Bisonal 解析

IOB - Indicator of Behavior (16)

タイムライン

言語

en12
zh2
it2

国・地域

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Bitrix2
Tiki TikiWiki2
Bitrix Site Manager2
furlongm openvpn-monitor2
Linux Kernel2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Bitrix Site Manager redirect.php 特権昇格5.34.7$0-$5k$0-$5kUnprovenUnavailable0.030.00113CVE-2008-2052
2FLDS redir.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.050.00203CVE-2008-5928
3Idera Travis CI Activation .travis.yml 情報の漏洩2.62.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00152CVE-2021-41077
4Autoptimize Plugin Import 特権昇格5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01096CVE-2021-24376
5Bitrix Upload from Local Disk Feature restore.php 特権昇格6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00049CVE-2022-29268
6Bitrix Site Manager Vote Module Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00668CVE-2022-27228
7SSH Agent Plugin 特権昇格3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2022-20620
8CodeIgniter Sendmail Email.php 特権昇格8.58.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.04920CVE-2016-10131
9Atlassian Bitbucket Data Center ディレクトリトラバーサル8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00441CVE-2019-3397
10furlongm openvpn-monitor Management Interface Socket 特権昇格3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00120CVE-2021-31605
11VMware vCenter Server Analytics Service 特権昇格8.68.5$5k-$25k$0-$5kFunctionalOfficial Fix0.020.97389CVE-2021-22005
12WordPress HTML Element general-template.php クロスサイトスクリプティング4.44.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00094CVE-2017-17093
13Linux Kernel UDP Packet udp.c 特権昇格8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.04837CVE-2016-10229
14Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
15Tiki TikiWiki tiki-editpage.php 特権昇格7.36.6$0-$5k計算中Proof-of-ConceptOfficial Fix0.050.01194CVE-2004-1386
16INFINICART browse_group.asp SQLインジェクション7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00262CVE-2006-5957

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-22Path Traversalpredictive
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3TXXXXCWE-XXXxxxxxxx Xxxxxxxxxpredictive
4TXXXX.XXXCWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
5TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
7TXXXXCWE-XXXxx Xxxxxxxxxpredictive
8TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
9TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File.travis.ymlpredictive
2Filebrowse_group.asppredictive
3Filedata/gbconfiguration.datpredictive
4Filexxxxx.xxxpredictive
5Filexxxxxxxx.xxxpredictive
6Filexxxxxxx.xxxpredictive
7Filexxxx-xxxxxxxx.xxxpredictive
8Filexxx.xpredictive
9Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxpredictive
10Libraryxxxxxx/xxxxxxxxx/xxxxx.xxxpredictive
11Argumentxxxxx->xxxxpredictive
12Argumentxxxxpredictive
13Argumentxxpredictive
14Argumentxxxxpredictive
15Argumentxxxxxpredictive
16Network Portxxxpredictive

参考 (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!