrix Gateway request smuggling7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2020-10111
4vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.12CVE-2015-1419
5OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.41CVE-2016-6210
6Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.12CVE-2017-0055
7SmarterTools SmarterMail path traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-7213
8Joomla CMS sql injection7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.00CVE-2013-1453
9Microsoft Windows Hyper-V input validation8.48.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2019-0620
10Thomson Reuters Desktop Extensions Service Port 6677 ThomsonReuters.Desktop.Service.exe path traversal9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-8385
11SpringBlade DAO/DTO list sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2020-16165
12Microsoft Azure Sphere information disclosure3.33.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2021-26428
13AnyShare Cloud path traversal4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-8996
14Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
15JForum Login input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2012-5338
16Apache HTTP Server mod_proxy_uwsgi buffer overflow8.58.5$25k-$100k$25k-$100kNot DefinedNot Defined0.05CVE-2020-11984
17Microsoft Windows DNS Service input validation10.09.5$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2011-1966
18Dell EMC iDRAC9 path traversal6.76.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-5366
19Oracle Database Server XML Parser privileges management8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2013-3751
20Oracle Database Server Core RDBMS unknown vulnerability6.86.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2014-2408

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
3TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (118)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/adduserspredictiveHigh
2File/api/blade-log/api/listpredictiveHigh
3File/cgi-bin/editBookmarkpredictiveHigh
4File/cgi-bin/system_mgr.cgipredictiveHigh
5File/client/api/json/v2/nfareports/compareReportpredictiveHigh
6File/etc/services/DEVICE.TIME.phppredictiveHigh
7File/horde/imp/search.phppredictiveHigh
8File/index.phppredictiveMedium
9File/netflow/jspui/selectDevice.jsppredictiveHigh
10File/public/login.htmpredictiveHigh
11File/public/login.htm?errormsg=&loginurl=%22%3E%3Csvg%20onload=prompt%28/XSS/%29%3EpredictiveHigh
12File/reports/rwservletpredictiveHigh
13File/SASWebReportStudio/logonAndRender.dopredictiveHigh
14File/xxxxxx.xxx?xxxxxxxxxx=%xx%xx%xxxxx%xxxxxxxx=xxxxxx%xx/xxx/%xx%xxpredictiveHigh
15File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
16File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
17File/xxx_xxxxxxx.xxxpredictiveHigh
18File/xxxpredictiveLow
19File/xxx/xxx/.xxxpredictiveHigh
20File/xxxxxxx/predictiveMedium
21File/xx/xxxxxxx/xxxx-xxxx-xxxxxx-xxx-xxxxpredictiveHigh
22File/xxxxxxxxxx_xxxxxxx.xxxpredictiveHigh
23Filexxxxxxx.xxxpredictiveMedium
24Filexxx_xxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
26Filexxxx/xxxxxxx.xxxpredictiveHigh
27Filexxxxx_xxxxxx.xxxpredictiveHigh
28Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
29Filexxx_xxxx/xxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
30Filexxxxxxx.xxpredictiveMedium
31Filexxxxxxxx_xxxxxxx.xxxpredictiveHigh
32Filexxx-xxx/xxxxxxxxxx.xxpredictiveHigh
33Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
34Filexxx\xxxxxxxx\xxxxx\xxxxxx\xxx\xxxxxxxxxx.xxxxpredictiveHigh
35Filexxxxxxxxxx.xxxpredictiveHigh
36Filexxxxxx/xx_xxx.xpredictiveHigh
37Filexxxxxx/xxxxxxx.xxpredictiveHigh
38Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
39Filexxx_xxxxxx_xxxx_xxxxxx.xpredictiveHigh
40Filexx_xxxxxxx.xxxpredictiveHigh
41Filexx_xxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
43Filexxxxx_xxxxxxxx.xxxpredictiveHigh
44Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxx/xxxxxx.xxxpredictiveHigh
46Filexxxxx.xxxpredictiveMedium
47Filexxxxx.xxxxpredictiveMedium
48Filexxxxx.xxxpredictiveMedium
49Filexxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxx/predictiveHigh
50Filexxxxxxxxxxx/xxxxxxxxxxx.xpredictiveHigh
51Filexxxxx.xxxpredictiveMedium
52Filexxxxxxxx.xxxpredictiveMedium
53Filexxx_xxxxx.xxxpredictiveHigh
54Filexxx/xxx/xxx.xpredictiveHigh
55Filexxxx.xxxpredictiveMedium
56Filexxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxxxxxx.xxpredictiveHigh
58Filexxxxx-xxx.xpredictiveMedium
59Filexxxxxxx.xxx?xxxxx=xxx_xxxxxxxxpredictiveHigh
60Filexxxxx.xxxpredictiveMedium
61Filexxxx-xxxxxxx-xxx.xxpredictiveHigh
62Filexxxx.xxxpredictiveMedium
63Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
64Filexxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
65Filexxxx.xxxpredictiveMedium
66Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
67Filexxxxxx.xxxpredictiveMedium
68Filexxx/xxxxx/xxxxx/xxxxx.xxxpredictiveHigh
69Filexxx_xxxxxxx.xxxpredictiveHigh
70Filexxxxxxxxxxxxxx.xxxxxxx.xxxxxxx.xxxpredictiveHigh
71Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveHigh
72Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
73Libraryxxxxxx.xxxpredictiveMedium
74Argument$xxxxxxpredictiveLow
75ArgumentxxxxpredictiveLow
76Argumentxxx_xxxpredictiveLow
77Argumentxxx/xxxxpredictiveMedium
78Argumentxxxx_xxxx_xxpredictiveMedium
79ArgumentxxxxxxxxpredictiveMedium
80ArgumentxxpredictiveLow
81Argumentxxx_xxpredictiveLow
82ArgumentxxxxxxpredictiveLow
83ArgumentxxxxxxpredictiveLow
84ArgumentxxxxxxxxpredictiveMedium
85Argumentxxxxxxxxx->xxxxxxxxxpredictiveHigh
86ArgumentxxxxpredictiveLow
87ArgumentxxxxxxxpredictiveLow
88ArgumentxxxxxxxxpredictiveMedium
89ArgumentxxxxxxxxpredictiveMedium
90Argumentxxxxxxxxxx_xxxx_xxxxxxpredictiveHigh
91ArgumentxxxxpredictiveLow
92ArgumentxxxxxxxxxpredictiveMedium
93Argumentxxxx_xxxxxxpredictiveMedium
94ArgumentxxpredictiveLow
95ArgumentxxxpredictiveLow
96ArgumentxxxxxpredictiveLow
97Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
98Argumentxxxxxx/xxxxxxx/xxxx_xxxx/xxxxxxx/xxxxpredictiveHigh
99ArgumentxxxxxxxxxxxpredictiveMedium
100Argumentxxx_xxxxxxxpredictiveMedium
101Argumentxxxxxx xxxxxxpredictiveHigh
102ArgumentxxxxxxxxxxxpredictiveMedium
103Argumentxxxxx/xxxxxpredictiveMedium
104ArgumentxxxxxxxxpredictiveMedium
105Argumentxxxxx_xxxx_xxxxpredictiveHigh
106ArgumentxxxxxxxxxpredictiveMedium
107ArgumentxxxxxxxxxxpredictiveMedium
108ArgumentxxpredictiveLow
109Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictiveHigh
110Argumentxxxxxx/xxxxxpredictiveMedium
111ArgumentxxxxpredictiveLow
112ArgumentxxxxxxxpredictiveLow
113Argumentx-xxxxxxxxx-xxxpredictiveHigh
114Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
115Input Value/xxx/xxxxxxpredictiveMedium
116Input Value/xxx/xxxxxxpredictiveMedium
117Input ValuexxxxxxpredictiveLow
118Input Value…/.predictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!