Secteur Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Chronologie

Fournisseur

Linux312
Microsoft106
Foxit56
Not Defined56
Google40

Produit

Linux Kernel312
Microsoft Windows76
Foxit PDF Reader56
Juniper Junos OS24
Google Android24

Contre-mesures

Official Fix766
Temporary Fix0
Workaround2
Unavailable0
Not Defined110

Exploitabilité

High4
Functional0
Proof-of-Concept32
Unproven96
Not Defined746

Vecteur d'accès

Not Defined0
Physical4
Local120
Adjacent366
Network388

Authentification

Not Defined0
High58
Low508
None312

Interaction de l'utilisateur

Not Defined0
Required200
None678

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤470
≤5168
≤6304
≤7158
≤8104
≤940
≤106

CVSSv3 Temp

≤10
≤20
≤328
≤476
≤5168
≤6408
≤7116
≤870
≤96
≤106

VulDB

≤10
≤22
≤334
≤490
≤5166
≤6300
≤7140
≤8106
≤936
≤104

NVD

≤1878
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1678
≤20
≤36
≤40
≤530
≤652
≤736
≤842
≤924
≤1010

Fournisseur

≤1776
≤20
≤30
≤40
≤50
≤610
≤718
≤846
≤928
≤100

Exploiter 0 jour

<1k26
<2k220
<5k36
<10k356
<25k134
<50k92
<100k14
≥100k0

Exploiter aujourd'hui

<1k340
<2k226
<5k154
<10k62
<25k94
<50k2
<100k0
≥100k0

Exploiter le volume du marché

IOB - Indicator of Behavior (1000)

Chronologie

Langue

en834
de66
ja34
pt14
zh12

De campagne

us234
de76
gb48
jp26
ru16

Acteurs

Mirai6
Sandworm5
Cobalt Strike4
AsyncRAT3
RedLine Stealer3

Activités

Intérêt

Chronologie

Taper

Router Operating System20
Operating System18
Programming Language Software12
Web Browser6
Web Server6

Fournisseur

Juniper18
Not Defined14
Microsoft14
Linux6
SourceCodester6

Produit

Juniper Junos OS18
Microsoft Windows8
Linux Kernel6
PHP6
code-projects Online Book System4

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConEPSSCTICVE
1Palo Alto Networks PAN-OS GlobalProtect elévation de privilèges8.98.7$0-$5k$0-$5kHighOfficial Fix0.0273410.00CVE-2024-3400
2cym1102 nginxWebUI upload elévation de privilèges4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.52CVE-2024-3736
3cym1102 nginxWebUI saveCmd handlePath authentification faible7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000004.65CVE-2024-3738
4cym1102 nginxWebUI reload exec elévation de privilèges6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.84CVE-2024-3740
5cym1102 nginxWebUI upload elévation de privilèges6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000004.24CVE-2024-3739
6cym1102 nginxWebUI addOver findCountByQuery directory traversal6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.97CVE-2024-3737
7PHPGurukul Small CRM Registration Page sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.30CVE-2024-3691
8Xiamen Four-Faith RMP Router Management Platform sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.22CVE-2024-3688
9PHP proc_open elévation de privilèges7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.82-CVE-2024-1874
10PHPGurukul Small CRM Change Password sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.44CVE-2024-3690
11PHP password_verify vulnérabilité inconnue3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.62-CVE-2024-3096
12PHP Cookie elévation de privilèges5.65.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.28-CVE-2024-2756
13Linux Kernel amdkfd kzalloc buffer overflow5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.15CVE-2024-26817
14PHP mb_encode_mimeheader dénie de service5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000001.08-CVE-2024-2757
15Node.js child_process.spawn elévation de privilèges5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.72CVE-2024-27980
16Microsoft Windows DNS Server buffer overflow7.26.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.000430.38CVE-2024-26223
17SourceCodester PHP Task Management System edit-task.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.38CVE-2024-3225
18Juniper cRPD/Juniper Cloud Native Router SSH chiffrement faible8.17.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.62CVE-2024-30407
19mysql2 readCodeFor elévation de privilèges8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.26CVE-2024-21508
20Apache HTTP Server elévation de privilèges5.35.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.19CVE-2023-38709

IOC - Indicator of Compromise (33)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActeurTaperConfiance
15.255.115.0/24IcedIDpredictiveÉlevé
231.42.185.0/24Saint BotpredictiveÉlevé
345.141.215.0/24RedLine StealerpredictiveÉlevé
447.103.66.0/24Cobalt StrikepredictiveÉlevé
5XX.XX.XXX.X/XXXxxxxxxxpredictiveÉlevé
6XX.XXX.XX.X/XXXxxxxpredictiveÉlevé
7XX.XXX.XX.X/XXXxxxxpredictiveÉlevé
8XX.XX.XXX.X/XXXxxxxxxxxxpredictiveÉlevé
9XX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveÉlevé
10XX.XX.XX.X/XXXxxxxxpredictiveÉlevé
11XXX.XX.XX.X/XXXxxxxxx Xxxxx XxxxxpredictiveÉlevé
12XXX.XXX.XXX.X/XXXxxxxxxxpredictiveÉlevé
13XXX.XXX.XXX.X/XXXxxxxxpredictiveÉlevé
14XXX.XX.XXX.X/XXXxxxxpredictiveÉlevé
15XXX.XX.XXX.X/XXXxxxxxxxpredictiveÉlevé
16XXX.XX.XX.X/XXXxxxx XxxpredictiveÉlevé
17XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveÉlevé
18XXX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveÉlevé
19XXX.XXX.XX.X/XXXxxxxpredictiveÉlevé
20XXX.XXX.XX.X/XXXxxxxxpredictiveÉlevé
21XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveÉlevé
22XXX.XXX.XX.X/XXXxxxxxxxpredictiveÉlevé
23XXX.XX.XX.X/XXXxxxxpredictiveÉlevé
24XXX.XX.XXX.X/XXXxxxxxxxxxxpredictiveÉlevé
25XXX.XXX.XX.X/XXXxxxxxxxpredictiveÉlevé
26XXX.XXX.XXX.X/XXXxxxpredictiveÉlevé
27XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveÉlevé
28XXX.XXX.XXX.X/XXXxxxxxxxpredictiveÉlevé
29XXX.XX.XXX.X/XXXxxxxxpredictiveÉlevé
30XXX.XX.XX.X/XXXxxxxxxxxx XxxxxxxpredictiveÉlevé
31XXX.XXX.XXX.X/XXXxxxxxxxpredictiveÉlevé
32XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveÉlevé
33XXX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveÉlevé

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-22, CWE-23, CWE-25, CWE-35Path TraversalpredictiveÉlevé
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveÉlevé
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveÉlevé
4T1059CWE-94, CWE-1321Argument InjectionpredictiveÉlevé
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveÉlevé
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveÉlevé
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveÉlevé
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveÉlevé
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveÉlevé
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
12TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveÉlevé
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveÉlevé
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé
16TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveÉlevé
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveÉlevé
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé
21TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveÉlevé
22TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveÉlevé
23TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveÉlevé
24TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveÉlevé

IOA - Indicator of Attack (130)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/adminPage/conf/reloadpredictiveÉlevé
2File/adminPage/conf/saveCmdpredictiveÉlevé
3File/adminPage/main/uploadpredictiveÉlevé
4File/adminPage/www/addOverpredictiveÉlevé
5File/cart.phppredictiveMoyen
6File/description.phppredictiveÉlevé
7File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveÉlevé
8File/etc/passwdpredictiveMoyen
9File/index.phppredictiveMoyen
10File/loginpredictiveFaible
11File/Product.phppredictiveMoyen
12File/sys/kernel/notespredictiveÉlevé
13Fileactivate_jet_details_form_handler.phppredictiveÉlevé
14Fileadd-vehicle.phppredictiveÉlevé
15Fileadmin-manage-user.phppredictiveÉlevé
16Fileadmin-password-change.phppredictiveÉlevé
17Fileadmin/books/controller.phppredictiveÉlevé
18Fileadmin/books/deweydecimal.phppredictiveÉlevé
19Filexxxxx/xxxxx/xxxxx.xxxpredictiveÉlevé
20Filexxxxx/xxxxxxxx/xxxxx.xxxpredictiveÉlevé
21Filexxxxx/xxxxx.xxxpredictiveÉlevé
22Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveÉlevé
23Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictiveÉlevé
24Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveÉlevé
25Filexxxx_xxxxxx.xpredictiveÉlevé
26Filexxxxxxxxxx-xxxx.xxxpredictiveÉlevé
27Filexxxxx/xxx-xxxxxx.xpredictiveÉlevé
28Filexxxxx/xxx-xx-xxx.xpredictiveÉlevé
29Filexxx_xxx.xxxxpredictiveMoyen
30Filexxxx_xxxxxxx.xxpredictiveÉlevé
31Filexxxxxxxxxxxxxx.xxxpredictiveÉlevé
32Filexxxxxxxxx.xxxpredictiveÉlevé
33Filexxxxxxx.xxxpredictiveMoyen
34Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveÉlevé
35Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveÉlevé
36Filexxxx.xpredictiveFaible
37Filexxxx-xxxx.xxxpredictiveÉlevé
38Filexx/xxxxx/xxxx-xx.xpredictiveÉlevé
39Filexx/xxxxx/xxxxxxxxxxx.xpredictiveÉlevé
40Filexx/xxxxx/xxxx-xxx.xpredictiveÉlevé
41Filexx/xxxx/xxxx.xpredictiveÉlevé
42FilexxxxxpredictiveFaible
43Filexxxxx_xxxxxxpredictiveMoyen
44Filexx/xxx/xxx_xx_xxx.xpredictiveÉlevé
45Filexxxxxxx/xxxxx/xxxxxx.xpredictiveÉlevé
46Filexxxxx.xpredictiveFaible
47Filexxxxxx/xxx/xxxxxxx.xpredictiveÉlevé
48Filexxxxxx/xxx/xxxxx.xpredictiveÉlevé
49Filexxxxxx/xxx/xxxx.x:predictiveÉlevé
50Filexxx.xpredictiveFaible
51Filexxxxxxxxx.xxpredictiveMoyen
52Filexxx.xpredictiveFaible
53Filexxxxxxx/xxxxxx.xxxpredictiveÉlevé
54Filexx/xxxx_xxxxx.xpredictiveÉlevé
55Filexx/xxxxxxxx.xpredictiveÉlevé
56Filexxx/xxxx/xxx.xpredictiveÉlevé
57Filexxx/xxxx/xxxxxx.xpredictiveÉlevé
58Filexxx/xxx/xxx_xxxxxx.xpredictiveÉlevé
59Filexxx/xxxxxxxxxxx/xxxx.xpredictiveÉlevé
60Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveÉlevé
61Filexxxxx.xpredictiveFaible
62Filexxxxx.xpredictiveFaible
63Filexxxxxxxxx.xxxpredictiveÉlevé
64Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveÉlevé
65Filexxxx-xxxxxxx.xxxpredictiveÉlevé
66Filexxxx_xxxxxx.xxpredictiveÉlevé
67Filexxx.xpredictiveFaible
68Filexxxxxx-xxxxx.xxxpredictiveÉlevé
69Filexxxxxx-xxxxxxxx.xxxpredictiveÉlevé
70Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveÉlevé
71File_xxxxxxxxxx.xpredictiveÉlevé
72Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveÉlevé
73Libraryxxxx.xxxpredictiveMoyen
74Libraryxxxxxxx/xxxxx/xxxx.xpredictiveÉlevé
75Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveÉlevé
76Libraryxxx/xxx_xxxx.xpredictiveÉlevé
77Libraryxxx/xxxxxxxxxxxx.xpredictiveÉlevé
78Libraryxxx/xxxx_xxxxx.xpredictiveÉlevé
79Libraryxxx/xxx_xxxx.xpredictiveÉlevé
80Libraryxxx/xxxpredictiveFaible
81Libraryxxx/xxxxxxxxxxx.xpredictiveÉlevé
82Libraryxxxxxxxx.xxxpredictiveMoyen
83Libraryxxxx.xpredictiveFaible
84ArgumentxxxxxxpredictiveFaible
85Argumentxxxxx_xxpredictiveMoyen
86ArgumentxxxxpredictiveFaible
87ArgumentxxxxpredictiveFaible
88ArgumentxxxxxxxxxxxxxxxxpredictiveÉlevé
89Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveÉlevé
90Argumentxx-xxxxxxpredictiveMoyen
91ArgumentxxxxxxxxpredictiveMoyen
92ArgumentxxxxxxxxpredictiveMoyen
93Argumentxx_xxxx_xxxpredictiveMoyen
94ArgumentxxxxxxxxxxxpredictiveMoyen
95ArgumentxxxpredictiveFaible
96Argumentxxxxxxx_xxxxpredictiveMoyen
97ArgumentxxxxpredictiveFaible
98Argumentxxxxxx_xxxxpredictiveMoyen
99ArgumentxxxxxxxpredictiveFaible
100Argumentx_xxxxpredictiveFaible
101ArgumentxxxxpredictiveFaible
102ArgumentxxpredictiveFaible
103ArgumentxxpredictiveFaible
104ArgumentxxxxxpredictiveFaible
105Argumentxxx_xxpredictiveFaible
106Argumentxxxxx_xxxpredictiveMoyen
107ArgumentxxxxxxxpredictiveFaible
108ArgumentxxxxxxxxpredictiveMoyen
109ArgumentxxxxxxxxxpredictiveMoyen
110Argumentxxx_xxxxxxpredictiveMoyen
111Argumentxxx.xxpredictiveFaible
112ArgumentxxxxxxpredictiveFaible
113Argumentxxx_xxxxxxpredictiveMoyen
114Argumentxx_xxxxx_xxxxxxxpredictiveÉlevé
115Argumentxxxx_xxxxxx_xxxxxpredictiveÉlevé
116ArgumentxxxxxxxpredictiveFaible
117ArgumentxxxxxxxpredictiveFaible
118Argumentxxxxxxxx/xxxxxxpredictiveÉlevé
119ArgumentxxxxxxxxxxxpredictiveMoyen
120Argumentxxxx_xxxxxxx_xxxxpredictiveÉlevé
121ArgumentxxxxpredictiveFaible
122Argumentxxxx/xxxxxxxxpredictiveÉlevé
123Argumentxxxx_xxpredictiveFaible
124Argumentxxxxxx xxxxxpredictiveMoyen
125Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveÉlevé
126Argumentxxxx_xxxxxpredictiveMoyen
127Argumentxxxx_xxpredictiveFaible
128Argumentxxxx_xxxxpredictiveMoyen
129ArgumentxxxxxpredictiveFaible
130Argumentx-xxxxxxxxx-xxxpredictiveÉlevé
PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!