Sector Government

Timeframe: -28 days

Default Categories (63): Access Management Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Microsoft90
Not Defined64
Linux36
Google32
Apple18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows58
Linux Kernel36
Google Chrome32
Mozilla Firefox18
Apple macOS14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix328
Temporary Fix0
Workaround0
Unavailable2
Not Defined82

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High0
Functional8
Proof-of-Concept20
Unproven70
Not Defined314

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical6
Local92
Adjacent54
Network260

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High20
Low216
None176

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required154
None258

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤310
≤438
≤580
≤6100
≤7104
≤844
≤928
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤312
≤450
≤598
≤6146
≤744
≤846
≤912
≤104

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤324
≤448
≤596
≤666
≤7112
≤844
≤914
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤1408
≤20
≤30
≤42
≤50
≤62
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤1294
≤20
≤34
≤44
≤512
≤616
≤722
≤832
≤912
≤1016

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤1338
≤20
≤30
≤40
≤52
≤68
≤728
≤820
≤910
≤106

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k28
<2k86
<5k50
<10k94
<25k54
<50k80
<100k20
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k122
<2k82
<5k66
<10k58
<25k84
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en914
fr24
de22
ja22
pl6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

it298
us138
de30
fr30
jp26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Grizzly Steppe1
Dealply1
FritzFrog1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Policy Management Software18
Automation Software12
Cloud Software8
Web Browser8
Operating System6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

IBM10
Microsoft8
Aruba8
Google8
VISAM6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

IBM Security Guardium Key Lifecycle Manager10
Aruba ClearPass Policy Manager8
Google Chrome8
VISAM VBASE Automation Base6
Rapid7 InsightCloudSec6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Aruba ClearPass Policy Manager Web-based Management Interface access control8.58.5$10k-$25k$10k-$25kNot DefinedNot Defined0.89+0.00048CVE-2023-25589
2Google Chrome WebProtect use after free6.36.0$25k-$50k$10k-$25kNot DefinedOfficial Fix0.86+0.00000CVE-2023-1533
3Netgear Orbi Router RBR750 HTTP Request os command injection8.18.0$10k-$25k$10k-$25kNot DefinedNot Defined0.86+0.00000CVE-2022-37337
4Rapid7 InsightCloudSec Jinja Template getattr code injection5.55.0$1k-$2k$0-$1kProof-of-ConceptOfficial Fix0.86+0.00000CVE-2023-1304
5Rapid7 InsightCloudSec Box Object improper isolation or compartmentalization5.55.0$1k-$2k$0-$1kProof-of-ConceptOfficial Fix0.86+0.00000CVE-2023-1305
6Silicon Labs Wi-SUN Linux Border Router authorization7.77.7$1k-$2k$1k-$2kNot DefinedNot Defined0.86+0.00000CVE-2023-1262
7Aruba ClearPass Policy Manager Web-based Management Interface cross site scripting5.75.7$5k-$10k$5k-$10kNot DefinedNot Defined0.83+0.00047CVE-2023-25592
8Rockwell Automation ThinManager ThinServer ThinServer.exe path traversal9.89.8$2k-$5k$2k-$5kNot DefinedNot Defined0.83+0.00000CVE-2023-27855
9IBM Security Guardium Key Lifecycle Manager sql injection6.46.2$5k-$10k$2k-$5kNot DefinedOfficial Fix0.80+0.00000CVE-2023-25684
10Google Chrome ANGLE out-of-bounds4.34.1$25k-$50k$10k-$25kNot DefinedOfficial Fix0.77+0.00000CVE-2023-1534
11Rapid7 InsightCloudSec Jinja Template resource.db code injection6.35.7$1k-$2k$0-$1kProof-of-ConceptOfficial Fix0.77+0.00000CVE-2023-1306
12IBM Security Guardium Key Lifecycle Manager unrestricted upload2.72.6$5k-$10k$1k-$2kNot DefinedOfficial Fix0.77+0.00000CVE-2023-25923
13Netgear Orbi Router RBR750 Telnet Service backdoor7.27.1$10k-$25k$5k-$10kNot DefinedNot Defined0.80+0.00000CVE-2022-38452
14HPE Integrated Lights-Out 6 cross site scripting5.95.8$5k-$10k$1k-$2kNot DefinedOfficial Fix0.80+0.00000CVE-2023-28083
15Aruba ClearPass Policy Manager Web-based Management Interface information disclosure5.95.9$5k-$10k$5k-$10kNot DefinedNot Defined0.80+0.00047CVE-2023-25591
16Aruba ClearPass Policy Manager Web-based Management Interface cross site scripting5.75.7$5k-$10k$2k-$5kNot DefinedNot Defined0.80+0.00047CVE-2023-25593
17Google Chrome ANGLE use after free6.36.0$25k-$50k$10k-$25kNot DefinedOfficial Fix0.74+0.00000CVE-2023-1531
18Google Chrome PDF use after free6.36.0$25k-$50k$10k-$25kNot DefinedOfficial Fix0.74+0.00000CVE-2023-1530
19Aruba ClearPass Policy Manager Web-based Management Interface improper authorization6.36.3$5k-$10k$10k-$25kNot DefinedNot Defined0.77+0.00043CVE-2023-25594
20Aruba ClearPass Policy Manager information disclosure3.43.4$5k-$10k$2k-$5kNot DefinedNot Defined0.77+0.00043CVE-2023-25596

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorTypeConfidence
15.249.145.0/24Grizzly SteppepredictiveHigh
2XX.XXX.XXX.X/XXXxxxxxxxxpredictiveHigh
3XX.XXX.XXX.X/XXXxxxxxxpredictiveHigh
4XX.XX.XXX.X/XXXxxxxxxxpredictiveHigh
5XXX.XXX.XXX.X/XXXxxxxxxxxxpredictiveHigh
6XXX.XX.XXX.X/XXXxxxxpredictiveHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22, CWE-23, CWE-25Pathname TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94Cross Site ScriptingpredictiveHigh
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveHigh
17TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxx Xx Xxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (86)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ajax/update_certificatepredictiveHigh
2File/batm/app/admin/standalone/deploymentspredictiveHigh
3File/bookstore/bookPerPub.phppredictiveHigh
4File/cgi-bin/mainfunction.cgipredictiveHigh
5File/tmp/mulipartFilepredictiveHigh
6File/web/api/app/Controller/HostController.phppredictiveHigh
7File/web/index.phppredictiveHigh
8File/zm/index.phppredictiveHigh
9Filebugs.cpredictiveLow
10FileClasses/RestClient.cspredictiveHigh
11Fileconfig.xmlpredictiveMedium
12Filexxxxxxx/xxxxxxxxx/xxx_xxx.xpredictiveHigh
13Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxxxx.xpredictiveHigh
14Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxxx_xxxxxx.xpredictiveHigh
15Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxxxx/xx_xxxxxx.xpredictiveHigh
16Filexxxxxxx/xxx/xxx.xpredictiveHigh
17Filexxxxxxx/xxx/xxxxx/xxxx.xpredictiveHigh
18Filexxxxxxx/xxxx/xxx/xxx-xxxxxxxx.xpredictiveHigh
19Filexxxxxxx/xxx/xxxx/xxxx_xxxx.xpredictiveHigh
20Filexxxxxxx/xxx/xxx.xpredictiveHigh
21Filexxxxxxx/xxx/xxxx/xxxx-xxxx.xpredictiveHigh
22Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveHigh
23Filexx/xxxx/xxxxxxx.xpredictiveHigh
24Filexx/xx-xxxxxxxxx.xpredictiveHigh
25Filexx/xxxx/xxxxxx.xpredictiveHigh
26Filexx/xxxxx/xxxxxx.xpredictiveHigh
27Filexx/xxxxx/xxxxx.xpredictiveHigh
28Filexx/xxxxx/xxxxxx.xpredictiveHigh
29Filexx/xxxxx/xxx.xpredictiveHigh
30Filexx/xxx/xxxxx.xpredictiveHigh
31Filexxxxxx/xxxxxx/xxxxxxxxxx.xpredictiveHigh
32Filexxxxxx/xxxxx/xx.xpredictiveHigh
33Filexxx.xxxpredictiveLow
34Filexxxxxxxx/xxxxxxxx-x/xxxxxxxx/xxxxx_xxxxxx_xxxxxx/xxxxx_xxxxxx_xxxxxx.xpredictiveHigh
35Filexxxxxxxxxxxx.xxxpredictiveHigh
36Filexx/xxxxxx-xxxxx.xpredictiveHigh
37Filexxxxxxx_xxx.xxxpredictiveHigh
38Filexxx/xxxx/xx_xxxx.xpredictiveHigh
39Filexxx/xxx/xxxxxxx.xpredictiveHigh
40Filexxx/xxxx/xxxx.xpredictiveHigh
41Filexxx/xxx/xxx_xxxx.xpredictiveHigh
42Filexxx/xxx/xxx_xx.xpredictiveHigh
43Filexxxx.xxxpredictiveMedium
44Filexxx_xxxxx.xpredictiveMedium
45Filexxxxxxxxxx.xxxpredictiveHigh
46Filexxxxx/xxxx/xxxx/xxxx.xpredictiveHigh
47Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveHigh
48Filexxx/xxxx/xxxxx.xxxpredictiveHigh
49Filexxxxxx.xxxpredictiveMedium
50Libraryxxxxxx.xxxpredictiveMedium
51Libraryxxxxxx.xxxpredictiveMedium
52Libraryxxxxxxxxxxx.xxxpredictiveHigh
53Libraryxxxxxxxxx.xxxpredictiveHigh
54Libraryxxxxxxxxxxxxxx.xxxpredictiveHigh
55Libraryxxxxxxxx.xxxpredictiveMedium
56Libraryxxxx-xxxxxx.xxxpredictiveHigh
57Argumentxxxxx_xxxxxx_xxxxpredictiveHigh
58ArgumentxxxxpredictiveLow
59ArgumentxxxxpredictiveLow
60ArgumentxxxxxxxxpredictiveMedium
61ArgumentxxxxxxxpredictiveLow
62Argumentxxxx_xxxxx_xxx_xxxxx_xxxxxxxxpredictiveHigh
63Argumentxxx_xxx_xxxxx_xxx_xx_xxxxxpredictiveHigh
64Argumentxxxx_xxxx_xxxxxx_xxx_xxx_xxxxxxxpredictiveHigh
65Argumentxxxxxx[xxxxx][xxxxx][x][xxxx]predictiveHigh
66ArgumentxxxxxxxxxxxxxpredictiveHigh
67Argumentxxxxxxx__xxxpredictiveMedium
68ArgumentxxxxxxxxxxxxxxpredictiveHigh
69Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveHigh
70Argumentxxx_xxx_xxxpredictiveMedium
71Argumentxxxx_xxx_xxxx_xxxxpredictiveHigh
72Argumentxxxxxx_xxx_xxxx_xxxxpredictiveHigh
73ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
74Argumentxxxx-xxx-xxxxxxxxxpredictiveHigh
75ArgumentxxxxxxxxpredictiveMedium
76Argumentxx_xxxx_xxxxxx_xx_xxxxpredictiveHigh
77ArgumentxxxxxxpredictiveLow
78Argumentxxxx_xxxxpredictiveMedium
79ArgumentxxxxxxxxpredictiveMedium
80Argumentxxxxxxxxx_xxxpredictiveHigh
81Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveHigh
82ArgumentxxxxxxxxxxxxpredictiveMedium
83ArgumentxxxpredictiveLow
84ArgumentxxxxxxxxpredictiveMedium
85ArgumentxxxxpredictiveLow
86Input Value/../xxx/xxxxxxxxpredictiveHigh
PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!