BistroMath Analyse

IOB - Indicator of Behavior (214)

Zeitverlauf

Sprache

en162
de40
fr4
ja4
es2

Land

gb132
us44
ch26
de6
fr2

Akteure

Aktivitäten

Interesse

Zeitverlauf

Typ

Hersteller

Produkt

Microsoft Windows8
Microsoft Office6
NetScout nGeniusPULSE6
phpMyAdmin6
PHP4

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1nginx erweiterte Rechte6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
2Abacus ERP Multi Factor Authentication schwache Authentisierung7.27.0$0-$5kWird berechnetNot DefinedOfficial Fix0.000.00266CVE-2022-1065
3Microsoft IIS Cross Site Scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
4Microsoft Windows Win32k Privilege Escalation7.26.5$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.00137CVE-2022-21882
5Apache OFBiz Exception Information Disclosure6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00142CVE-2021-25958
6BlackBer Protect Message Broker Privilege Escalation5.55.5$0-$5k$0-$5kNot DefinedUnavailable0.000.00044CVE-2021-32023
7Oracle WebLogic Server Core Remote Code Execution9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.00137CVE-2023-22069
8Spring Framework JSONP Cross-Domain erweiterte Rechte5.75.6$0-$5kWird berechnetNot DefinedOfficial Fix0.030.00264CVE-2018-11040
9ownCloud graphapi GetPhpInfo.php Information Disclosure7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.89250CVE-2023-49103
10Esri ArcGIS Server SQL Injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00123CVE-2021-29114
11Moment.js Directory Traversal6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00330CVE-2022-24785
12Rapid4 RapidFlows Enterprise Application Builder GetFile.aspx Directory Traversal6.46.4$0-$5kWird berechnetNot DefinedNot Defined0.020.00071CVE-2019-11397
13Apache CXF MTOM Request XOP:Include erweiterte Rechte7.67.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.02850CVE-2022-46364
14HCL Domino Server MIME Message Pufferüberlauf9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00491CVE-2020-14244
15sitepress-multilingual-cms Plugin class-wp-installer.php Cross Site Request Forgery6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00427CVE-2020-10568
16Dropbear SSH erweiterte Rechte8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.02911CVE-2016-7406
17Atlassian JIRA Server/Data Center Email Template Privilege Escalation4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00181CVE-2021-43947
18Matrix libolm Session Object olm_session_describe Pufferüberlauf6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00685CVE-2021-44538
19Apache Tomcat UTF-8 Decoder Denial of Service6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01830CVE-2018-1336
20polkit pkexec erweiterte Rechte8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.030.00046CVE-2021-4034

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (41)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/app/register.phpprädiktivHigh
2File/etc/cron.d/prädiktivMedium
3File/rom-0prädiktivLow
4File/uncpath/prädiktivMedium
5File/usr/bin/pkexecprädiktivHigh
6Filexxxxx/xxxxx.xxxprädiktivHigh
7Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxprädiktivHigh
8Filexxx.xxxprädiktivLow
9Filexxxxxx.xxxprädiktivMedium
10Filexxx/xxxx/xxx_xxxx.xprädiktivHigh
11Filexxxxxxx.xxxxprädiktivMedium
12Filexxxxxxxxxx.xxxprädiktivHigh
13Filexxxxxxx.xxxprädiktivMedium
14Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxprädiktivHigh
15Filexxxxx.xxxprädiktivMedium
16Filexxxxx/xxxxxxxx.xprädiktivHigh
17Filexxxxxxxxx/xxxxxx.xxxxx.xxxprädiktivHigh
18Filexxxxxxxx/xxxx?xxxxxx=xxprädiktivHigh
19Filexxxxx.xxxprädiktivMedium
20Filexxxxxx.xxxprädiktivMedium
21Filexxx.xxxxxprädiktivMedium
22Filexxxx-xxxxx.xxxprädiktivHigh
23Filexxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
24Filexxxxxxxx/prädiktivMedium
25File~/xxxxxxxxxxxxx.xxxprädiktivHigh
26ArgumentxxprädiktivLow
27ArgumentxxxxxprädiktivLow
28ArgumentxxprädiktivLow
29ArgumentxxxxxxxxprädiktivMedium
30ArgumentxxxxxprädiktivLow
31ArgumentxxxxprädiktivLow
32ArgumentxxxxprädiktivLow
33ArgumentxxxxxxxxxxxprädiktivMedium
34Argumentx_xxxxprädiktivLow
35Argumentxxxxxx_xxxprädiktivMedium
36ArgumentxxxxxxxxprädiktivMedium
37ArgumentxxxxxprädiktivLow
38Argumentxxxxx/xxxxxprädiktivMedium
39ArgumentxxxxxxprädiktivLow
40Argumentxxxxxxxx/xxxxprädiktivHigh
41Network Portxxx xxxxxx xxxxprädiktivHigh

Referenzen (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!