Magento-analytics Análise

IOB - Indicator of Behavior (67)

Curso de tempo

Idioma

en52
zh6
it2
fr2
es2

País

us42
cn24
gb2

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

PHP4
Dream4 Koobi CMS2
ForLogic Qualiex2
Rabbitmq Docker Image2
DZCP deV!L`z Clanportal2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.520.00943CVE-2010-0966
3Wireless IP Camera WIFICAM ini File direitos alargados7.57.2$0-$5kCalculadoNot DefinedOfficial Fix0.000.00260CVE-2017-8225
4HP Color LaserJet Pro M280-M281 Multifunction Printer Embedded Web Server Reflected Roteiro Cruzado de Sítios5.25.2$5k-$25k$5k-$25kNot DefinedNot Defined0.040.00058CVE-2019-6323
5HP DeskJet 3630 Falsificação de Pedido Cross Site6.26.2$5k-$25k$0-$5kNot DefinedNot Defined0.000.00053CVE-2019-6319
6HP Print/Digital Sending Link-Local Multicast Name Resolution Excesso de tampão6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00376CVE-2021-3942
7HP inkjet/LaserJet Pro/PageWide Pro Privilege Escalation8.08.0$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00363CVE-2022-28721
8Oracle HTTP Server SSL Module Excesso de tampão9.89.6$100k e mais$5k-$25kNot DefinedOfficial Fix0.020.15087CVE-2022-23943
9Zoho ManageEngine Desktop Central ZIP Archive Fraca autenticação6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00282CVE-2021-44757
10Zoho ManageEngine ServiceDesk Plus MSP web.xml Directório Traversal6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01596CVE-2022-32551
11SUSE Rancher direitos alargados7.57.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00096CVE-2022-31247
12Rabbitmq Docker Image Fraca autenticação9.89.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00661CVE-2020-35196
13JetBrains IntelliJ IDEA Privilege Escalation6.36.0$0-$5kCalculadoNot DefinedOfficial Fix0.030.00221CVE-2021-45977
14Oracle Communications Policy Management CMP direitos alargados9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.97493CVE-2022-22965
15Microsoft Windows Hyper-V Privilege Escalation8.07.3$100k e mais$5k-$25kUnprovenOfficial Fix0.020.00088CVE-2022-24537
16Watchguard Firebox/XTM Remote Code Execution6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.03712CVE-2022-26318
17node-ipc direitos alargados8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00582CVE-2022-23812
18Cisco ASA SSL VPN direitos alargados6.26.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00109CVE-2019-12677
19Openfind Mail2000 Access Control direitos alargados6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.050.00087CVE-2020-12776
20Oracle Graph Server and Client Packaging/install issues Remote Code Execution8.38.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.01275CVE-2021-2351

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1006CWE-22Path TraversalpredictiveAlto
2T1059CWE-94Argument InjectionpredictiveAlto
3T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
4TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
6TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
9TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
11TXXXX.XXXCWE-XXXXxxxxxxxpredictiveAlto
12TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (23)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File//predictiveBaixo
2File/interceptor/OutgoingChainInterceptor.javapredictiveAlto
3File/uncpath/predictiveMédio
4File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveAlto
5Filexxxxxxxxx.xpredictiveMédio
6Filexxxxxxx_xxx.xxxpredictiveAlto
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
8Filexxxx.xxxpredictiveMédio
9Filexxx/xxxxxx.xxxpredictiveAlto
10Filexxxxx.xxxpredictiveMédio
11Filexxxxx.xxxxpredictiveMédio
12Filexxxxxxxxxx.xxxpredictiveAlto
13Filexxxxxxxx.xxxpredictiveMédio
14Filexxxxxx.xxxpredictiveMédio
15Filexxxxxx/xxx.xxxpredictiveAlto
16ArgumentxxxxpredictiveBaixo
17ArgumentxxxxxxxxpredictiveMédio
18Argumentxxxxxxxxx-xxxxxxx/xxxxxxxxx/xxxxxxxxxxpredictiveAlto
19Argumentxxxxxx_xxpredictiveMédio
20ArgumentxxxxxxxxpredictiveMédio
21ArgumentxxpredictiveBaixo
22ArgumentxxxxxxxxpredictiveMédio
23ArgumentxxxpredictiveBaixo

Referências (4)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!