Recent 01/12/2022

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Palo Alto Cortex XDR Agent4
Schneider Electric EcoStruxure Power Monitoring Ex ...4
Schneider Electric ConneXium Tofino Firewall4
SysAid ITIL4
Schneider Electric ConneXium Tofino OPCLSM2

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix32
Temporary Fix0
Workaround0
Unavailable0
Not Defined16

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High0
Functional0
Proof-of-Concept1
Unproven0
Not Defined47

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

CVSSv3 Base

≤10
≤20
≤31
≤45
≤57
≤68
≤714
≤86
≤97
≤100

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤32
≤44
≤57
≤612
≤713
≤84
≤96
≤100

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

Exploit 0-day

<1k12
<2k10
<5k23
<10k1
<25k2
<50k0
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k37
<2k8
<5k1
<10k2
<25k0
<50k0
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

CreatedBaseTempVulnerability0dayTodayExpRemCTICVE
20:553.13.0MartDevelopers iResturant Login cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-43436
20:543.53.5Unisys Clearpath MCP infinite loop$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-45445
20:533.53.4ChronoForums pathname traversal$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-28377
20:533.53.4ChronoForms pathname traversal$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-28376
20:508.38.1Palo Alto Cortex XDR Agent uncontrolled search path$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-0015
20:494.24.2Palo Alto Cortex XDR Agent Support File file information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-0013
20:485.75.6Palo Alto Cortex XDR Agent link following$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-0012
20:477.17.0Palo Alto Cortex XDR Agent untrusted search path$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-0014
20:416.35.7Sourcecodetester Printable Staff ID Card Creator System sql injection$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2021-45411
20:378.68.5IBM Planning Analytics/Planning Analytics Workspace DQM API access control$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-38892
19:356.36.0Zoho ManageEngine M365 Manager Plus Proxy Settings Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-44650
19:343.53.4Django CMS Error Message cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-44649
19:337.57.4crater unrestricted upload$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-4080
19:335.55.5GNOME gdk-pixbuf GIF File heap-based overflow$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-44648
19:316.36.0Zoho ManageEngine O365 Manager Plus ChangeDBAPI Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-44652
19:296.36.0Zoho ManageEngine CloudSecurityPlus updatePersonalizeSettings Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2021-44651
18:032.62.5Schneider Electric EcoStruxure Power Monitoring Expert Web Page Generation cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-22804
18:025.04.8Schneider Electric EcoStruxure Power Monitoring Expert input validation$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-22727
18:025.35.1Schneider Electric EcoStruxure Power Monitoring Expert lmadmin Tool denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2019-8963
18:004.34.1Schneider Electric EcoStruxure Power Monitoring Expert information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-22726
17:576.86.5Schneider Electric ConneXium Tofino Firewall USB Stick signature verification$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-30066
17:567.37.0Schneider Electric ConneXium Tofino Firewall ModBus Packet access control$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-30065
17:558.17.7Schneider Electric ConneXium Tofino Firewall SSH hard-coded credentials$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-30064
17:545.95.7Schneider Electric ConneXium Tofino OPCLSM OPC Enforcer denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2021-30063
17:535.04.8Schneider Electric ConneXium Tofino OPCLSM OPC Enforcer Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-30062
17:526.46.1Schneider Electric ConneXium Tofino Firewall USB Local Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-30061
17:498.88.4Schneider Electric Easergy P3 GOOSE buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-22725
17:488.88.4Schneider Electric Easergy P5 GOOSE buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-22723
17:467.57.2Schneider Electric Easergy P5 SSH hard-coded credentials$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-22722
17:438.68.5Schneider Electric Easergy T300 RTU pppd buffer overflow$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-8597
17:404.34.1Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server cross-site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-7534
17:397.57.2Schneider Electric Modicon M340 TCP resource consumption$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-22724
15:136.86.7growi authorization$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-3852
07:245.45.4orchardcore Web Page Generation cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-0159
07:245.75.6keystone Web Page Generation cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-0087
07:236.36.1Snipe-IT access control$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-0179
07:155.45.4TIBCO eFTL Server permission$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-43055
07:156.76.7TIBCO eFTL API Token permission$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-43054
07:146.96.9TIBCO FTL Realm Server information disclosure$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-43053
07:138.38.3TIBCO FTL Realm Server hard-coded credentials$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-43052
07:126.36.1SysAid ITIL enduserreg improper authentication$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-43974
07:116.36.1SysAid ITIL UploadPsIcon.jsp unrestricted upload$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-43973
07:106.36.1SysAid ITIL Parameter SelectUsers.jsp sql injection$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-43971
07:096.36.1SysAid ITIL Filesystem UserSelfServiceSettings.jsp access control$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-43972
07:057.27.0SpiceDB Wildcard Relationship intersection access control$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-21646
07:044.64.5Apache Guacamole SAML improper authentication$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2021-43999
07:025.55.5Apache Guacamole REST Response access control$5k-$25k$5k-$25kNot DefinedNot Defined0.07CVE-2021-41767
07:004.34.1Linux Kernel nf_tables_api.c nf_tables_newset null pointer dereference$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-46283

Do you know our Splunk app?

Download it now for free!