部门 Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

时间轴

供应商

产品

Linux Kernel290
Microsoft Windows94
Foxit PDF Reader60
Microsoft SQL Server30
Microsoft OLE DB Driver28

修正

Official Fix750
Temporary Fix0
Workaround2
Unavailable0
Not Defined124

易受攻击性

High4
Functional4
Proof-of-Concept38
Unproven124
Not Defined706

访问向量

Not Defined0
Physical6
Local138
Adjacent338
Network394

身份验证

Not Defined0
High62
Low516
None298

用户交互

Not Defined0
Required198
None678

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤480
≤5172
≤6266
≤7144
≤8140
≤952
≤106

CVSSv3 Temp

≤10
≤20
≤316
≤490
≤5170
≤6360
≤7124
≤8100
≤910
≤106

VulDB

≤10
≤22
≤320
≤496
≤5174
≤6266
≤7132
≤8132
≤950
≤104

NVD

≤1876
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1684
≤20
≤38
≤42
≤522
≤640
≤728
≤862
≤922
≤108

供应商

≤1742
≤20
≤30
≤40
≤54
≤610
≤718
≤862
≤940
≤100

零日攻击

<1k20
<2k224
<5k34
<10k328
<25k134
<50k118
<100k18
≥100k0

本日攻击

<1k302
<2k226
<5k156
<10k88
<25k102
<50k2
<100k0
≥100k0

攻击市场容量

IOB - Indicator of Behavior (1000)

时间轴

语言

en768
de76
ja56
es48
fr28

国家/地区

us202
gb76
de74
es38
jp34

演员

活动

利益

时间轴

类型

供应商

产品

Juniper Junos OS32
Juniper Junos OS Evolved22
Microsoft Windows14
Linux Kernel8
Palo Alto Networks PAN-OS6

漏洞

#漏洞BaseTemp0day今天修正CTIEPSSCVE
1Palo Alto Networks PAN-OS GlobalProtect 权限升级9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix8.40-0.00043CVE-2024-3400
2PHPGurukul Small CRM Registration Page SQL注入7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined8.91-0.00000CVE-2024-3691
3PHPGurukul Small CRM Change Password SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.29-0.00000CVE-2024-3690
4Xiamen Four-Faith RMP Router Management Platform SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.06-0.00000CVE-2024-3688
5Node.js child_process.spawn 权限升级5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix5.410.00000CVE-2024-27980
6cym1102 nginxWebUI upload 权限升级4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined2.760.00000CVE-2024-3736
7cym1102 nginxWebUI reload exec 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined2.760.00000CVE-2024-3740
8cym1102 nginxWebUI saveCmd handlePath 弱身份验证7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined2.700.00000CVE-2024-3738
9cym1102 nginxWebUI addOver findCountByQuery 目录遍历6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined2.540.00000CVE-2024-3737
10cym1102 nginxWebUI upload 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined2.540.00000CVE-2024-3739
11mysql2 readCodeFor 权限升级8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.940.00044CVE-2024-21508
12Juniper cRPD/Juniper Cloud Native Router SSH 弱加密8.17.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.58-0.00000CVE-2024-30407
13Linux Kernel relocs notes 信息公开3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.800.00044CVE-2024-26816
14Xen BTC SRSO Mitigation Privilege Escalation5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.480.00000CVE-2024-31142
15Linux Kernel userfaultfd hugetlb_mcopy_atomic_pte Privilege Escalation5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.410.00043CVE-2021-47214
16Juniper Junos OS flowd 内存损坏7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.29-0.00000CVE-2024-30392
17SourceCodester PHP Task Management System edit-task.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.300.00045CVE-2024-3225
18GitLab Community Edition/Enterprise Edition Diff Viewer 跨网站脚本6.16.0$0-$5k$0-$5kNot DefinedOfficial Fix0.84-0.00043CVE-2024-3092
19SourceCodester PHP Task Management System admin-password-change.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.300.00045CVE-2024-3222
20SourceCodester PHP Task Management System task-details.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.240.00045CVE-2024-3224

IOC - Indicator of Compromise (22)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP range参与者类型可信度
13.71.1.0/24Sliverpredictive
245.141.215.0/24RedLine Stealerpredictive
354.213.123.0/24Dealplypredictive
4XX.XX.XXX.X/XXXxxxxxxxpredictive
5XX.XXX.XXX.X/XXXxxxxxxxxpredictive
6XXX.XX.XX.X/XXXxxxxxxxpredictive
7XXX.XXX.XXX.X/XXXxxxxxxxpredictive
8XXX.XXX.XXX.X/XXXxxxxxpredictive
9XXX.XXX.X.X/XXXxxxxxxxxpredictive
10XXX.XXX.X.X/XXXxxxxx Xxxxxxpredictive
11XXX.XX.XXX.X/XXXxxxxx Xxxxxxpredictive
12XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictive
13XXX.XXX.XX.X/XXXxxxxxxxpredictive
14XXX.XXX.XX.X/XXXxxxxxxxpredictive
15XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictive
16XXX.XXX.XXX.X/XXXxxxxxxxpredictive
17XXX.XX.XX.X/XXXxxxxxpredictive
18XXX.XX.XXX.X/XXXxxxxxpredictive
19XXX.XXX.XX.X/XXXxxxxxxxxpredictive
20XXX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictive
21XXX.XXX.XXX.X/XXXxxxxpredictive
22XXX.X.XX.X/XXXxxxxpredictive

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22, CWE-23, CWE-25, CWE-35Path Traversalpredictive
2T1040CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CWE-94, CWE-1321Argument Injectionpredictive
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
10TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
12TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
16TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
21TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
22TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
23TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
24TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (130)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/adminPage/conf/reloadpredictive
2File/adminPage/conf/saveCmdpredictive
3File/adminPage/main/uploadpredictive
4File/adminPage/www/addOverpredictive
5File/cart.phppredictive
6File/description.phppredictive
7File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictive
8File/etc/passwdpredictive
9File/index.phppredictive
10File/loginpredictive
11File/Product.phppredictive
12File/sys/kernel/notespredictive
13Fileactivate_jet_details_form_handler.phppredictive
14Fileadd-vehicle.phppredictive
15Fileadmin-manage-user.phppredictive
16Fileadmin-password-change.phppredictive
17Fileadmin/books/controller.phppredictive
18Fileadmin/books/deweydecimal.phppredictive
19Filexxxxx/xxxxx/xxxxx.xxxpredictive
20Filexxxxx/xxxxxxxx/xxxxx.xxxpredictive
21Filexxxxx/xxxxx.xxxpredictive
22Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictive
23Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictive
24Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictive
25Filexxxx_xxxxxx.xpredictive
26Filexxxxxxxxxx-xxxx.xxxpredictive
27Filexxxxx/xxx-xxxxxx.xpredictive
28Filexxxxx/xxx-xx-xxx.xpredictive
29Filexxx_xxx.xxxxpredictive
30Filexxxx_xxxxxxx.xxpredictive
31Filexxxxxxxxxxxxxx.xxxpredictive
32Filexxxxxxxxx.xxxpredictive
33Filexxxxxxx.xxxpredictive
34Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictive
35Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictive
36Filexxxx.xpredictive
37Filexxxx-xxxx.xxxpredictive
38Filexx/xxxxx/xxxx-xx.xpredictive
39Filexx/xxxxx/xxxxxxxxxxx.xpredictive
40Filexx/xxxxx/xxxx-xxx.xpredictive
41Filexx/xxxx/xxxx.xpredictive
42Filexxxxxpredictive
43Filexxxxx_xxxxxxpredictive
44Filexx/xxx/xxx_xx_xxx.xpredictive
45Filexxxxxxx/xxxxx/xxxxxx.xpredictive
46Filexxxxx.xpredictive
47Filexxxxxx/xxx/xxxxxxx.xpredictive
48Filexxxxxx/xxx/xxxxx.xpredictive
49Filexxxxxx/xxx/xxxx.x:predictive
50Filexxx.xpredictive
51Filexxxxxxxxx.xxpredictive
52Filexxx.xpredictive
53Filexxxxxxx/xxxxxx.xxxpredictive
54Filexx/xxxx_xxxxx.xpredictive
55Filexx/xxxxxxxx.xpredictive
56Filexxx/xxxx/xxx.xpredictive
57Filexxx/xxxx/xxxxxx.xpredictive
58Filexxx/xxx/xxx_xxxxxx.xpredictive
59Filexxx/xxxxxxxxxxx/xxxx.xpredictive
60Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
61Filexxxxx.xpredictive
62Filexxxxx.xpredictive
63Filexxxxxxxxx.xxxpredictive
64Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictive
65Filexxxx-xxxxxxx.xxxpredictive
66Filexxxx_xxxxxx.xxpredictive
67Filexxx.xpredictive
68Filexxxxxx-xxxxx.xxxpredictive
69Filexxxxxx-xxxxxxxx.xxxpredictive
70Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
71File_xxxxxxxxxx.xpredictive
72Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictive
73Libraryxxxx.xxxpredictive
74Libraryxxxxxxx/xxxxx/xxxx.xpredictive
75Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
76Libraryxxx/xxx_xxxx.xpredictive
77Libraryxxx/xxxxxxxxxxxx.xpredictive
78Libraryxxx/xxxx_xxxxx.xpredictive
79Libraryxxx/xxx_xxxx.xpredictive
80Libraryxxx/xxxpredictive
81Libraryxxx/xxxxxxxxxxx.xpredictive
82Libraryxxxxxxxx.xxxpredictive
83Libraryxxxx.xpredictive
84Argumentxxxxxxpredictive
85Argumentxxxxx_xxpredictive
86Argumentxxxxpredictive
87Argumentxxxxpredictive
88Argumentxxxxxxxxxxxxxxxxpredictive
89Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictive
90Argumentxx-xxxxxxpredictive
91Argumentxxxxxxxxpredictive
92Argumentxxxxxxxxpredictive
93Argumentxx_xxxx_xxxpredictive
94Argumentxxxxxxxxxxxpredictive
95Argumentxxxpredictive
96Argumentxxxxxxx_xxxxpredictive
97Argumentxxxxpredictive
98Argumentxxxxxx_xxxxpredictive
99Argumentxxxxxxxpredictive
100Argumentx_xxxxpredictive
101Argumentxxxxpredictive
102Argumentxxpredictive
103Argumentxxpredictive
104Argumentxxxxxpredictive
105Argumentxxx_xxpredictive
106Argumentxxxxx_xxxpredictive
107Argumentxxxxxxxpredictive
108Argumentxxxxxxxxpredictive
109Argumentxxxxxxxxxpredictive
110Argumentxxx_xxxxxxpredictive
111Argumentxxx.xxpredictive
112Argumentxxxxxxpredictive
113Argumentxxx_xxxxxxpredictive
114Argumentxx_xxxxx_xxxxxxxpredictive
115Argumentxxxx_xxxxxx_xxxxxpredictive
116Argumentxxxxxxxpredictive
117Argumentxxxxxxxpredictive
118Argumentxxxxxxxx/xxxxxxpredictive
119Argumentxxxxxxxxxxxpredictive
120Argumentxxxx_xxxxxxx_xxxxpredictive
121Argumentxxxxpredictive
122Argumentxxxx/xxxxxxxxpredictive
123Argumentxxxx_xxpredictive
124Argumentxxxxxx xxxxxpredictive
125Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
126Argumentxxxx_xxxxxpredictive
127Argumentxxxx_xxpredictive
128Argumentxxxx_xxxxpredictive
129Argumentxxxxxpredictive
130Argumentx-xxxxxxxxx-xxxpredictive

Might our Artificial Intelligence support you?

Check our Alexa App!