Settore Education

Timeframe: -28 days

Default Categories (58): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Blog Software, Calendar Software, Chat Software, Cloud Software, Communications System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Firewall Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Learning Management Software, Library Management System Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Spreadsheet Software, SSH Server Software, Survey Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Linux318
Microsoft150
Oracle60
Not Defined56
Mozilla20

Prodotto

Linux Kernel318
Microsoft Windows100
Microsoft SQL Server36
Microsoft OLE DB Driver32
Oracle MySQL Server20

Contromisure

Official Fix702
Temporary Fix0
Workaround4
Unavailable0
Not Defined134

Sfruttabilità

High2
Functional4
Proof-of-Concept26
Unproven138
Not Defined670

Accesso al vettore

Not Defined0
Physical12
Local90
Adjacent356
Network382

Autenticazione

Not Defined0
High80
Low484
None276

Interazione dell'utente

Not Defined0
Required170
None670

C3BM Index

CVSSv3 Base

≤10
≤20
≤326
≤478
≤5182
≤6254
≤7114
≤8118
≤964
≤104

CVSSv3 Temp

≤10
≤20
≤328
≤488
≤5174
≤6324
≤7106
≤8104
≤912
≤104

VulDB

≤10
≤20
≤326
≤498
≤5174
≤6246
≤7112
≤8124
≤956
≤104

NVD

≤1840
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1640
≤20
≤38
≤414
≤532
≤646
≤722
≤854
≤916
≤108

Fornitore

≤1696
≤20
≤30
≤40
≤52
≤614
≤724
≤848
≤956
≤100

Exploiter 0 giorni

<1k22
<2k148
<5k36
<10k370
<25k122
<50k116
<100k26
≥100k0

Exploiter aujourd'hui

<1k272
<2k210
<5k148
<10k112
<25k90
<50k8
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en608
ja188
es72
de40
ru24

Nazione

jp232
us186
gb52
de48
ru44

Attori

Mirai3
AsyncRAT2
Cobalt Strike2
Bashlite1
Sliver1

Attività

Interesse

Sequenza temporale

Genere

Operating System56
Web Browser24
Web Server14
Database Software12
Virtualization Software12

Fornitore

Linux44
Microsoft18
Oracle18
Google16
Not Defined14

Prodotto

Linux Kernel44
Google Chrome16
Microsoft Windows10
Oracle MySQL Server8
cym1102 nginxWebUI8

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1Google Chrome ANGLE escalazione di privilegi6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000007.98CVE-2024-4058
2Ruby Regex Search buffer overflow3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000005.32CVE-2024-27282
3Cisco ASA/Firepower Threat Defense Web Server denial of service8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.011793.68CVE-2024-20353
4Cisco ASA/Firepower Threat Defense escalazione di privilegi6.76.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000432.71CVE-2024-20358
5Cisco ASA/Firepower Threat Defense Legacy Capability escalazione di privilegi5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.011792.27CVE-2024-20359
6Google Chrome Dawn buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000001.50CVE-2024-4060
7PHP proc_open escalazione di privilegi7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.35CVE-2024-1874
8Google Chrome V8 API rivelazione di un 'informazione6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000001.02CVE-2024-4059
9Xiamen Four-Faith RMP Router Management Platform sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.54CVE-2024-3688
10Xpdf Type 1 Font buffer overflow3.03.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.59CVE-2024-4141
11Eli Scheetz Anti-Malware Security and Brute-Force Firewall Plugin escalazione di privilegi8.18.0$0-$5k$0-$5kNot DefinedNot Defined0.000000.49-CVE-2024-22144
12Hyperion Web Server URL cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000000.49CVE-2024-4174
13Apple macOS App buffer overflow5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.29CVE-2024-27791
14Red Hat Keycloak dbProperties rivelazione di un 'informazione5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.34CVE-2024-1102
15Apple macOS Website escalazione di privilegi6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.29CVE-2024-23271
16Palo Alto Networks PAN-OS GlobalProtect escalazione di privilegi8.98.7$0-$5k$0-$5kHighOfficial Fix0.953590.44CVE-2024-3400
17Apple Safari Website escalazione di privilegi6.36.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000450.34CVE-2024-23271
18PHP password_verify vulnerabilità sconosciuta3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000000.34CVE-2024-3096
19Red Hat OpenShift Container Platform denial of service6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.29CVE-2023-6596
20Vesystem Cloud Desktop fileupload.php escalazione di privilegi6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.29CVE-2024-3803

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
11.34.135.0/24MiraipredictiveAlto
22.57.122.0/24MiraipredictiveAlto
3X.XX.XXX.X/XXXxxxxxpredictiveAlto
4XX.XXX.XX.X/XXXxxxxxxxxpredictiveAlto
5XX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxpredictiveAlto
7XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
8XX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
9XXX.XX.XXX.X/XXXxxxxxxxxpredictiveAlto
10XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
11XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
12XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
13XXX.XX.X.X/XXXxxxxxxxpredictiveAlto
14XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
15XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
16XXX.XXX.XX.X/XXXxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-23, CWE-35Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
11TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
16TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveAlto
17TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
18TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
20TXXXXCAPEC-464CWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveAlto
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
23TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (124)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/adminPage/conf/reloadpredictiveAlto
2File/adminPage/conf/saveCmdpredictiveAlto
3File/adminPage/main/uploadpredictiveAlto
4File/adminPage/www/addOverpredictiveAlto
5File/api/runs/search/run/predictiveAlto
6File/CMD0/xml_modes.xmlpredictiveAlto
7File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveAlto
8File/etc/passwdpredictiveMedia
9File/fftools/ffmpeg_enc.cpredictiveAlto
10File/loginpredictiveBasso
11File/Public/webuploader/0.1.5/server/fileupload.phppredictiveAlto
12File/Public/webuploader/0.1.5/server/fileupload2.phppredictiveAlto
13File/sys/kernel/notespredictiveAlto
14File/webeditor/predictiveMedia
15Fileadd-vehicle.phppredictiveAlto
16Fileadmin-manage-user.phppredictiveAlto
17Filexxxxx-xxxxxxxx-xxxxxx.xxxpredictiveAlto
18Filexx_xxxxxxxxxxxxxx.xpredictiveAlto
19Filexxxxxxxxxxxxxxx.xxxpredictiveAlto
20Filexxxxxxx.xxxpredictiveMedia
21Filexxxxxxxxxxxxx.xxxpredictiveAlto
22Filexxxxxxxxxxx.xxxpredictiveAlto
23Filexxxxxxxxxxx.xxxpredictiveAlto
24Filexxxxxxxxx.xpredictiveMedia
25Filexxxxxxxxxxx.xxxpredictiveAlto
26Filexxxxxxxx.xxxpredictiveMedia
27Filexxxxxxxxxx-xxxx.xxxpredictiveAlto
28Filexxxxx/xxx-xxxxxx.xpredictiveAlto
29Filexxxxx/xxx-xx-xxx.xpredictiveAlto
30Filexxx_xxx.xxxxpredictiveMedia
31Filexxxx_xxxxxxx.xxpredictiveAlto
32Filexxxxxx/xxxxxx_xxxxxx.xpredictiveAlto
33Filexx_xxx.xpredictiveMedia
34Filexxxxxxxxxxxxxx.xxxpredictiveAlto
35Filexxxxxxxxx.xxxpredictiveAlto
36Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx_xxxx.xpredictiveAlto
37Filexxxxxxx/xxx/xxxx/xxx.xpredictiveAlto
38Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveAlto
39Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveAlto
40Filexxxx-xxxx.xxxpredictiveAlto
41Filexx/xxxxx/xxxx-xx.xpredictiveAlto
42Filexx/xxxx/xxxx.xpredictiveAlto
43Filexxxxxxx.xxpredictiveMedia
44FilexxxxxpredictiveBasso
45Filexxxxx_xxxxxxpredictiveMedia
46Filexx/xxx/xxx_xx_xxx.xpredictiveAlto
47Filexxxxxxx/xxxxx/xxxxxxxxxxxx.xpredictiveAlto
48Filexxxxxxx/xxxxx/xxxxxx.xpredictiveAlto
49Filexxxxx.xpredictiveBasso
50Filexxxxxx/xxx/xxxxxx.xpredictiveAlto
51Filexxxxxx/xxx/xxxxx.xpredictiveAlto
52Filexxxxxx/xxxx_xxxxx.xpredictiveAlto
53Filexxxxxx/xxx/xxxx.x:predictiveAlto
54Filexxxxxxxxxx/xxx_xxxx_xxxxxx_xxxxxxxx.xpredictiveAlto
55Filexxxxxxxxxx/xxxxxx_xxxxxx.xpredictiveAlto
56Filexxxxxxxxxxx/xxxx_xxxxxxx.xpredictiveAlto
57Filexxxxxxxxxxx/xxx_xxxxxxxxxxxx.xpredictiveAlto
58Filexxxxxxxxxxx/xxx_xxxxxxxxx.xpredictiveAlto
59Filexxxxxxxxxxx/xxxxxxxx.xpredictiveAlto
60Filexxxxxxxxxxx/xxxx_xxxxxxxx.xpredictiveAlto
61Filexxxxxxxxxxx/x_xxxxxxx.xpredictiveAlto
62Filexxxxxxxxxxx/xx_xxxxxxxxx.xpredictiveAlto
63Filexxxxxxxxxxx/xx_xxxxxxxxxxxx.xpredictiveAlto
64Filexxxxxxxxx/xxxxxxxx.xpredictiveAlto
65Filexxxxxxxxx/xxx.xpredictiveAlto
66Filexxxxxxx/xxxxxx.xxxpredictiveAlto
67Filexx/xxxx_xxxxx.xpredictiveAlto
68Filexx/xxxxxxxx.xpredictiveAlto
69Filexxx/xxx/xxx_xxxxxx.xpredictiveAlto
70Filexxxxxxxxx.xxxpredictiveAlto
71Filexxx.xpredictiveBasso
72Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveAlto
73Filexxxxx_xxxx.xpredictiveMedia
74Filexxxx-xxxxxxx.xxxpredictiveAlto
75Filexxxx_xxxxxx.xxpredictiveAlto
76Filexxxxxxxxxxxx/xxxxxxxxx.xpredictiveAlto
77Filexxxxxx-xxxxx.xxxpredictiveAlto
78Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveAlto
79File_xxxxxxxxxx.xpredictiveAlto
80Libraryxxxx.xxxpredictiveMedia
81Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveAlto
82Libraryxxx/xxxxxxxxxxxx.xpredictiveAlto
83Libraryxxx/xxxx_xxxxx.xpredictiveAlto
84Libraryxxx/xxx_xxxx.xpredictiveAlto
85Libraryxxx/xxxx_xxxxx.xpredictiveAlto
86Libraryxxx/xxxxxx.xpredictiveMedia
87Libraryxxx/xxx_xxxxxxx.xpredictiveAlto
88Libraryxxx/xxxxxxxxxxx.xpredictiveAlto
89Libraryxxx/xxxxxxxx.xpredictiveAlto
90Libraryxxxxxxxx.xxxpredictiveMedia
91Libraryxxxx.xpredictiveBasso
92Libraryxxxx-xxxxxx.xxxpredictiveAlto
93ArgumentxxxxxxpredictiveBasso
94Argumentxxxxxxxxxxxxx xxxxx xxxxxxxpredictiveAlto
95Argumentxxxxx_xxpredictiveMedia
96ArgumentxxxxpredictiveBasso
97ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
98Argumentxx-xxxxxxpredictiveMedia
99Argumentxx_xxxx_xxxpredictiveMedia
100ArgumentxxxpredictiveBasso
101ArgumentxxxxxxxpredictiveBasso
102Argumentxxxxxxx_xxxxpredictiveMedia
103ArgumentxxxxpredictiveBasso
104ArgumentxxxxxxxpredictiveBasso
105Argumentxx/xxx/xxxxxpredictiveMedia
106ArgumentxxxxxpredictiveBasso
107Argumentxxx_xxxxxxxpredictiveMedia
108Argumentxxxxx_xxxpredictiveMedia
109ArgumentxxxxxxxpredictiveBasso
110ArgumentxxxxxxxxpredictiveMedia
111ArgumentxxxxxxxxxpredictiveMedia
112Argumentxxx_xxxxxxpredictiveMedia
113Argumentxxxxxxx_xxxxx_xxxxxxpredictiveAlto
114ArgumentxxxxxxxpredictiveBasso
115ArgumentxxxxxpredictiveBasso
116ArgumentxxxxxxxxxxxpredictiveMedia
117Argumentxxxx_xxxxxxx_xxxxpredictiveAlto
118ArgumentxxxxpredictiveBasso
119Argumentxxxx/xxxxxxxxpredictiveAlto
120Argumentxxxx_xxpredictiveBasso
121ArgumentxxxxxxxxpredictiveMedia
122Argumentxxxxxx xxxxxpredictiveMedia
123Argumentxxxx_xxpredictiveBasso
124Argumentx-xxxxxxxxx-xxxpredictiveAlto
PrecedenteVisione D'insiemeIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!