Sector Lawfirm

Timeframe: -28 days

Default Categories (75): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Artificial Intelligence Software, Asset Management Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chat Software, Cloud Software, Communications System, Connectivity Software, Content Management System, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Tablet Operating System, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Oracle230
Insteon94
Microsoft82
Not Defined74
Apple54

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Insteon Hub94
Microsoft Windows60
Google Android34
Oracle MySQL Server34
Linux Kernel22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix638
Temporary Fix0
Workaround0
Unavailable0
Not Defined194

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High0
Functional0
Proof-of-Concept18
Unproven80
Not Defined734

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical6
Local90
Adjacent88
Network648

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High66
Low394
None372

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required172
None660

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤312
≤466
≤5104
≤6134
≤7128
≤8182
≤962
≤10144

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤312
≤468
≤5108
≤6172
≤7114
≤8194
≤9112
≤1052

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤22
≤322
≤476
≤5104
≤6120
≤7140
≤8162
≤9152
≤1054

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤1676
≤20
≤30
≤44
≤52
≤610
≤722
≤86
≤916
≤1096

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤1540
≤20
≤32
≤42
≤510
≤630
≤732
≤880
≤9120
≤1016

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤1750
≤20
≤30
≤42
≤52
≤64
≤76
≤852
≤916
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k24
<2k132
<5k136
<10k128
<25k264
<50k48
<100k100
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k186
<2k182
<5k220
<10k96
<25k144
<50k4
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en680
ja196
de26
ru24
es16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

jp232
us142
cn68
in48
ru28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Mirai1
Hafnium1
Bouncing Golf1
TrickBot1
Grizzly Steppe1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Operating System42
Router Operating System32
Content Management System30
Database Software18
Web Browser18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Microsoft36
Not Defined34
Oracle26
Linux16
Juniper12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
Linux Kernel16
Juniper Junos OS10
Microsoft Edge10
Oracle Database Server6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft Edge denial of service3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix3.340.00000CVE-2023-21720
2Calendar Event Management System sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined3.380.00890CVE-2023-0675
3F5 BIG-IP iControl SOAP format string8.28.2$5k-$25k$5k-$25kNot DefinedNot Defined2.380.01086CVE-2023-22374
4DaSchTour matomo-mediawiki-extension Username Piwik.hooks.php cross site scripting2.62.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.610.00000CVE-2017-20175
5Calendar Event Management System Login Page sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined2.470.00954CVE-2023-0663
6tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.61-0.00000CVE-2015-10073
7VMware Workstation denial of service4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix1.280.00885CVE-2023-20854
8OpenBSD OpenSSH compat.c double free5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix1.370.00950CVE-2023-25136
9IBM WebSphere Application Server Sequence code injection9.08.8$25k-$100k$5k-$25kNot DefinedOfficial Fix1.100.01978CVE-2023-23477
10QNAP QuTS hero/QTS sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix1.100.01055CVE-2022-27596
11Apache HTTP Server mod_proxy_ajp request smuggling7.37.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.970.00885CVE-2022-36760
12eXo Chat Application Mention ExoChatMessageComposer.vue cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix2.75-0.00000CVE-2022-4902
13Cisco IOS IOx Application Hosting Environment command injection7.26.9$5k-$25k$5k-$25kNot DefinedOfficial Fix0.770.00000CVE-2023-20076
14Apache Sling App CMS cross site scripting3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix1.790.01404CVE-2023-22849
15Symantec Endpoint Protection Privilege Escalation6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.590.00885CVE-2022-25631
16Apache HTTP Server response splitting5.35.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.570.00885CVE-2022-37436
17SiteFusion Application Server Extension getextension.php path traversal3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.820.00950CVE-2016-15023
18Juniper Junos OS Routing Engine resource consumption7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.690.00885CVE-2023-22396
19Linux Kernel ksmbd auth.c ksmbd_decode_ntlmssp_auth_blob memory corruption7.56.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.040.00000CVE-2023-0210
20F5 BIG-IP Advanced WAF/BIG-IP ASM resource consumption7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.600.00885CVE-2023-23552

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorTypeConfidence
123.128.248.0/24MiraipredictiveHigh
2XX.XX.XX.X/XXXxxxxxxxpredictiveHigh
3XX.XX.XXX.X/XXXxxxxxxxpredictiveHigh
4XX.XXX.XXX.X/XXXxxxxxx XxxxxxpredictiveHigh
5XXX.XXX.XXX.X/XXXxxxxpredictiveHigh
6XXX.XXX.XXX.X/XXXxxxxx XxxpredictiveHigh
7XXX.XXX.XXX.X/XXXxxxxxxpredictiveHigh
8XXX.XXX.XX.X/XXXxxxxxx XxxxxxpredictiveHigh
9XXX.XXX.XXX.X/XXXxxxxxpredictiveHigh
10XXX.X.XXX.X/XXXxxxxxxx XxxxpredictiveHigh

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22, CWE-23, CWE-35Pathname TraversalpredictiveHigh
2T1040CWE-294, CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHigh
4T1059.007CWE-79Cross Site ScriptingpredictiveHigh
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (87)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/v1/registration/validateEmailpredictiveHigh
2File/apply.cgipredictiveMedium
3File/CPEpredictiveLow
4File/file_manage_view.php?fmdo=edit&filenamepredictiveHigh
5File/index.phppredictiveMedium
6File/list.phppredictiveMedium
7File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveHigh
8File/permissions/delete/2---predictiveHigh
9File/Services/Misc.asmx/SearchTagpredictiveHigh
10File/setnetworksettings/IPAddresspredictiveHigh
11File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
12File/xxxx-xxxxxxxx.xxxpredictiveHigh
13File/xxxx/xxx/xxxxxxxxxxxpredictiveHigh
14File/xxxxx/xxxxxx/xpredictiveHigh
15Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
16Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxxxxxxx/xxx/xxxx/xxxxxx/xxx-xxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
19Filexxxx.xpredictiveLow
20Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
21Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
22Filexxxxxx.xpredictiveMedium
23Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
24Filexxxxxx.xpredictiveMedium
25Filexxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxxxx.xxxxpredictiveHigh
27Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveHigh
28Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHigh
29Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveHigh
30Filexx/xxxxx/xxxxxx.xpredictiveHigh
31Filexxxxxxxxxxxx.xxxpredictiveHigh
32Filexxxx.xxxpredictiveMedium
33Filexxx_xxx.xpredictiveMedium
34Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
35Filexxxxxxxxxxxxxx.xxxpredictiveHigh
36Filexxx/xxxxx.xxxpredictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexx_xxxxx/xxxxxxxxx.xpredictiveHigh
39Filexx_xxxxx/xxxx.xpredictiveHigh
40Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
41Filexxxxxxxxxxx/xxxxxx.xpredictiveHigh
42Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
43Filexxx.xxxpredictiveLow
44Filexxx/xxxx/xxx.xpredictiveHigh
45Filexxx/xxxxx/xxx_xxx.xpredictiveHigh
46Filexxx/xxxxx/xxx_xxx.xpredictiveHigh
47Filexxx/xxxxx/xxx_xxx.xpredictiveHigh
48Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
49Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
51Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
52Filexxxxx.xxxxx.xxxpredictiveHigh
53Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxx/xxxx.xxpredictiveHigh
55Filexxxxxxxx.xxxxpredictiveHigh
56Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
57Filexxxxxxxxxxxxx.xxxxpredictiveHigh
58FilexxxxxxxxxxxxxxxxxxxxpredictiveHigh
59Filexxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxxxxxx_xxxx_xxxxxxxxx.xxxpredictiveHigh
61Filexxxxx/xxxxxxxx.xpredictiveHigh
62Filexxxxxxxxxx.xxxxpredictiveHigh
63Filexxxxxxx.xxxx.xxxpredictiveHigh
64File\xxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
65File\xxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
66Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveHigh
67Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHigh
68Argumentxxxxxx-xxxxxxxxpredictiveHigh
69ArgumentxxxpredictiveLow
70ArgumentxxxxxxxpredictiveLow
71Argumentxxxxxxxx xxpredictiveMedium
72ArgumentxxxpredictiveLow
73ArgumentxxpredictiveLow
74Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveHigh
75ArgumentxxxxpredictiveLow
76Argumentxxxx/xxxpredictiveMedium
77Argumentxx_xxxpredictiveLow
78Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveHigh
79ArgumentxxxxxxxxxxpredictiveMedium
80ArgumentxxxxxxxpredictiveLow
81Argumentxxxxx/xxxpredictiveMedium
82ArgumentxxxxxxxpredictiveLow
83Argumentxxxxxxx_xxxpredictiveMedium
84ArgumentxxxxpredictiveLow
85Argumentxxxx-xxxxxpredictiveMedium
86ArgumentxxxxxxxxpredictiveMedium
87Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!