Unrecom Analysis

IOB - Indicator of Behavior (21)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us12
gb6
th4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OpenLDAP4
Yahoo! YUI2
KeePass2
Squid Proxy2
nginx2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1OpenLDAP LDAP Authentication krbv4_ldap_auth memory corruption7.36.9$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.090.07687CVE-2006-6493
2KeePass untrusted search path8.48.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2010-5200
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
4Intel NUC M15 Laptop Kit Keyboard LED Service Driver Pack Installer unquoted search path7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2021-33095
5MongoDB Query Subsystem exceptional condition5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2020-7923
6Zscaler Client Connector RPC privileges management6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01036CVE-2020-11635
7Yahoo! YUI cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01213CVE-2010-4710
8phpMyAdmin Import cross site scripting4.84.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01018CVE-2018-15605
9Opentext Document Sciences xPression XPressoDoc cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2017-14755
10nginx Error Page request smuggling6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.01537CVE-2019-20372
11OpenLDAP slapd privileges management2.92.8$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00950CVE-2002-1508
12Squid Proxy HTTP Header information disclosure6.66.6$5k-$25k$5k-$25kNot DefinedNot Defined0.000.01537CVE-2019-12529
13NfSen os command injection8.67.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.060.01055CVE-2017-7175
14Nagios XI Web Interface command injection8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.60894CVE-2019-15949
15Microsoft .NET Framework Code Access Security cryptographic issues9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.040.06118CVE-2008-5100
16KeePass Database information disclosure5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2017-1000066
17IBM Maximo Asset Management CSV injection8.48.4$5k-$25k$5k-$25kNot DefinedNot Defined0.020.01061CVE-2019-4364
18Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00000

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1055CWE-74InjectionpredictiveHigh
2T1059.007CWE-79Cross Site ScriptingpredictiveHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
6TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/xAdmin/html/XPressoDocpredictiveHigh
2Filedata/gbconfiguration.datpredictiveHigh
3Filexxxx.xxxpredictiveMedium
4Filexxxxxxx.xxx?xxx=xxxxxxxxpredictiveHigh
5ArgumentxxxxxxxxxxpredictiveMedium
6ArgumentxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!