Sector Police

Timeframe: -28 days

Default Categories (69): Access Management Software, Android App Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Audio Processing Software, Backup Software, Big Data Software, Business Process Management Software, Calendar Software, Chat Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Learning Management Software, Mail Client Software, Mail Server Software, Messaging Software, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Cronología

Proveedor

Producto

Linux Kernel290
Microsoft Windows64
Google Chrome26
Moodle16
Zabbix10

Contramedidas

Official Fix580
Temporary Fix0
Workaround2
Unavailable2
Not Defined156

Explotabilidad

High10
Functional0
Proof-of-Concept44
Unproven66
Not Defined620

Vector de acceso

Not Defined0
Physical4
Local64
Adjacent316
Network356

Autenticación

Not Defined0
High44
Low482
None214

La interacción del usuario

Not Defined0
Required174
None566

C3BM Index

CVSSv3 Base

≤10
≤20
≤312
≤446
≤5152
≤6212
≤7100
≤8158
≤950
≤1010

CVSSv3 Temp

≤10
≤20
≤314
≤444
≤5174
≤6202
≤7110
≤8154
≤938
≤104

VulDB

≤10
≤20
≤334
≤482
≤5180
≤6152
≤7112
≤8144
≤928
≤108

NVD

≤1466
≤20
≤30
≤46
≤518
≤6122
≤718
≤854
≤926
≤1030

CNA

≤1362
≤20
≤34
≤48
≤538
≤660
≤770
≤8110
≤954
≤1034

Proveedor

≤1666
≤20
≤30
≤40
≤52
≤66
≤710
≤838
≤912
≤106

Explotar día 0

<1k68
<2k58
<5k288
<10k82
<25k144
<50k40
<100k48
≥100k12

Explotar hoy

<1k344
<2k104
<5k96
<10k118
<25k62
<50k16
<100k0
≥100k0

Explotar el volumen del mercado

IOB - Indicator of Behavior (1000)

Cronología

Idioma

en712
de88
fr76
ja44
pl24

País

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Linux Kernel26
Microsoft Windows18
Google Chrome14
SourceCodester Music Gallery Site10
Mozilla Firefox8

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1OpenSSL TLS Server Certificate Check escalada de privilegios5.65.5$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000005.21-CVE-2024-6119
2Linksys WRT54G POST Parameter apply.cgi validate_services_port desbordamiento de búfer6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.18CVE-2024-8408
3code-projects Hospital Management System Login index.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.26CVE-2024-8368
4Moodle Question Type Privilege Escalation6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000001.51CVE-2024-43425
5code-projects Pharmacy Management System Update My Profile Page index.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.06CVE-2024-8366
6Google Chrome V8 desbordamiento de búfer6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.67CVE-2024-7970
7Red Hat Keycloak Bruteforce Protection divulgación de información5.15.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.64-CVE-2024-4629
8SourceCodester Music Gallery Site Users.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.48CVE-2024-8345
9code-projects Online Quiz Site signupuser.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001201.78CVE-2024-8169
10code-projects Online Quiz Site index.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000632.11CVE-2024-8218
11Mozilla Firefox WASM escalada de privilegios8.07.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.59CVE-2024-8385
12code-projects Online Bus Reservation Site login.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000911.64CVE-2024-8168
13code-projects Job Portal forget.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000911.61CVE-2024-8167
14Mozilla Firefox desbordamiento de búfer8.07.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.53CVE-2024-8387
15SourceCodester Music Gallery Site Master.php sql injection7.57.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.48CVE-2024-8336
16Mozilla Firefox Internal Browser Event Interface divulgación de información4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.39CVE-2024-8382
17Google Chrome WebAudio desbordamiento de búfer6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.59CVE-2024-8362
18Mozilla Firefox Property Name Lookup escalada de privilegios8.07.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.39CVE-2024-8381
19SourceCodester Music Gallery Site Master.php sql injection7.57.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000631.72CVE-2024-8223
20Mozilla Focus URL escalada de privilegios4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.39-CVE-2024-8399

IOC - Indicator of Compromise (26)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorEscribeConfianza
15.255.100.0/24IcedIDpredictiveAlto
223.105.204.0/24Cobalt StrikepredictiveAlto
346.38.239.0/24SliverpredictiveAlto
4XX.XX.XXX.X/XXXxxxxxxxxpredictiveAlto
5XX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
7XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
8XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
9XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
10XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
11XX.XXX.XX.X/XXXxxxxxpredictiveAlto
12XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
13XXX.XXX.X.X/XXXxxxxxpredictiveAlto
14XXX.XXX.X.X/XXXxxxxxxxxpredictiveAlto
15XXX.XXX.X.X/XXXxxxxxxpredictiveAlto
16XXX.XXX.XXX.X/XXXxxxxxxxxpredictiveAlto
17XXX.XXX.XX.X/XXXxxxx XxxxpredictiveAlto
18XXX.XX.XXX.X/XXXxxxxpredictiveAlto
19XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
20XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
21XXX.XX.XXX.X/XXXxxxxpredictiveAlto
22XXX.XX.XXX.X/XXXxxxxxxxxpredictiveAlto
23XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
24XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
25XXX.XXX.XXX.X/XXXxxxxxxxxxpredictiveAlto
26XXX.XX.XXX.X/XXXxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClaseVulnerabilidadVector de accesoEscribeConfianza
1T1006CAPEC-126CWE-22, CWE-35Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79, CWE-84Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-58CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
11TXXXXCAPEC-CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
16TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveAlto
17TXXXX.XXXCAPEC-459CWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
18TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
19TXXXXCAPEC-20CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
20TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
21TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
22TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (155)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/admin/?page=musics/manage_musicpredictiveAlto
2File/admin/categories/manage_category.phppredictiveAlto
3File/admin_schedule.phppredictiveAlto
4File/apply.cgipredictiveMedio
5File/classes/Master.php?f=delete_categorypredictiveAlto
6File/classes/Users.php?f=deletepredictiveAlto
7File/deleteTicket.phppredictiveAlto
8File/devices/virtual/input/input4predictiveAlto
9File/etc/asterisk/predictiveAlto
10File/forget.phppredictiveMedio
11File/history.phppredictiveMedio
12File/HNAP1/predictiveBajo
13File/index.php/basedata/contact/delete?action=deletepredictiveAlto
14File/index.php/basedata/inventory/delete?action=deletepredictiveAlto
15File/index.php?action=editManagerpredictiveAlto
16File/index.php?action=editPharmacistpredictiveAlto
17File/index.php?action=editSalesmanpredictiveAlto
18File/index.php?id=userProfileEditpredictiveAlto
19File/libswresample/swresample.cpredictiveAlto
20File/xxxxx.xxxpredictiveMedio
21File/xxx-xxxxx/xxxxxxx/xxxxxx.xxx?x=xxxxxx_xxxxxpredictiveAlto
22File/xxxxxxxx.xxxpredictiveAlto
23File/xxx/xxxxxx/xxxxx/xxx/x/xxxxxx_xx_xxx_xxxpredictiveAlto
24Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
25Filexxxxxxxxxxxxx.xxxxpredictiveAlto
26Filexxxxxxxxxxxx.xxxpredictiveAlto
27Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
28Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveAlto
29Filexxxxxxx/xx/xx-xxxx.xpredictiveAlto
30Filexxxxxxx/xxx/xxxx.xpredictiveAlto
31Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
32Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxx-xxx-xxxx.xpredictiveAlto
33Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxxx.xpredictiveAlto
34Filexxxxxxx_xxxxxx.xxxpredictiveAlto
35Filexxxxxxx.xxxpredictiveMedio
36Filexxxx.xxxpredictiveMedio
37Filexxxxxxxxxxxxxxxxxxxxxx.xxpredictiveAlto
38Filexx/xxxxx/xxxxxx-xxxx.xpredictiveAlto
39Filexx/xxxxx/xxxxxx_xx.xpredictiveAlto
40Filexx/xxxxx/xxxxxx.xpredictiveAlto
41Filexx/xxxxx/xxxxxxxxxx.xpredictiveAlto
42Filexx/xxxxx/xxxxxxx.xpredictiveAlto
43Filexx/xxxxx/xxxxx.xpredictiveAlto
44Filexx/xxxx/xxxxxx.xpredictiveAlto
45Filexx/xxxx/xxxxx.xpredictiveAlto
46Filexx/xx-xxxxxxxxx.xpredictiveAlto
47Filexx/xxxxxx/xxxxx.xpredictiveAlto
48Filexx/xxx/xxxxxx/xxxxxx.xpredictiveAlto
49Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveAlto
50Filexxxx.xxxpredictiveMedio
51Filexxxxxxxx/xxxxxxxxx.xxxpredictiveAlto
52Filexxxxx.xxxpredictiveMedio
53Filexx_xxxxx/xx_xxxxx.xpredictiveAlto
54Filexxxxx.xxxpredictiveMedio
55Filexxxxxx.xxxpredictiveMedio
56Filexxxxxxxx.xxxpredictiveMedio
57Filexx/xxx.xpredictiveMedio
58Filexx/xxxxx/xxxxxx.xpredictiveAlto
59Filexxx_xxxxxx.xpredictiveMedio
60Filexxx/xxxx/xxx.xpredictiveAlto
61Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveAlto
62Filexxx/xxxx/xxxx_xxxx.xpredictiveAlto
63Filexxx/xxxx/xxxxxx.xpredictiveAlto
64Filexxx/xxxx/xxx.xpredictiveAlto
65Filexxx/xxxxxxxx/xxxxxx-xxx.xpredictiveAlto
66Filexxx/xxxxx/xxxxxxxx.xpredictiveAlto
67Filexxx/xxxxxxxxx/xxxx/xx_xx_xxx.xpredictiveAlto
68Filexxx/xxxxxxxx/xxxx.xpredictiveAlto
69Filexxxxxxxxxx.xxxxpredictiveAlto
70Filexxxxxx.xpredictiveMedio
71Filexxxxx.xxxpredictiveMedio
72Filexxxxxxxxxxxxx.xxxpredictiveAlto
73Filexxxxxxx.xxxpredictiveMedio
74Filexxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
75Filexxx/xxxxxxxx.xxxpredictiveAlto
76Filexxxxxxxx.xxxpredictiveMedio
77Filexxxxxxxxxxx.xxxpredictiveAlto
78Filexxxxxxxx_xxxxxx.xxxpredictiveAlto
79Filexx_x_xxx.xxxpredictiveMedio
80Filexxx_xxxxx.xxpredictiveMedio
81Filexxxxxxxxxx.xxxpredictiveAlto
82Filexxx_xxxxxxx.xpredictiveAlto
83Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
84Filexxxxxxxxxxxxxx.xxxpredictiveAlto
85Filexxxx.xxxpredictiveMedio
86Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
87Filexxxxxxxxxxx_xxxxxx.xxxpredictiveAlto
88Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
89Filexxxxxxxxxxx.xxxxpredictiveAlto
90Filexxx/xxxx/xxxxx.xxxpredictiveAlto
91FilexxxxxxxxxxxxxpredictiveAlto
92Library/xxxxxxx/xxx-xxxxxxx/xxxxxxxx.xpredictiveAlto
93Libraryxxxx.xxxpredictiveMedio
94Libraryxxxx.xpredictiveBajo
95Libraryxxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
96Libraryxxxxxxx/xxxxx/xxxxxxxxx.xpredictiveAlto
97Libraryxxxxxxx/xxxxx/xxxx_xxx.xpredictiveAlto
98Libraryxxxxxxx/xxxxx/xxxxxxxxxx.xpredictiveAlto
99Libraryxxxxxxx/xxxxx/xxxxx/xx.xpredictiveAlto
100Libraryxxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
101Libraryxxx/xxxxxxx.xpredictiveAlto
102Libraryxxx/xxxx_xxxxx.xpredictiveAlto
103Libraryxxx/xxxxxx.xpredictiveMedio
104Libraryxxx/xxxxxx.xpredictiveMedio
105Libraryxxx/xxxxxxxx.xpredictiveAlto
106Libraryxxx/xxxxxx.xpredictiveMedio
107ArgumentxxxxxxpredictiveBajo
108ArgumentxxxxxxxxxxxpredictiveMedio
109ArgumentxxxxpredictiveBajo
110Argumentxxxxxxxxxxxxxxx/xxxxx/xxxxxpredictiveAlto
111ArgumentxxxxxpredictiveBajo
112Argumentxxxxx/xxxxxxpredictiveMedio
113Argumentxxxxx/xxxxxxxxpredictiveAlto
114Argumentxxx_xxxxxxxxpredictiveMedio
115Argumentxxxxxx[xx]predictiveMedio
116Argumentxxxxx/xxxxx/xxxxxpredictiveAlto
117ArgumentxxpredictiveBajo
118Argumentx_xxx/x_xxxpredictiveMedio
119Argumentxxx(x)_xxxxx_xxxxxxxxxxpredictiveAlto
120ArgumentxxxxxxpredictiveBajo
121ArgumentxxxpredictiveBajo
122Argumentxxxxxxx_xxxxpredictiveMedio
123ArgumentxxxxxxxpredictiveBajo
124Argumentxxx_xxpredictiveBajo
125ArgumentxxxxpredictiveBajo
126Argumentxxxx/xxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxpredictiveAlto
127Argumentxxxx/xxxxx/xxxxxpredictiveAlto
128ArgumentxxxxxxxpredictiveBajo
129ArgumentxxxxxxpredictiveBajo
130ArgumentxxxxpredictiveBajo
131ArgumentxxxxxxpredictiveBajo
132ArgumentxxxxxxxxpredictiveMedio
133ArgumentxxxxxxpredictiveBajo
134ArgumentxxxpredictiveBajo
135ArgumentxxxxxxxxxxxxxxxxxxxpredictiveAlto
136Argumentxxxxxxxx_xxxxxpredictiveAlto
137Argumentxxx_xxxpredictiveBajo
138ArgumentxxxpredictiveBajo
139Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveAlto
140Argumentxxxxx/xxx/xxxxxxxxpredictiveAlto
141ArgumentxxxxxpredictiveBajo
142ArgumentxxxxxxxpredictiveBajo
143ArgumentxxxpredictiveBajo
144Argumentxxxx_xxxpredictiveMedio
145Argumentxxxx_xxpredictiveBajo
146ArgumentxxxpredictiveBajo
147Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictiveAlto
148Argumentxxxxxxxx_xxpredictiveMedio
149ArgumentxxxxxxxpredictiveBajo
150ArgumentxxxxpredictiveBajo
151ArgumentxxxxxxxxpredictiveMedio
152ArgumentxxxxxxxxpredictiveMedio
153ArgumentxxxxxxxxpredictiveMedio
154Argumentxx(x).(x)_xxxxpredictiveAlto
155Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveAlto

Want to stay up to date on a daily basis?

Enable the mail alert feature now!