Sektor Education

Timeframe: -28 days

Default Categories (58): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Blog Software, Calendar Software, Chat Software, Cloud Software, Communications System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Firewall Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Learning Management Software, Library Management System Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Spreadsheet Software, SSH Server Software, Survey Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Tidslinje

Säljare

Apple96
Mozilla80
Not Defined44
Microsoft42
Google26

Produkt

Apple macOS52
Mozilla Thunderbird40
Mozilla Firefox34
Apple tvOS30
Google Chrome26

Åtgärd

Official Fix372
Temporary Fix0
Workaround6
Unavailable0
Not Defined68

Utnyttjbarhet

High0
Functional2
Proof-of-Concept12
Unproven38
Not Defined394

Åtkomstvektor

Not Defined0
Physical8
Local42
Adjacent66
Network330

Autentisering

Not Defined0
High32
Low190
None224

Användarinteraktion

Not Defined0
Required198
None248

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤432
≤590
≤674
≤7142
≤852
≤942
≤104

CVSSv3 Temp

≤10
≤20
≤316
≤428
≤592
≤6168
≤764
≤850
≤926
≤102

VulDB

≤10
≤22
≤314
≤442
≤582
≤674
≤7150
≤838
≤940
≤104

NVD

≤1406
≤20
≤32
≤40
≤56
≤610
≤72
≤84
≤914
≤102

CNA

≤1384
≤20
≤32
≤42
≤52
≤66
≤716
≤818
≤912
≤104

Säljare

≤1406
≤20
≤30
≤40
≤50
≤64
≤78
≤826
≤92
≤100

Utnyttja 0-dagars

<1k14
<2k90
<5k44
<10k94
<25k146
<50k36
<100k22
≥100k0

Utnyttja idag

<1k112
<2k70
<5k112
<10k92
<25k60
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

IOB - Indicator of Behavior (1000)

Tidslinje

Lang

en648
ja240
ru34
zh30
fr14

Land

jp280
us186
cn64
ru32
it24

Skådespelare

Patchwork1

Aktiviteter

Intressera

Tidslinje

Typ

Web Browser48
Operating System30
Mail Client Software22
Router Operating System20
Firewall Software10

Säljare

Mozilla62
Not Defined20
Microsoft14
Apple10
IBM10

Produkt

Mozilla Firefox36
Mozilla Thunderbird22
Microsoft Windows8
Google Chrome8
IBM AIX8

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemCTIEPSSCVE
1Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect minneskorruption8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix7.850.00950CVE-2022-47939
2Linux Kernel ksmbd smb2misc.c smb2_get_data_area_len informationsgivning3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix2.600.00950CVE-2022-47943
3Linux Kernel ksmbd smb2pdu.c smb2_write informationsgivning4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix2.550.00950CVE-2022-47940
4Squid Web Proxy SSPI/SMB minneskorruption4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix1.250.00000CVE-2022-41318
5Slixmpp XMLStream svag autentisering5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix1.400.00950CVE-2022-45197
6VMware ESXi/Workstation/Fusion/Cloud Foundation USB 2.0 controller minneskorruption8.88.4$5k-$25k$5k-$25kNot DefinedOfficial Fix1.040.01036CVE-2022-31705
7TP-Link TL-WR740N ARP förnekande av tjänsten6.55.7$0-$5k$0-$5kProof-of-ConceptWorkaround0.990.00885CVE-2022-4296
8sproctor php-calendar index.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.990.00885CVE-2022-4455
9Linux Kernel smb2misc.c smb2_get_data_area_len informationsgivning3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.890.00950CVE-2022-47938
10Openstack Kolla sudoers privilegier eskalering8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.770.00885CVE-2022-38060
11D-Link DIR-882 SetWan3Settings Module minneskorruption5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.620.00885CVE-2022-46570
12Squid Web Proxy Internal URL informationsgivning3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.680.00000CVE-2022-41317
13Linux Kernel io_uring.c io_sqpoll_wait_sq förnekande av tjänsten6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.680.00885CVE-2022-47946
14Fortinet FortiOS sslvpnd minneskorruption9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.680.00000CVE-2022-42475
15D-Link DIR-882 SetWLanRadioSecurity Module minneskorruption5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.620.00885CVE-2022-46569
16y_project RuoYi GenController sql injektion5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.700.01018CVE-2022-4566
17D-Link DIR-882 SetWan2Settings Module minneskorruption5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.720.00885CVE-2022-46560
18vim minneskorruption8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.590.00885CVE-2022-3520
19Axiomatic Bento4 mp42aac minneskorruption6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.630.00954CVE-2022-4584
20D-Link DIR-882 SetDynamicDNSSettings Module minneskorruption5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.520.00885CVE-2022-46563

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeSkådespelareTypFörtroende
143.249.37.0/24PatchworkpredictiveHög
2XX.XX.XX.X/XXXxxxxpredictiveHög
3XXX.XXX.XX.X/XXXxxxxxxxpredictiveHög

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-21, CWE-22Pathname TraversalpredictiveHög
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHög
3T1055CWE-74InjectionpredictiveHög
4T1059CWE-94Cross Site ScriptingpredictiveHög
5T1059.007CWE-79, CWE-85Cross Site ScriptingpredictiveHög
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHög
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHög
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHög
10TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHög
11TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
12TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
13TXXXXCWE-XXXxx XxxxxxxxxpredictiveHög
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
15TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHög
16TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHög
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHög
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHög
20TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHög
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHög
22TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (51)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/etc/sudoerspredictiveMedium
2Fileaddons/ooh323c/src/ooq931.cpredictiveHög
3Fileb/fs/ksmbd/smb2misc.cpredictiveHög
4Filebarbican/api/controllers/__init__.pypredictiveHög
5FileC:\tools\php81predictiveHög
6Filecom/ruoyi/generator/controller/GenControllerpredictiveHög
7Filedecode_r11.cpredictiveMedium
8Filedrivers/clk/imx/clk.cpredictiveHög
9Filexxxxxxx/xxx/xxx/xxx/xxxxxx/xxx_xxxx.xpredictiveHög
10Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveHög
11Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx_xxxx.xpredictiveHög
12Filexxxxxxx/xxxxx/xxxxxxxx/xxx-xxxxxx/xxx_xxxxxx_xx_xxx.xpredictiveHög
13Filexxxxxxx/xxxx/xxxxx/xxxx.xpredictiveHög
14Filexxxxxxx/xxx/xxxxxxxx/xxx/xxxxx_xxx.xpredictiveHög
15Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxx.xpredictiveHög
16Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveHög
17Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveHög
18Filexxxxxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xpredictiveHög
19Filexxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxx/xxxx_xxxxxxx.xpredictiveHög
20Filexxxxxxx/xxxxxxx/xxxxxxx/xxxx/xxx_xxxx.xpredictiveHög
21Filexx/xx_xxxxx.xpredictiveHög
22Filexx/xxxxx/xxxxxxxx.xpredictiveHög
23Filexx/xxxxx/xxxxxxx.xpredictiveHög
24Filexx/xxxxx/xxxxxx.xpredictiveHög
25Filexxxxx.xxxpredictiveMedium
26Filexxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHög
27Filexxxxx_xxxpredictiveMedium
28Filexxx-xxx/xxxxx.xpredictiveHög
29Filexxxxxxxxxx/xxx.xpredictiveHög
30Filexxxx.xxpredictiveLåg
31Filexxx/xxxx/xxxx_xxxx.xpredictiveHög
32FilexxxxxxxxxxxxxxpredictiveHög
33Filexxxx_xxxxxxxxpredictiveHög
34Filexxxxxx_xxxxx.xxxpredictiveHög
35Filexxx_xxxxx_xxxxxx.xpredictiveHög
36Libraryxxxxxxxx.xxxpredictiveMedium
37Libraryxxxx.xxxpredictiveMedium
38Libraryxxxxx.xxxpredictiveMedium
39Argument$_xxxxxx['xxx_xxxx']predictiveHög
40ArgumentxxxxxxxxxxxxxxxpredictiveHög
41Argumentxx(x)_xxxxx_xxxxxxxxxxpredictiveHög
42Argumentxxxx_xxxxxxx_xxxxpredictiveHög
43ArgumentxxxxpredictiveLåg
44Argumentxxxxxxxxx_xxx_xxxx_xxxxxxx_xxxxpredictiveHög
45Argumentxxxxxxxxx_xxx_xxxx_xxxx_xxxxxxxpredictiveHög
46ArgumentxxxpredictiveLåg
47ArgumentxxxxxxpredictiveLåg
48ArgumentxxxxxxxxpredictiveMedium
49ArgumentxxxpredictiveLåg
50Argumentxxxxxxxx[xx]predictiveMedium
51Argumentxxxxx_xxxxxxx/xxxx_xxxxxxxpredictiveHög
TidigareÖversiktNästa

Do you know our Splunk app?

Download it now for free!