Bisonal Analyse

IOB - Indicator of Behavior (16)

Zeitverlauf

Sprache

en12
zh2
it2

Land

Akteure

Aktivitäten

Interesse

Zeitverlauf

Typ

Hersteller

Produkt

Idera Travis CI2
Thomas R. Pasawicz HyperBook Guestbook2
Autoptimize Plugin2
Bitrix2
WordPress2

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1Bitrix Site Manager redirect.php erweiterte Rechte5.34.7$0-$5k$0-$5kUnprovenUnavailable0.030.00113CVE-2008-2052
2FLDS redir.php SQL Injection7.37.3$0-$5k$0-$5kHighUnavailable0.020.00203CVE-2008-5928
3Idera Travis CI Activation .travis.yml Information Disclosure2.62.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00152CVE-2021-41077
4Autoptimize Plugin Import erweiterte Rechte5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01096CVE-2021-24376
5Bitrix Upload from Local Disk Feature restore.php erweiterte Rechte6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00049CVE-2022-29268
6Bitrix Site Manager Vote Module Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00668CVE-2022-27228
7SSH Agent Plugin erweiterte Rechte3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2022-20620
8CodeIgniter Sendmail Email.php erweiterte Rechte8.58.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.04920CVE-2016-10131
9Atlassian Bitbucket Data Center Directory Traversal8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00441CVE-2019-3397
10furlongm openvpn-monitor Management Interface Socket erweiterte Rechte3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00120CVE-2021-31605
11VMware vCenter Server Analytics Service erweiterte Rechte8.68.5$5k-$25k$0-$5kFunctionalOfficial Fix0.020.97389CVE-2021-22005
12WordPress HTML Element general-template.php Cross Site Scripting4.44.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00094CVE-2017-17093
13Linux Kernel UDP Packet udp.c erweiterte Rechte8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.04837CVE-2016-10229
14Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Information Disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
15Tiki TikiWiki tiki-editpage.php erweiterte Rechte7.36.6$0-$5kWird berechnetProof-of-ConceptOfficial Fix0.050.01194CVE-2004-1386
16INFINICART browse_group.asp SQL Injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00262CVE-2006-5957

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1006CWE-22Path TraversalprädiktivHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
3TXXXXCWE-XXXxxxxxxx XxxxxxxxxprädiktivHigh
4TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxprädiktivHigh
5TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxprädiktivHigh
7TXXXXCWE-XXXxx XxxxxxxxxprädiktivHigh
8TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
9TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File.travis.ymlprädiktivMedium
2Filebrowse_group.aspprädiktivHigh
3Filedata/gbconfiguration.datprädiktivHigh
4Filexxxxx.xxxprädiktivMedium
5Filexxxxxxxx.xxxprädiktivMedium
6Filexxxxxxx.xxxprädiktivMedium
7Filexxxx-xxxxxxxx.xxxprädiktivHigh
8Filexxx.xprädiktivLow
9Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxprädiktivHigh
10Libraryxxxxxx/xxxxxxxxx/xxxxx.xxxprädiktivHigh
11Argumentxxxxx->xxxxprädiktivMedium
12ArgumentxxxxprädiktivLow
13ArgumentxxprädiktivLow
14ArgumentxxxxprädiktivLow
15ArgumentxxxxxprädiktivLow
16Network PortxxxprädiktivLow

Referenzen (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!