Sektor Government

Timeframe: -28 days

Default Categories (63): Access Management Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Automation Software, Backup Software, Billing Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, File Compression Software, File Transfer Software, Financial Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Product Lifecycle Management Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Tidslinje

Säljare

Oracle200
Microsoft94
Insteon66
Not Defined38
Juniper32

Produkt

Microsoft Windows78
Insteon Hub66
Juniper Junos OS30
Oracle MySQL Server26
Apple macOS26

Åtgärd

Official Fix562
Temporary Fix0
Workaround0
Unavailable0
Not Defined136

Utnyttjbarhet

High0
Functional2
Proof-of-Concept16
Unproven84
Not Defined596

Åtkomstvektor

Not Defined0
Physical4
Local40
Adjacent90
Network564

Autentisering

Not Defined0
High68
Low300
None330

Användarinteraktion

Not Defined0
Required130
None568

C3BM Index

CVSSv3 Base

≤10
≤22
≤312
≤448
≤580
≤690
≤7102
≤8170
≤988
≤10106

CVSSv3 Temp

≤10
≤22
≤314
≤448
≤590
≤6104
≤7100
≤8202
≤988
≤1050

VulDB

≤10
≤22
≤324
≤460
≤580
≤674
≤7108
≤8154
≤9144
≤1052

NVD

≤1584
≤20
≤30
≤44
≤54
≤64
≤714
≤812
≤916
≤1060

CNA

≤1390
≤22
≤30
≤410
≤516
≤632
≤734
≤8118
≤992
≤104

Säljare

≤1606
≤20
≤30
≤42
≤52
≤610
≤72
≤856
≤920
≤100

Utnyttja 0-dagars

<1k28
<2k86
<5k96
<10k110
<25k224
<50k54
<100k100
≥100k0

Utnyttja idag

<1k132
<2k172
<5k166
<10k90
<25k138
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

IOB - Indicator of Behavior (1000)

Tidslinje

Lang

en824
ja86
ru18
de16
fr12

Land

us144
jp102
ru46
es38
cn32

Skådespelare

Conti2
Hafnium1
Carbanak1
Naikon1
Shadowcrew1

Aktiviteter

Intressera

Tidslinje

Typ

Operating System38
Cloud Software18
Web Browser16
Database Software16
Firewall Software14

Säljare

Microsoft26
Linux20
Not Defined20
Cisco14
Oracle12

Produkt

Linux Kernel20
Microsoft Windows14
Google Chrome10
Cisco Identity Services Engine6
Apache HTTP Server6

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemCTIEPSSCVE
1IP Vault WP Firewall Plugin cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined1.780.00000CVE-2022-47171
2GNU C Library Call Graph Monitor gmon.c __monstartup minneskorruption4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix3.79-0.00000CVE-2023-0687
3OpenBSD OpenSSH compat.c minneskorruption5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix2.650.00950CVE-2023-25136
4Microsoft Edge förnekande av tjänsten3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix2.350.00000CVE-2023-21720
5Calendar Event Management System sql injektion6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.740.00890CVE-2023-0675
6SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service privilegier eskalering8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.97+0.00000CVE-2022-31254
7Nextcloud Mail svag kryptering2.01.9$0-$5k$0-$5kNot DefinedOfficial Fix2.65-0.00000CVE-2023-23944
8Calendar Event Management System Login Page sql injektion7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.480.00954CVE-2023-0663
9Nextcloud Desktop Client QML Label cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2023-23942
10Nextcloud Mail privilegier eskalering5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2023-23943
11Zyxel NBG-418N v2 Logs Page cross site scripting5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2022-45441
12NREL api-umbrella-web Flash Message cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.950.00950CVE-2015-10072
13Linux Kernel V4L2/Vivid Test Code förnekande av tjänsten6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.570.00000CVE-2023-0615
14Western Digital My Cloud svag autentisering6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.520.00000CVE-2021-36224
15VMware Workstation förnekande av tjänsten4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.840.00885CVE-2023-20854
16SiteFusion Application Server Extension getextension.php kataloggenomgång3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.280.00950CVE-2016-15023
17fanzila WebFinance save_roles.php sql injektion5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00890CVE-2013-10017
18fanzila WebFinance save_contact.php sql injektion5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.810.01412CVE-2013-10018
19fanzila WebFinance save_taxes.php sql injektion5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.880.00890CVE-2013-10016
20F5 BIG-IP iControl SOAP Format String8.28.2$5k-$25k$5k-$25kNot DefinedNot Defined1.040.01086CVE-2023-22374

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeSkådespelareTypFörtroende
154.213.123.0/24DealplypredictiveHög
2XX.XX.XXX.X/XXXxxxxxxxpredictiveHög
3XXX.XX.XX.X/XXXxxxxxxxpredictiveHög
4XXX.XX.XXX.X/XXXxxxxpredictiveHög
5XXX.XXX.XXX.X/XXXxxxxpredictiveHög
6XXX.XXX.XXX.X/XXXxxxxpredictiveHög
7XXX.XXX.XXX.X/XXXxxxxxxpredictiveHög
8XXX.X.XXX.X/XXXxxxxpredictiveHög
9XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveHög

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22, CWE-23Pathname TraversalpredictiveHög
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHög
3T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHög
4T1059.007CWE-79Cross Site ScriptingpredictiveHög
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHög
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHög
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHög
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHög
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
11TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHög
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHög
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveHög
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHög
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHög
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHög
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHög
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHög
22TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (48)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/api/v1/registration/validateEmailpredictiveHög
2File/CPEpredictiveLåg
3File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveHög
4File/Services/Misc.asmx/SearchTagpredictiveHög
5File/setnetworksettings/IPAddresspredictiveHög
6File/SetNetworkSettings/SubnetMaskpredictiveHög
7File/xxxx/xxx/xxxxxxxxxxxpredictiveHög
8Filexxxx.xpredictiveLåg
9Filexxxxxx.xpredictiveMedium
10Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveHög
11Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHög
12Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveHög
13Filexx/xxxxx/xxxxxx.xpredictiveHög
14Filexxxxxxxxxxxx.xxxpredictiveHög
15Filexxxx.xpredictiveLåg
16Filexxx_xxx.xpredictiveMedium
17Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHög
18Filexxxxxx/xxxxx/xxxx_xxxxxxxx_xxxxxx_xxxx.xxxpredictiveHög
19Filexxxxxx/xxxxx/xxxx_xxxxx.xxxpredictiveHög
20Filexxxxxx/xxxxx/xxxx_xxxxx.xxxpredictiveHög
21Filexxxxxx/xxxxxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHög
22Filexxx/xxxxx.xxxpredictiveHög
23Filexx_xxxxx/xxxxxxxxx.xpredictiveHög
24Filexx_xxxxx/xxxx.xpredictiveHög
25Filexxx.xxxpredictiveLåg
26Filexxx/xxxx/xxx.xpredictiveHög
27Filexxx/xxxxx/xxx_xxx.xpredictiveHög
28Filexxx/xxxxx/xxx_xxx.xpredictiveHög
29Filexxx/xxxxx/xxx_xxx.xpredictiveHög
30Filexxxxxx/xxxx.xxpredictiveHög
31Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveHög
32Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHög
33ArgumentxxxpredictiveLåg
34ArgumentxxxxpredictiveLåg
35ArgumentxxpredictiveLåg
36Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveHög
37Argumentx/xpredictiveLåg
38Argumentxxxx/xxxpredictiveMedium
39Argumentxxx/xxxxxx/xxxxx/xxx/xxxxxx/xxxxxx/xxxxxxxx/xxxxpredictiveHög
40Argumentxx_xxxpredictiveLåg
41Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveHög
42ArgumentxxxxxxxpredictiveLåg
43Argumentxxxxx/xxxpredictiveMedium
44ArgumentxxxxxxxpredictiveLåg
45Argumentxxxxxxx_xxxpredictiveMedium
46ArgumentxxxxpredictiveLåg
47ArgumentxxxxxxxxpredictiveMedium
48Argumentxxxxxxxx/xxxxxxxxpredictiveHög
TidigareÖversiktNästa

Might our Artificial Intelligence support you?

Check our Alexa App!