Sector Education

Timeframe: -28 days

Default Categories (58): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Blog Software, Calendar Software, Chat Software, Cloud Software, Communications System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Firewall Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Learning Management Software, Library Management System Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Spreadsheet Software, SSH Server Software, Survey Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Cronología

Proveedor

Producto

Linux Kernel406
Microsoft Windows50
Google Chrome26
Microsoft SQL Server20
Moodle16

Contramedidas

Official Fix696
Temporary Fix0
Workaround2
Unavailable0
Not Defined110

Explotabilidad

High4
Functional4
Proof-of-Concept34
Unproven70
Not Defined696

Vector de acceso

Not Defined0
Physical0
Local56
Adjacent446
Network306

Autenticación

Not Defined0
High26
Low616
None166

La interacción del usuario

Not Defined0
Required112
None696

C3BM Index

CVSSv3 Base

≤10
≤22
≤34
≤442
≤5134
≤6264
≤7122
≤8158
≤972
≤1010

CVSSv3 Temp

≤10
≤22
≤310
≤440
≤5178
≤6234
≤7148
≤8150
≤938
≤108

VulDB

≤10
≤22
≤316
≤478
≤5184
≤6224
≤7106
≤8142
≤950
≤106

NVD

≤1476
≤20
≤30
≤42
≤520
≤6156
≤718
≤866
≤938
≤1032

CNA

≤1540
≤22
≤34
≤44
≤528
≤628
≤742
≤876
≤952
≤1032

Proveedor

≤1730
≤20
≤30
≤40
≤50
≤64
≤710
≤834
≤928
≤102

Explotar día 0

<1k48
<2k56
<5k296
<10k116
<25k182
<50k50
<100k56
≥100k4

Explotar hoy

<1k354
<2k122
<5k104
<10k134
<25k86
<50k8
<100k0
≥100k0

Explotar el volumen del mercado

IOB - Indicator of Behavior (1000)

Cronología

Idioma

en876
de66
fr28
es18
ja8

País

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Linux Kernel102
Microsoft Windows34
FreeBSD14
OpenText eDirectory8
Adobe Illustrator8

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1QDocs Smart School Management System Chat mynewuser sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000005.75CVE-2024-8784
2code-projects Crud Operation System updatedata.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000455.83CVE-2024-8762
3Microsoft Windows Installer escalada de privilegios7.87.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000551.45CVE-2024-38014
4Adobe Acrobat Reader desbordamiento de búfer7.06.9$25k-$100k$5k-$25kHighOfficial Fix0.000001.25-CVE-2024-41869
5code-projects Inventory Management Products Table Page viewProduct.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.92CVE-2024-8710
6Adobe ColdFusion autenticación débil6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.78-CVE-2024-45113
7Adobe ColdFusion escalada de privilegios9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.74-CVE-2024-41874
8Linux Kernel vmwgfx desbordamiento de búfer8.07.6$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000001.13-CVE-2024-46712
9Adobe Photoshop Desktop desbordamiento de búfer7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.63-CVE-2024-43756
10Adobe Photoshop Desktop desbordamiento de búfer7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.55-CVE-2024-45109
11Adobe Photoshop Desktop desbordamiento de búfer7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.55-CVE-2024-45108
12TDuckCloud TDuckPro escalada de privilegios5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.42CVE-2024-8692
13Microsoft High Definition Audio Bus Driver IRP HDAudBus_DMA denegación de servicio5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.75CVE-2024-45383
14Linux Kernel event->mmap_mutex escalada de privilegios5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.39CVE-2024-46713
15Adobe Illustrator desbordamiento de búfer7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.67-CVE-2024-43758
16code-projects Inventory Management Registration Form registration.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.39CVE-2024-8605
17Linux Kernel erofs z_erofs_gbuf_growsize denegación de servicio4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.39-CVE-2024-46688
18Adobe Acrobat Reader escalada de privilegios7.06.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.44-CVE-2024-45112
19Adobe Illustrator denegación de servicio4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.75-CVE-2024-43759
20Microsoft Windows Update desbordamiento de búfer9.88.9$100k y más$25k-$100kUnprovenOfficial Fix0.023210.75CVE-2024-43491

IOC - Indicator of Compromise (35)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorEscribeConfianza
15.255.108.0/24Cobalt StrikepredictiveAlto
214.166.31.0/24MiraipredictiveAlto
327.102.102.0/24KimsukypredictiveAlto
437.35.107.0/24KuluozpredictiveAlto
5XX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
7XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
8XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
9XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
10XX.XX.XX.X/XXXxxxxpredictiveAlto
11XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
12XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
13XXX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
14XXX.XX.XX.X/XXXxxxx XxxpredictiveAlto
15XXX.XXX.X.X/XXXxxxxxxxxpredictiveAlto
16XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
17XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
18XXX.X.XXX.X/XXXxxxxxxxxpredictiveAlto
19XXX.X.XXX.X/XXXxxxxxpredictiveAlto
20XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
21XXX.XX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
22XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
23XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
24XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
25XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
26XXX.XXX.XXX.X/XXXxxxxx XxxxxxxpredictiveAlto
27XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
28XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
29XXX.XXX.XXX.X/XXXxxxxpredictiveAlto
30XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
31XXX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
32XXX.XXX.XXX.X/XXXxxxxxxxxxpredictiveAlto
33XXX.XX.XX.X/XXXxxxxxpredictiveAlto
34XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
35XXX.XXX.XX.X/XXXxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClaseVulnerabilidadVector de accesoEscribeConfianza
1T1006CAPEC-126CWE-22, CWE-23, CWE-41Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-58CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
11TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
17TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveAlto
18TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
20TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
21TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
22TXXXX.XXXCAPEC-59CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
23TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (146)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/apply.cgipredictiveMedio
2File/devices/virtual/input/input4predictiveAlto
3File/endpoint/Add.phppredictiveAlto
4File/endpoint/delete.phppredictiveAlto
5File/endpoint/update.phppredictiveAlto
6File/forget.phppredictiveMedio
7File/HNAP1/predictiveBajo
8File/index.php?action=editManagerpredictiveAlto
9File/index.php?action=editPharmacistpredictiveAlto
10File/index.php?action=editSalesmanpredictiveAlto
11File/index.php?id=userProfileEditpredictiveAlto
12File/jeecg-boot/jmreport/dict/listpredictiveAlto
13File/model/viewProduct.phppredictiveAlto
14File/proc//auxvpredictiveMedio
15File/proc/fs/nfsd/clients/2/statespredictiveAlto
16File/settings.phppredictiveAlto
17File/sys/kernel/debug/dri/0/amdgpu_dm_dtn_logpredictiveAlto
18File/xxxxxxxxxx.xxxpredictiveAlto
19File/xxxx/xxxx/xxxxxxxxxpredictiveAlto
20File/xxxx/xxxxxxxxxxxx.xxxpredictiveAlto
21Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveAlto
22Filexxxx/xxxxxxxx/xxxxxx/xxxx/xxxx.xxxpredictiveAlto
23Filexxxxxxx/xxx/xxxx_xxxxx.xpredictiveAlto
24Filexxxxxxx/xxxxx/xxx-xxxxx.xpredictiveAlto
25Filexxxxxxx/xx/xx-xxxx.xpredictiveAlto
26Filexxxxxxx/xxx/xxxx.xpredictiveAlto
27Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
28Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
29Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxxx.xpredictiveAlto
30Filexxxxxxx_xxxxxx.xxxpredictiveAlto
31Filexxxxxxx.xxxpredictiveMedio
32Filexx/xxxxx/xxxxxx-xxxx.xpredictiveAlto
33Filexx/xxxxx/xxxxxx_xx.xpredictiveAlto
34Filexx/xxxxx/xxxxxx.xpredictiveAlto
35Filexx/xxxxx/xxxxxxxxxx.xpredictiveAlto
36Filexx/xxxxx/xxxxxxx.xpredictiveAlto
37Filexx/xxxxx/xxxxx.xpredictiveAlto
38Filexx/xxxx/xxxxxx.xpredictiveAlto
39Filexx/xxxx/xxxxx.xpredictiveAlto
40Filexx/xx-xxxxxxxxx.xpredictiveAlto
41Filexx/xxxxxx/xxxxx.xpredictiveAlto
42Filexx/xxx/xxxxxx/xxxxxx.xpredictiveAlto
43Filexxxx.xxxpredictiveMedio
44Filexxxxx.xxxpredictiveMedio
45Filexx_xxxxx/xx_xxxxx.xpredictiveAlto
46Filexx_xxxxxxxx.xxxpredictiveAlto
47Filexxxxxx/xxxxxxx/xxxxx.xpredictiveAlto
48Filexxxxxx/xxxxxxx/xxxxx.xpredictiveAlto
49Filexxxxxxx/xpredictiveMedio
50Filexxxxx.xxxpredictiveMedio
51Filexxxxxx.xxxpredictiveMedio
52Filexxxxxxxxxx/xxx_xxxxxxx_xxxxx_xxxxxxxxxx.xxpredictiveAlto
53Filexx/xxx.xpredictiveMedio
54Filexx/xxxxx/xxxxxx.xpredictiveAlto
55Filexx/xxxx.xpredictiveMedio
56Filexxxxx_xxxx.xxpredictiveAlto
57Filexxx/xxxx/xxx.xpredictiveAlto
58Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveAlto
59Filexxx/xxxx/xxxx_xxxx.xpredictiveAlto
60Filexxx/xxxx/xxxxxx.xpredictiveAlto
61Filexxx/xxxx/xxx.xpredictiveAlto
62Filexxx/xxxxxxxx/xxxxxx-xxx.xpredictiveAlto
63Filexxx/xxxxx/xxxxxxxx.xpredictiveAlto
64Filexxx/xxxxxxxxx/xxxx/xx_xx_xxx.xpredictiveAlto
65Filexxx/xxxxxxxx/xxxx.xpredictiveAlto
66Filexxxxxx.xpredictiveMedio
67Filexxxxx.xxxpredictiveMedio
68Filexxxxxxxxxxxxx.xxxpredictiveAlto
69Filexxx/xxxxxxxx.xxxpredictiveAlto
70Filexxxxxx_xxxx.xpredictiveAlto
71Filexxxxxxxxxx.xxxpredictiveAlto
72Filexxx_xxxxxxx.xpredictiveAlto
73Filexxxx.xxxpredictiveMedio
74Filexxxxxxxxxxx_xxxxxx.xxxpredictiveAlto
75Filexxxx-xxxxx.xxxpredictiveAlto
76Library/xxxxxxx/xxx-xxxxxxx/xxxxxxxx.xpredictiveAlto
77Libraryxxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
78Libraryxxxxxxx/xxxxx/xxxxxxxxx.xpredictiveAlto
79Libraryxxxxxxx/xxxxx/xxxxxxxxxx.xpredictiveAlto
80Libraryxxxxxxx/xxxxx/xxxxx/xx.xpredictiveAlto
81Libraryxxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
82Libraryxxxxxxx.xxxpredictiveMedio
83Libraryxxx/xxxx_xxxxx.xpredictiveAlto
84Libraryxxx/xxxxxx.xpredictiveMedio
85Libraryxxx/xxxxxx.xpredictiveMedio
86Libraryxxx/xxxxxxxx.xpredictiveAlto
87Libraryxxx/xxxxxx.xpredictiveMedio
88Libraryxxxxx.xxxpredictiveMedio
89ArgumentxxxxxxpredictiveBajo
90ArgumentxxxxxxxxxxxxxpredictiveAlto
91ArgumentxxxxpredictiveBajo
92ArgumentxxxxxxpredictiveBajo
93Argumentxxxxxxxx.xxxxxxxxxxxxx.xxxpredictiveAlto
94Argumentxxxxx/xxxxxxpredictiveMedio
95Argumentxxxxx_xxxxxxxxxxxx.xxpredictiveAlto
96Argumentxxxxx_xxxxx_xxxxxxxxpredictiveAlto
97Argumentxxx_xxxxxxxxpredictiveMedio
98ArgumentxxxxxpredictiveBajo
99Argumentxxxxx_xxxx/xxxxxx_xxxx/xxxx_xxxxpredictiveAlto
100Argumentxxxxx/xxxxx/xxxxxpredictiveAlto
101Argumentxx_xxxxxxxx.xxxx_xx/xx_xxxxxxxx.xx_xx/xx_xxxxxxxx.xxxx_xx/xx_xxxxxxxx.xx_xxpredictiveAlto
102Argumentxx_xxxxxxxx.xxxx_xx/xx_xxxxxxxx.xx_xx/xx_xxxxxxxx.xxxx_xx/xx_xxxxxxxx.xx_xx/xx_xxxxxxxx.xxxx_xx/xx_xxxxxxxx.xx_xxpredictiveAlto
103Argumentxx_xxx.xx_xxpredictiveMedio
104Argumentxx_xxxxxxxxxxxxxx.xxx_xxpredictiveAlto
105ArgumentxxxxpredictiveBajo
106ArgumentxxpredictiveBajo
107Argumentx_xxx/x_xxxpredictiveMedio
108Argumentxxx(x)_xxxxx_xxxxxxxxxxpredictiveAlto
109ArgumentxxxpredictiveBajo
110ArgumentxxxpredictiveBajo
111Argumentxxxxxxx_xxxxpredictiveMedio
112ArgumentxxxxxxxpredictiveBajo
113Argumentxxx_xxpredictiveBajo
114Argumentxxx_xxx_xxxxxpredictiveAlto
115ArgumentxxxxpredictiveBajo
116ArgumentxxxxxxxpredictiveBajo
117Argumentxxxxx_xxxxx_xxxx.xxxxxxxpredictiveAlto
118Argumentxxxx_xxxxxxxxx.xxxxxx_xxx/xxxx_xxxxxxxxx.xxxxxx_xxxpredictiveAlto
119ArgumentxxxxxxpredictiveBajo
120ArgumentxxxxxxxxpredictiveMedio
121Argumentxxxxx_xxxx_xxxxpredictiveAlto
122ArgumentxxxxxxpredictiveBajo
123Argumentxx_xxxxpredictiveBajo
124Argumentxxxxxxxx_xxxxxpredictiveAlto
125Argumentxxx_xxxpredictiveBajo
126ArgumentxxxpredictiveBajo
127ArgumentxxxpredictiveBajo
128Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveAlto
129Argumentxxxxx/xxx/xxxxxxxxpredictiveAlto
130ArgumentxxxxxpredictiveBajo
131Argumentxxxx_xxxpredictiveMedio
132Argumentxxx_xxxxxx_xx/xxxxx_xxxx/xxxxxx_xxxx/xxxx_xxxxpredictiveAlto
133Argumentxxxx_xxpredictiveBajo
134ArgumentxxxpredictiveBajo
135Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictiveAlto
136Argumentxxxxxxxx_xxpredictiveMedio
137ArgumentxxxxxxxpredictiveBajo
138ArgumentxxxxpredictiveBajo
139ArgumentxxxxxxxxpredictiveMedio
140ArgumentxxxxxxxxpredictiveMedio
141ArgumentxxxxxxxxxxxxpredictiveMedio
142Argumentxxxxx[]predictiveBajo
143ArgumentxxxxxpredictiveBajo
144Argumentxx(x).(x)_xxxxpredictiveAlto
145Input Valuex'+xxx+(xxxxxx+xxxx+xxxx+(xxxxxx(xxxxx(x)))xxxx)+xxx+'xxxx'%xx'xxxxpredictiveAlto
146Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveAlto

Do you know our Splunk app?

Download it now for free!