Sektor Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Zeitverlauf

Hersteller

Linux304
Google88
Microsoft66
Foxit58
Cisco34

Produkt

Linux Kernel304
Google Android72
Foxit PDF Reader58
Microsoft Windows40
Cisco IOS XE18

Massnahmen

Official Fix712
Temporary Fix0
Workaround4
Unavailable0
Not Defined110

Ausnutzbarkeit

High0
Functional0
Proof-of-Concept28
Unproven52
Not Defined746

Zugriffsart

Not Defined0
Physical4
Local144
Adjacent342
Network336

Authentisierung

Not Defined0
High22
Low546
None258

Benutzeraktivität

Not Defined0
Required186
None640

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤4100
≤5188
≤6276
≤7140
≤860
≤934
≤1012

CVSSv3 Temp

≤10
≤20
≤316
≤4104
≤5192
≤6362
≤772
≤858
≤910
≤1012

VulDB

≤10
≤20
≤322
≤4118
≤5182
≤6270
≤7128
≤864
≤932
≤1010

NVD

≤1826
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1668
≤20
≤34
≤40
≤518
≤634
≤732
≤838
≤918
≤1014

Hersteller

≤1770
≤20
≤30
≤40
≤52
≤68
≤712
≤816
≤918
≤100

Exploit 0-day

<1k28
<2k186
<5k30
<10k336
<25k158
<50k58
<100k30
≥100k0

Exploit heute

<1k278
<2k232
<5k166
<10k88
<25k62
<50k0
<100k0
≥100k0

Exploitmarktvolumen

IOB - Indicator of Behavior (1000)

Zeitverlauf

Sprache

en656
zh60
fr46
es40
pl38

Land

us50
cn46
fr40
gb40
es40

Akteure

Mirai3
Pacha1
RecordBreaker1
TrickBot1
Nanocore RAT1

Aktivitäten

Interesse

Zeitverlauf

Typ

Smartphone Operating System24
Operating System18
Web Browser14
Software Library6
Project Management Software6

Hersteller

Google34
SourceCodester14
Linux12
Microsoft10
code-projects6

Produkt

Google Android24
Linux Kernel12
SourceCodester Online Library System6
code-projects Online Book System6
SourceCodester PHP Task Management System6

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1SourceCodester PHP Task Management System admin-manage-user.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.700.00045CVE-2024-3223
2SourceCodester Airline Ticket Reservation System activate_jet_details_form_handler.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined2.180.00045CVE-2024-3347
3SourceCodester PHP Task Management System task-details.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.450.00045CVE-2024-3224
4SourceCodester PHP Task Management System admin-password-change.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.860.00045CVE-2024-3222
5kyivstarteam react-native-sms-user-consent SmsUserConsentModule.kt registerReceiver Local Privilege Escalation5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2021-4438
6SourceCodester PHP Task Management System edit-task.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.790.00045CVE-2024-3225
7SourceCodester Online Library System deweydecimal.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.560.00045CVE-2024-3361
8SourceCodester PHP Task Management System attendance-info.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.470.00045CVE-2024-3221
9SourceCodester Online Library System login.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.560.00045CVE-2024-3359
10SourceCodester Online Library System index.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.520.00045CVE-2024-3360
11SourceCodester Online Library System index.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.580.00045CVE-2024-3363
12SourceCodester Online Library System index.php Cross Site Scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.520.00045CVE-2024-3364
13SourceCodester Online Library System controller.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.500.00045CVE-2024-3362
14SourceCodester Online Library System controller.php Cross Site Scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.480.00045CVE-2024-3365
15iboss Secure Web Gateway Login Portal login Cross Site Scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.390.00045CVE-2024-3378
16code-projects Car Rental add-vehicle.php erweiterte Rechte6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-3369
17IBM Maximo Application Suite URL Information Disclosure6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.390.00043CVE-2024-22328
18Lenovo Printer HTTPS Service Pufferüberlauf4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.350.00043CVE-2024-27908
19Lenovo Printer LPD Packet Denial of Service7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.350.00043CVE-2024-27912
20Google Android kmv.c km_exp_did_inner Information Disclosure3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.330.00043CVE-2024-29750

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP-BereichAkteurTypAkzeptanz
123.254.128.0/24Loki Password Stealer (PWS)prädiktivHigh
223.254.134.0/24DanaBotprädiktivHigh
3XX.XXX.XX.X/XXXxx XxxxxprädiktivHigh
4XX.XXX.XX.X/XXXxxxxprädiktivHigh
5XX.XXX.XX.X/XXXxxxxprädiktivHigh
6XX.XXX.XXX.X/XXXxxxxxxx XxxxprädiktivHigh
7XX.XXX.XXX.X/XXXxxxxxprädiktivHigh
8XXX.XXX.XX.X/XXXxxxxxprädiktivHigh
9XXX.XX.XXX.X/XXXxxxxprädiktivHigh
10XXX.XX.XXX.X/XXXxxxxxxxprädiktivHigh
11XXX.XX.XX.X/XXXxxxx XxxprädiktivHigh
12XXX.XXX.XX.X/XXXxxxxxxxxxxxxprädiktivHigh
13XXX.XX.XX.X/XXXxxxxxxxxxprädiktivHigh
14XXX.XXX.XXX.X/XXXxxxxxxxxxxxprädiktivHigh
15XXX.XX.XXX.X/XXXxxxxxx XxxxxxprädiktivHigh
16XXX.XX.XX.X/XXXxxxxprädiktivHigh
17XXX.XXX.XX.X/XXXxxxxxxx XxxprädiktivHigh

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1006CWE-22, CWE-23, CWE-25Path TraversalprädiktivHigh
2T1040CWE-319Authentication Bypass by Capture-replayprädiktivHigh
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionsprädiktivHigh
4T1059CWE-94Argument InjectionprädiktivHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingprädiktivHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxprädiktivHigh
9TXXXXCWE-XXXXxxxxxxxxx XxxxxxprädiktivHigh
10TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxprädiktivHigh
11TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxprädiktivHigh
13TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxprädiktivHigh
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
15TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxprädiktivHigh
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxprädiktivHigh
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxprädiktivHigh
18TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxprädiktivHigh
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh
21TXXXXCWE-XXXXxxxxxxxxxx XxxxxxprädiktivHigh

IOA - Indicator of Attack (147)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/cart.phpprädiktivMedium
2File/cgi-bin/gui.cgiprädiktivHigh
3File/description.phpprädiktivHigh
4File/etc/passwdprädiktivMedium
5File/index.phpprädiktivMedium
6File/loginprädiktivLow
7File/Product.phpprädiktivMedium
8File/setup.cgiprädiktivMedium
9FileAccountManagerService.javaprädiktivHigh
10Fileactivate_jet_details_form_handler.phpprädiktivHigh
11Fileadd-vehicle.phpprädiktivHigh
12Fileadmin-manage-user.phpprädiktivHigh
13Fileadmin-password-change.phpprädiktivHigh
14Fileadmin/books/controller.phpprädiktivHigh
15Fileadmin/books/deweydecimal.phpprädiktivHigh
16Fileadmin/books/index.phpprädiktivHigh
17Fileadmin/borrowed/index.phpprädiktivHigh
18Fileadmin/login.phpprädiktivHigh
19Fileadmin/users/controller.phpprädiktivHigh
20Filexxxxxxxxxxxxxxxxxxx.xxxprädiktivHigh
21Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxprädiktivHigh
22Filexxx.xprädiktivLow
23Filexxxx/xxx/xxxxxx/xxx/xxxx.xprädiktivHigh
24Filexxxx_xxxxxx.xprädiktivHigh
25Filexxx_xxxx.xprädiktivMedium
26Filexxxxxxxxxx-xxxx.xxxprädiktivHigh
27Filexxx_xxxxxxxx.xxprädiktivHigh
28Filexxxx.xprädiktivLow
29Filexxxxx/xxx-xxxxxx.xprädiktivHigh
30Filexxxxx/xxx-xx-xxx.xprädiktivHigh
31Filexxxxxxxxx_xxx.xxprädiktivHigh
32Filexxx_xxx.xxxxprädiktivMedium
33Filexxx_xxx.xxprädiktivMedium
34Filexxxxxxxxxxxxxx.xxxprädiktivHigh
35Filexxxxxxxxx.xxxprädiktivHigh
36Filexxxxxxx.xxxprädiktivMedium
37Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xprädiktivHigh
38Filexxx_xx.xprädiktivMedium
39Filexxxx_xxxxx.xxxprädiktivHigh
40Filexxxx.xprädiktivLow
41Filexxxx-xxxx.xxxprädiktivHigh
42Filexxxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
43Filexx/xxxxx/xxxx-xx.xprädiktivHigh
44Filexx/xxxxx/xxxxxxxxxxx.xprädiktivHigh
45Filexx/xxxxx/xxxx-xxx.xprädiktivHigh
46Filexx/xxxx/xxxx.xprädiktivHigh
47Filexx/xxxx/xxxxxxx_xxxxxx.xprädiktivHigh
48Filexxx.xprädiktivLow
49Filexxxxxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
50Filexxxxx.xprädiktivLow
51Filexxxxxx/xxx/xxxxxxx.xprädiktivHigh
52Filexxxxxx/xxx/xxxxx.xprädiktivHigh
53Filexxxxxx/xxx/xxxx.x:prädiktivHigh
54Filexxx.xprädiktivLow
55Filexxxxxxxxx.xxprädiktivMedium
56Filexxxx_xx_xxxxxxx.xprädiktivHigh
57Filexxxxx.xxxprädiktivMedium
58Filexxx.xprädiktivLow
59Filexxx_xxxxxxxxxxxxx.xprädiktivHigh
60Filexxxxxxx/xxxxxx.xxxprädiktivHigh
61Filexxxxxxxxxxxxxxxx.xxxxx.xxxprädiktivHigh
62Filexx/xxxx_xxxxx.xprädiktivHigh
63Filexx/xxxxxxxx.xprädiktivHigh
64Filexxx/xxxx/xxx.xprädiktivHigh
65Filexxx/xxxx/xxxxxx.xprädiktivHigh
66Filexxx/xxx/xxx_xxxxxx.xprädiktivHigh
67Filexxx/xxxx/xxxxx.xprädiktivHigh
68Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xprädiktivHigh
69Filexxx/xxxxxxxxxxx/xxxx.xprädiktivHigh
70Filexxx/xxxxxx/xxxxxxxxxxxxx.xprädiktivHigh
71Filexxxxxxxxx.xprädiktivMedium
72Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
73Filexxxxx_xxx_xxx.xprädiktivHigh
74Filexxxxx.xprädiktivLow
75Filexxxxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
76Filexxxxxxxxxxxxxxxxx.xxxprädiktivHigh
77Filexx.xprädiktivLow
78Filexxxxx.xprädiktivLow
79Filexxxxx.xprädiktivLow
80Filexxxxx_xxxxxxxxxxxxxxxxx.xprädiktivHigh
81Filexxxxxxxxx.xxxprädiktivHigh
82Filexxxxxxxxxx.xxxprädiktivHigh
83Filexxx_xxx.xxprädiktivMedium
84Filexxxxxxxxx.xxxprädiktivHigh
85Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxprädiktivHigh
86Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xprädiktivHigh
87Filexx_xxxxxxxxxxx.xprädiktivHigh
88Filexx_xxxxxxxxxxxxxxx.xprädiktivHigh
89Filexxxxxxx.xprädiktivMedium
90Filexxxx-xxxxxxx.xxxprädiktivHigh
91Filexxx.xprädiktivLow
92Filexxx_xxxxxx.xprädiktivMedium
93Filexxxxxx-xxxxx.xxxprädiktivHigh
94Filexxxxxx-xxxxxxxx.xxxprädiktivHigh
95Filexxxxxxxxxxxxxxxxxx.xxxxprädiktivHigh
96Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxprädiktivHigh
97File_xxxxxxxxxx.xprädiktivHigh
98Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xprädiktivHigh
99Libraryxxxxxxx/xxxxx/xxx.xprädiktivHigh
100Libraryxxxxxxx/xxxxx/xxxx.xprädiktivHigh
101Libraryxxxxxxx/xxx/xxxx_xxx.xprädiktivHigh
102Libraryxxx/xxx_xxxx.xprädiktivHigh
103Libraryxxx/xxxxxxxxxxxx.xprädiktivHigh
104Libraryxxx/xxxx_xxxxx.xprädiktivHigh
105Libraryxxx/xxxxxxxx.xprädiktivHigh
106Libraryxxx/xxx_xxxx.xprädiktivHigh
107Libraryxxx/xxxprädiktivLow
108Libraryxxx/xxxxxxxx.xprädiktivHigh
109Libraryxxxx.xprädiktivLow
110Libraryxxxxx.xxxprädiktivMedium
111Argumentxxxxx_xxprädiktivMedium
112Argumentxxxxxxxxxxxxx/xxxxxxxxxprädiktivHigh
113Argumentxx-xxxxxxprädiktivMedium
114ArgumentxxxxxxxxprädiktivMedium
115ArgumentxxxxxxxxprädiktivMedium
116Argumentxx_xxxx_xxxprädiktivMedium
117ArgumentxxxxxxxxxxxprädiktivMedium
118Argumentxxxxxx_xxxxprädiktivMedium
119Argumentx_xxxxprädiktivLow
120ArgumentxxxxprädiktivLow
121ArgumentxxprädiktivLow
122ArgumentxxprädiktivLow
123Argumentxxx_xxprädiktivLow
124Argumentxxxxx_xxxprädiktivMedium
125ArgumentxxxxxxxprädiktivLow
126Argumentxxxx_xxxxprädiktivMedium
127Argumentxxx_xxxxxxprädiktivMedium
128Argumentxxx.xxprädiktivLow
129ArgumentxxxxxxprädiktivLow
130Argumentxxx_xxxxxxprädiktivMedium
131Argumentxx_xxxxx_xxxxxxxprädiktivHigh
132Argumentxxxx_xxxxxx_xxxxxprädiktivHigh
133ArgumentxxxxxxxprädiktivLow
134Argumentxxxxxxxx/xxxxxxprädiktivHigh
135ArgumentxxxxxxxxxxxprädiktivMedium
136Argumentxxxx_xxxxxxx_xxxxprädiktivHigh
137Argumentxxxx/xxxxxxxxprädiktivHigh
138Argumentxxxxxxx xxxx/xxxxxxx xxxxprädiktivHigh
139Argumentxxxx_xxprädiktivLow
140ArgumentxxxxxprädiktivLow
141Argumentxxxxxx xxxxxprädiktivMedium
142Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxprädiktivHigh
143Argumentxxxx_xxxxxprädiktivMedium
144Argumentxxxx_xxprädiktivLow
145Argumentxxxx_xxxxprädiktivMedium
146ArgumentxxxxxprädiktivLow
147Argumentx-xxxxxxxxx-xxxprädiktivHigh
ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!