Sektor Lawfirm

Timeframe: -28 days

Default Categories (75): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Artificial Intelligence Software, Asset Management Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chat Software, Cloud Software, Communications System, Connectivity Software, Content Management System, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Tablet Operating System, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Oś czasu

Sprzedawca

Oracle238
Not Defined68
Apple60
Google42
Samsung34

Produkt

Samsung Smart Phone26
Google Android24
Oracle Communications Cloud Native Core Binding Su ...22
Apple macOS22
Apple iOS18

Przeciwdziałanie

Official Fix558
Temporary Fix0
Workaround0
Unavailable0
Not Defined78

Wykorzystywanie

High0
Functional0
Proof-of-Concept20
Unproven2
Not Defined614

Wektor dostępu

Not Defined0
Physical4
Local108
Adjacent60
Network464

Uwierzytelnianie

Not Defined0
High54
Low232
None350

Interakcja z użytkownikiem

Not Defined0
Required170
None466

C3BM Index

CVSSv3 Base

≤10
≤20
≤38
≤452
≤5104
≤6118
≤7146
≤8134
≤920
≤1054

CVSSv3 Temp

≤10
≤20
≤310
≤456
≤598
≤6176
≤7102
≤8126
≤916
≤1052

VulDB

≤10
≤22
≤314
≤472
≤5102
≤6114
≤7118
≤8144
≤914
≤1056

NVD

≤1492
≤20
≤30
≤42
≤52
≤610
≤716
≤870
≤912
≤1032

CNA

≤1454
≤20
≤30
≤412
≤520
≤630
≤734
≤856
≤920
≤1010

Sprzedawca

≤1630
≤20
≤30
≤40
≤52
≤60
≤70
≤80
≤94
≤100

Exploit 0-day

<1k46
<2k110
<5k30
<10k108
<25k248
<50k34
<100k60
≥100k0

Wykorzystaj dzisiaj

<1k160
<2k138
<5k154
<10k80
<25k86
<50k18
<100k0
≥100k0

Wykorzystaj wielkość rynku

IOB - Indicator of Behavior (1000)

Oś czasu

Język

en958
ja16
de10
it4
fr4

Kraj

us202
hu50
it42
jp16
de14

Aktorzy

Mustang Panda1
Carbanak1
Naikon1
TrickBot1
Conti1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Cloud Software104
Content Management System8
Web Browser8
Smartphone Operating System6
Firewall Software6

Sprzedawca

Oracle104
Not Defined14
Samsung8
Western Digital6
F56

Produkt

Oracle Communications Cloud Native Core Binding Su ...20
Oracle Communications Diameter Signaling Router10
Oracle Communications Cloud Native Core Unified Da ...8
Oracle Communications Cloud Native Core Console8
Oracle Communications Cloud Native Core Network Re ...8

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Microsoft Edge nieznana luka4.33.9$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix3.140.00000CVE-2023-21794
2Calendar Event Management System sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.630.00890CVE-2023-0675
3SiteFusion Application Server Extension getextension.php directory traversal3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.280.01018CVE-2016-15023
4Calendar Event Management System Login Page sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.110.00954CVE-2023-0663
5webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.990.00950CVE-2015-10077
6Oracle Communications Cloud Native Core Binding Support Function Install/Upgrade information disclosure5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.760.00950CVE-2022-24823
7eXo Chat Application Mention ExoChatMessageComposer.vue cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.050.01034CVE-2022-4902
8DaSchTour matomo-mediawiki-extension Username Piwik.hooks.php cross site scripting2.62.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.850.00950CVE-2017-20175
9tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.850.00950CVE-2015-10073
10Oracle Communications Cloud Native Core Network Function Cloud Native Environment Oracle Linux 8 denial of service7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.760.01108CVE-2022-0934
11isoftforce Dreamer CMS cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.820.00950CVE-2023-0513
12Oracle Communications Cloud Native Core Console Configuration denial of service7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.700.00885CVE-2022-2053
13Oracle Communications Cloud Native Core Network Repository Function Installation denial of service6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.580.00885CVE-2022-38752
14Oracle Communications Diameter Signaling Router Virtual Network Function Manager race condition7.06.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.580.03090CVE-2022-3028
15Oracle Communications Cloud Native Core Console Configuration denial of service6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.620.00954CVE-2022-3171
16Oracle Communications Cloud Native Core Security Edge Protection Proxy Configuration denial of service7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.640.01108CVE-2022-42003
17Avery Dennison Monarch Printer M9855 cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined1.34-0.00885CVE-2022-44261
18Oracle Communications Cloud Native Core Policy Signaling denial of service6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.530.00885CVE-2022-38752
19Oracle Communications Diameter Signaling Router Platform privilege escalation6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.640.11687CVE-2022-31629
20Oracle Communications Cloud Native Core Automated Test Suite ATS Framework denial of service6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.530.00885CVE-2022-38752

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAktorRodzajPewność siebie
165.19.141.0/24CarbanakpredictiveWysoki
2XX.XXX.XXX.X/XXXxxxxxxxpredictiveWysoki
3XXX.XX.XX.X/XXXxxxxxx XxxxxpredictiveWysoki
4XXX.XXX.XXX.X/XXXxxxxxxxxxpredictiveWysoki

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22, CWE-23Pathname TraversalpredictiveWysoki
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveWysoki
3T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveWysoki
4T1059.007CWE-79Cross Site ScriptingpredictiveWysoki
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveWysoki
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveWysoki
7TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveWysoki
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveWysoki
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
11TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveWysoki
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveWysoki
13TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveWysoki
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveWysoki
16TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxxpredictiveWysoki
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveWysoki
18TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveWysoki
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveWysoki
22TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveWysoki

IOA - Indicator of Attack (92)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/api/v1/registration/validateEmailpredictiveWysoki
2File/CPEpredictiveNiski
3File/file_manage_view.php?fmdo=edit&filenamepredictiveWysoki
4File/goform/formEasySetupWizard3predictiveWysoki
5File/goform/formLoginpredictiveWysoki
6File/goform/formSchedulepredictiveWysoki
7File/goform/formSetACLFilterpredictiveWysoki
8File/goform/formSetEmailpredictiveWysoki
9File/goform/formSetRoutepredictiveWysoki
10File/goform/formSetWanDhcppluspredictiveWysoki
11File/goform/formWlanGuestSetuppredictiveWysoki
12File/xxxxxx/xxxxxxxpredictiveWysoki
13File/xxxxx.xxxpredictiveMedium
14File/xxxx.xxxpredictiveMedium
15File/xxx/xxxxxx/xxxxxxxxx/xxxx/xxxxxxxxxxxxpredictiveWysoki
16File/xxxxxxxxxxx/xxxxxx/x---predictiveWysoki
17File/xxxxxxxx/xxxx.xxxx/xxxxxxxxxpredictiveWysoki
18File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxpredictiveWysoki
19File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxpredictiveWysoki
20File/xxxx/xxx/xxxxxxxxxxxpredictiveWysoki
21File/xxxxx/xxxxxx/xpredictiveWysoki
22Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
23Filexxxxxxxxxxxxxxx.xxxpredictiveWysoki
24Filexxxxxxxxxxx/xxx/xxxx/xxxxxx/xxx-xxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
25Filexxxx.xpredictiveNiski
26Filexxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
27Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
28Filexxxxxx.xpredictiveMedium
29Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
30Filexxxx/xxxxxxx/xxxxxxxxxxxxx.xxxpredictiveWysoki
31Filexxxxxx.xpredictiveMedium
32Filexxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxxpredictiveWysoki
33Filexxxxxxxxx.xxxxpredictiveWysoki
34Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveWysoki
35Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveWysoki
36Filexxxxxxxxxxxx.xxxpredictiveWysoki
37Filexxx_xxx.xpredictiveMedium
38Filexxxxxxxxxxxxxx.xxxpredictiveWysoki
39Filexxxxx.xxxpredictiveMedium
40Filexx_xxxxx/xxxxxxxxx.xpredictiveWysoki
41Filexx_xxxxx/xxxx.xpredictiveWysoki
42Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
43Filexxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxxx.xxpredictiveWysoki
44Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
45Filexxx/xxxx/xxx.xpredictiveWysoki
46Filexxx/xxxxx/xxx_xxx.xpredictiveWysoki
47Filexxx_xxxxxxx.xpredictiveWysoki
48Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
49Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveWysoki
50Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
51Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
52Filexxxxx.xxxxx.xxxpredictiveWysoki
53Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
54Filexxxxxxx.xxxpredictiveMedium
55Filexxxxxx/xxxx.xxpredictiveWysoki
56Filexxxxxxxx.xxxxpredictiveWysoki
57Filexxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
58Filexxxxxxxxxxxxx.xxxxpredictiveWysoki
59Filexxxxx/xxxxxxxx.xpredictiveWysoki
60Filexxxxxxxxxx.xxxxpredictiveWysoki
61Filexxxxxxx.xxxx.xxxpredictiveWysoki
62File\xxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxx.xxxxx.xxxpredictiveWysoki
63Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveWysoki
64Argumentxxxxxx-xxxxxxxxpredictiveWysoki
65ArgumentxxxxxxxpredictiveNiski
66ArgumentxxxpredictiveNiski
67ArgumentxxxpredictiveNiski
68Argumentxxx_xxxxpredictiveMedium
69Argumentxxxxxx.xxxx_xxxxx_xxxxxxxpredictiveWysoki
70ArgumentxxxxxxxpredictiveNiski
71ArgumentxxxxxxxpredictiveNiski
72ArgumentxxxxxxpredictiveNiski
73ArgumentxxxxxxpredictiveNiski
74ArgumentxxxxxxxxpredictiveMedium
75ArgumentxxxxpredictiveNiski
76Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveWysoki
77ArgumentxxxxpredictiveNiski
78ArgumentxxxxpredictiveNiski
79Argumentxxxx/xxxpredictiveMedium
80Argumentxx_xxxpredictiveNiski
81Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveWysoki
82ArgumentxxxxxxxxxxpredictiveMedium
83ArgumentxxxxxxxpredictiveNiski
84Argumentxxxxx/xxxpredictiveMedium
85ArgumentxxxxxxxpredictiveNiski
86ArgumentxxxxpredictiveNiski
87ArgumentxxxxxxxpredictiveNiski
88Argumentxxxx-xxxxxpredictiveMedium
89ArgumentxxxxxxxxpredictiveMedium
90Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
91Argumentxxx_xxxxxxxxxpredictiveWysoki
92ArgumentxxxxxxxpredictiveNiski
PoprzedniPrzeglądKolejny

Want to stay up to date on a daily basis?

Enable the mail alert feature now!