DNSLock Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (11)

Oś czasu

Język

fr	10
en	2

Kraj

us	12

Aktorzy

DNSLock	2

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Not Defined	12

Sprzedawca

SAP	10
Foxit	2

Produkt

SAP 3D Visual Enterprise Viewer	8
SAP Business Planning and Consolidation	2
Foxit PhantomPDF	2

Luki w zabezpieczeniach

#	Słaby punkt	Base	Temp	0day	Dzisiaj	Wyk	Prz	EPSS	CTI	CVE
1	foreman-debug Log File Password privilege escalation	5.9	5.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00226	0.03	CVE-2016-9593
2	Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service weak authentication	5.4	5.4	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00207	0.00	CVE-2020-17409
3	Foxit PhantomPDF U3D Object information disclosure	3.8	3.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00119	0.00	CVE-2020-17411
4	Foxit PhantomPDF U3D Object information disclosure	6.0	6.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00304	0.00	CVE-2020-17412
5	SAP Business Planning and Consolidation cross site scripting	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00054	0.00	CVE-2020-6368
6	SAP NetWeaver Application Server ABAP information disclosure	4.3	4.3	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00054	0.00	CVE-2020-6371
7	SAP 3D Visual Enterprise Viewer PDF File denial of service	6.0	6.0	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00081	0.00	CVE-2020-6372
8	SAP 3D Visual Enterprise Viewer PDF File denial of service	6.0	6.0	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00081	0.00	CVE-2020-6373
9	SAP 3D Visual Enterprise Viewer JT File denial of service	6.0	6.0	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00081	0.00	CVE-2020-6374
10	SAP 3D Visual Enterprise Viewer CGM File denial of service	4.9	4.9	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00061	0.00	CVE-2020-6375
11	SAP 3D Visual Enterprise Viewer RH File denial of service	4.5	4.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00061	0.00	CVE-2020-6376

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adres IP	Hostname	Aktor	Identified	Rodzaj	Pewność siebie
1	18.220.249.233	ec2-18-220-249-233.us-east-2.compute.amazonaws.com	DNSLock	2022-04-08	verified	Medium
2	52.77.199.193	ec2-52-77-199-193.ap-southeast-1.compute.amazonaws.com	DNSLock	2022-04-08	verified	Medium
3	XX.XXX.XXX.XX	xxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxx	2022-04-08	verified	Medium
4	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxx	2022-04-08	verified	Medium
5	XX.XXX.XX.XX		Xxxxxxx	2022-04-08	verified	Wysoki
6	XX.XXX.XXX.XXX		Xxxxxxx	2022-04-08	verified	Wysoki

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Luki w zabezpieczeniach	Wektor dostępu	Rodzaj	Pewność siebie
1	T1059.007	CWE-79	Cross Site Scripting	predictive	Wysoki
2	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
3	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Wysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PoprzedniPrzeglądKolejny ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!