| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1098 |
Account Manipulation |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15958 |
Cisco Prime Infrastructure |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15958 |
Cisco Prime Infrastructure |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
secondary_impact |
T1562 |
Impair Defenses |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1753 |
Cisco IOS XE Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1753 |
Cisco IOS XE Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1753 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1753 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1860 |
Cisco Unified Intelligence Center |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1860 |
Cisco Unified Intelligence Center |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1831 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1036 |
Masquerading |
| CVE-2019-1831 |
Cisco Email Security Appliance (ESA) |
secondary_impact |
T1566 |
Phishing |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-16009 |
Cisco IOS 12.2(15)B |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-16009 |
Cisco IOS 12.2(15)B |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3403 |
Cisco IOS XE Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3403 |
Cisco IOS XE Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3403 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3292 |
Cisco Small Business RV Series Router Firmware |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2018-15397 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1529 |
System Shutdown/Reboot |
| CVE-2018-15397 |
Cisco Adaptive Security Appliance (ASA) Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3253 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3253 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3233 |
Cisco IOx |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3233 |
Cisco IOx |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3233 |
Cisco IOx |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2018-15401 |
Cisco Hosted Collaboration Mediation Fulfillment |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2018-15401 |
Cisco Hosted Collaboration Mediation Fulfillment |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15280 |
Cisco Firepower Management Center |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-15280 |
Cisco Firepower Management Center |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-15280 |
Cisco Firepower Management Center |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1781 |
Cisco NX-OS Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1781 |
Cisco NX-OS Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1781 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3460 |
Cisco Data Center Network Manager |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2020-3460 |
Cisco Data Center Network Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3137 |
Cisco Email Security Appliance (ESA) |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-3312 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3312 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1768 |
Cisco NX-OS Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1768 |
Cisco NX-OS Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1768 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3379 |
Cisco SD-WAN Solution |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2020-3379 |
Cisco SD-WAN Solution |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1724 |
Cisco Small Business RV Series Router Firmware |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-1817 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1529 |
System Shutdown/Reboot |
| CVE-2019-1817 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3477 |
Cisco IOS |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3477 |
Cisco IOS |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1794 |
Cisco Directory Connector |
primary_impact |
T1574.008 |
Path Interception by Search Order Hijacking |
| CVE-2019-1794 |
Cisco Directory Connector |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1620 |
Cisco Data Center Network Manager |
primary_impact |
T1105 |
Ingress Tool Transfer |
| CVE-2019-1620 |
Cisco Data Center Network Manager |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3216 |
Cisco IOS XE SD-WAN Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3216 |
Cisco IOS XE SD-WAN Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3306 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-3306 |
Cisco Adaptive Security Appliance (ASA) Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1886 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-1711 |
Cisco IOS XR Software |
primary_impact |
T1489 |
Service Stop |
| CVE-2020-3375 |
Cisco SD-WAN vManage |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3375 |
Cisco SD-WAN vManage |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1857 |
Cisco HyperFlex HX-Series |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1857 |
Cisco HyperFlex HX-Series |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1703 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1499.002 |
Service Exhaustion Flood |
| CVE-2019-15963 |
Cisco Unity Connection |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-15963 |
Cisco Unity Connection |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1689 |
Cisco Webex Teams |
primary_impact |
T1105 |
Ingress Tool Transfer |
| CVE-2019-1689 |
Cisco Webex Teams |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1689 |
Cisco Webex Teams |
secondary_impact |
T1531 |
Account Access Removal |
| CVE-2020-3476 |
Cisco IOS XE Software |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3476 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2018-15466 |
Cisco Policy Suite (CPS) Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2018-15466 |
Cisco Policy Suite (CPS) Software |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-15287 |
Cisco WebEx WRF Player |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15287 |
Cisco WebEx WRF Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-15998 |
Cisco IOS XR Software |
primary_impact |
T1133 |
External Remote Services |
| CVE-2019-15998 |
Cisco IOS XR Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1889 |
Cisco Application Policy Infrastructure Controller (APIC) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1889 |
Cisco Application Policy Infrastructure Controller (APIC) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3134 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-1736 |
Cisco Identity Services Engine Software |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2020-3120 |
Cisco IOS XR Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-1764 |
Cisco Wireless IP Phone 8821 and 8821-EX |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1764 |
Cisco Wireless IP Phone 8821 and 8821-EX |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
secondary_impact |
T1189 |
Drive-by Compromise |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
exploitation_technique |
T1557 |
Man-in-the-Middle |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1747 |
Cisco IOS and IOS XE Software |
primary_impact |
T1477 |
Exploit via Radio Interfaces |
| CVE-2019-1747 |
Cisco IOS and IOS XE Software |
secondary_impact |
T1489 |
Service Stop |
| CVE-2019-15959 |
Cisco SPA525G2 5-line IP Phone |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15959 |
Cisco SPA525G2 5-line IP Phone |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2019-15974 |
Cisco Managed Services Accelerator |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2019-15974 |
Cisco Managed Services Accelerator |
secondary_impact |
T1189 |
Drive-by Compromise |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3133 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3133 |
Cisco Email Security Appliance (ESA) |
exploitation_technique |
T1566.001 |
Spearphishing Attachment |
| CVE-2019-12696 |
Cisco FireSIGHT System Software |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-12696 |
Cisco FireSIGHT System Software |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3387 |
Cisco SD-WAN vManage |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2018-15393 |
Cisco Content Security Management Appliance (SMA) |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2018-15393 |
Cisco Content Security Management Appliance (SMA) |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2018-15393 |
Cisco Content Security Management Appliance (SMA) |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1594 |
Nexus 1000V Switch for VMware vSphere |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1594 |
Nexus 1000V Switch for VMware vSphere |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3440 |
Cisco Webex Meetings |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3440 |
Cisco Webex Meetings |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3440 |
Cisco Webex Meetings |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1876 |
Cisco Wide Area Application Services (WAAS) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1876 |
Cisco Wide Area Application Services (WAAS) |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3121 |
Cisco 550X Series Stackable Managed Switches |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1040 |
Network Sniffing |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1836 |
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1836 |
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15289 |
Cisco TelePresence TC Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-15289 |
Cisco TelePresence TC Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-15444 |
Cisco Energy Management Suite |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2018-15444 |
Cisco Energy Management Suite |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2018-15444 |
Cisco Energy Management Suite |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3407 |
Cisco IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3407 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3237 |
Cisco IOx |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3237 |
Cisco IOx |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2018-15376 |
Cisco IOS Software |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2018-15376 |
Cisco IOS Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2018-15376 |
Cisco IOS Software |
exploitation_technique |
T1566 |
Phishing |
| CVE-2018-15376 |
Cisco IOS Software |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2018-15376 |
Cisco IOS Software |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3416 |
Cisco IOS XE Software |
primary_impact |
T1542.004 |
ROMMONkit |
| CVE-2020-3416 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
primary_impact |
T1080 |
Taint Shared Content |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
primary_impact |
T1204.002 |
Malicious File |
| CVE-2020-3126 |
Cisco Webex Meetings Multimedia Viewer |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3356 |
Cisco Data Center Network Manager |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1746 |
Cisco IOS and IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1746 |
Cisco IOS and IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3397 |
Cisco NX-OS Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3397 |
Cisco NX-OS Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1812 |
Cisco NX-OS Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1812 |
Cisco NX-OS Software |
secondary_impact |
T1548 |
Abuse Elevation Control Mechanism |
| CVE-2019-1812 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3322 |
Cisco Webex Network Recording Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1566 |
Phishing |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-3198 |
Cisco IOS 12.2(60)EZ16 |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3309 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-3177 |
Cisco Unified Communications Manager |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3177 |
Cisco Unified Communications Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3510 |
Cisco IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3510 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3513 |
Cisco IOS XE Software |
primary_impact |
T1542.004 |
ROMMONkit |
| CVE-2020-3513 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-3409 |
Cisco IOS |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-3409 |
Cisco IOS |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-3349 |
Cisco Data Center Network Manager |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2018-15392 |
Cisco Industrial Network Director |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2018-15392 |
Cisco Industrial Network Director |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-15462 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2018-15462 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1704 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-1704 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3244 |
Cisco ASR 5000 Series Software |
primary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-3244 |
Cisco ASR 5000 Series Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-3240 |
Cisco UCS Director |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-3240 |
Cisco UCS Director |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1003.008 |
/etc/passwd and /etc/shadow |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1552.001 |
Credentials In Files |
| CVE-2020-3240 |
Cisco UCS Director |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-3240 |
Cisco UCS Director |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1790 |
Cisco NX-OS Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1790 |
Cisco NX-OS Software |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1790 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-5364 |
Isilon OneFS |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5364 |
Isilon OneFS |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-3707 |
iDRAC |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3735 |
Dell SupportAssist for Business PCs |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3735 |
Dell SupportAssist for Business PCs |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2018-11048 |
Data Protection Advisor |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2018-11048 |
Data Protection Advisor |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2018-11048 |
Data Protection Advisor |
secondary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2018-11048 |
Data Protection Advisor |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-3754 |
Unity Operating Environment |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-3754 |
Unity Operating Environment |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-3754 |
Unity Operating Environment |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5374 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2018-15771 |
Dell EMC RecoverPoint |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2018-15771 |
Dell EMC RecoverPoint |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2018-15782 |
RSA Authentication Manager |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-15782 |
RSA Authentication Manager |
exploitation_technique |
T1566 |
Phishing |
| CVE-2018-15782 |
RSA Authentication Manager |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-3723 |
OpenManage Server Administrator |
primary_impact |
T1485 |
Data Destruction |
| CVE-2019-3723 |
OpenManage Server Administrator |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3723 |
OpenManage Server Administrator |
secondary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-3723 |
OpenManage Server Administrator |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-11045 |
Pivotal Operations Manager |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2018-11045 |
Pivotal Operations Manager |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2020-5345 |
Unisphere for PowerMax |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5345 |
Unisphere for PowerMax |
exploitation_technique |
T1565.001 |
Stored Data Manipulation |
| CVE-2020-5336 |
RSA Archer |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5336 |
RSA Archer |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5336 |
RSA Archer |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2018-15795 |
CredHub Service Broker |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2018-15795 |
CredHub Service Broker |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2020-5365 |
Isilon OneFS |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2020-5365 |
Isilon OneFS |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-3717 |
Dell Client Commercial and Consumer platforms |
primary_impact |
T1548 |
Abuse Elevation Control Mechanism |
| CVE-2019-3717 |
Dell Client Commercial and Consumer platforms |
exploitation_technique |
T1200 |
Hardware Additions |
| CVE-2019-3732 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3732 |
RSA BSAFE Crypto-C Micro Edition |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3731 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3731 |
RSA BSAFE Crypto-C Micro Edition |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5326 |
Dell Client Consumer and Commercial Platforms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5326 |
Dell Client Consumer and Commercial Platforms |
secondary_impact |
T1542.001 |
System Firmware |
| CVE-2018-15776 |
iDRAC |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2018-15776 |
iDRAC |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18573 |
RSA Identity Governance & Lifecycle |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3727 |
RecoverPoint |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3727 |
RecoverPoint |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3728 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-3790 |
Pivotal Ops Manager |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3790 |
Pivotal Ops Manager |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3719 |
SupportAssist Client |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3719 |
SupportAssist Client |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2018-15764 |
ESRS Policy Manager |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2018-15764 |
ESRS Policy Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-11084 |
Garden-runC |
primary_impact |
T1496 |
Resource Hijacking |
| CVE-2020-5339 |
RSA Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5339 |
RSA Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5339 |
RSA Authentication Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2018-15784 |
Dell Networking OS10 |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5386 |
Elastic Cloud Storage |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3799 |
Spring Cloud Config |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3799 |
Spring Cloud Config |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18578 |
XtremIO |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-18578 |
XtremIO |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-18578 |
XtremIO |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-5340 |
RSA Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5340 |
RSA Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5340 |
RSA Authentication Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-5358 |
Dell Encryption Enterprise |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5371 |
Isilon OneFS |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5371 |
Isilon OneFS |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-3758 |
RSA Archer |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3758 |
RSA Archer |
secondary_impact |
T1136 |
Create Account |
| CVE-2018-11051 |
Certificate Manager Path Traversal Vulnerability |
primary_impact |
T1005 |
Data from Local System |
| CVE-2018-11051 |
Certificate Manager Path Traversal Vulnerability |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5378 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2019-3767 |
ImageAssist |
primary_impact |
T1005 |
Data from Local System |
| CVE-2018-15800 |
Bits Service Release |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2018-15800 |
Bits Service Release |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2018-11059 |
RSA Archer |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2018-11059 |
RSA Archer |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2018-11059 |
RSA Archer |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-3775 |
UAA Release (OSS) |
primary_impact |
T1098 |
Account Manipulation |
| CVE-2018-11075 |
Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2018-11075 |
Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2018-11075 |
Authentication Manager |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2020-5376 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2018-15761 |
UAA |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-15761 |
UAA |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3787 |
UAA Release (OSS) |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2019-3787 |
UAA Release (OSS) |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-3787 |
UAA Release (OSS) |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2018-15797 |
NFS Volume Release |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-15797 |
NFS Volume Release |
exploitation_technique |
T1552 |
Unsecured Credentials |
| CVE-2018-15772 |
Dell EMC RecoverPoint |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2020-5331 |
RSA Archer |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5362 |
Dell Client Consumer and Commercial platforms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5362 |
Dell Client Consumer and Commercial platforms |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-3782 |
CredHub CLI |
primary_impact |
T1552.001 |
Credentials In Files |
| CVE-2019-3782 |
CredHub CLI |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2020-5379 |
CPG BIOS |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2018-11088 |
Application Service |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2018-11088 |
Application Service |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-11062 |
Integrated Data Protection Appliance |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2018-15758 |
Spring Security OAuth |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-15758 |
Spring Security OAuth |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3780 |
Cloud Foundry Container Runtime (CFCR) |
primary_impact |
T1552.001 |
Credentials In Files |
| CVE-2019-3780 |
Cloud Foundry Container Runtime (CFCR) |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5369 |
Isilon OneFS |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-5366 |
Integrated Dell Remote Access Controller (iDRAC) |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5366 |
Integrated Dell Remote Access Controller (iDRAC) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3798 |
CAPI-release |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3798 |
CAPI-release |
exploitation_technique |
T1136 |
Create Account |
| CVE-2020-5373 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5373 |
OMIMSSC (OpenManage Integration for Microsoft System Center) |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-3788 |
UAA Release (OSS) |
secondary_impact |
T1036 |
Masquerading |
| CVE-2019-3788 |
UAA Release (OSS) |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2018-11060 |
RSA Archer |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-11067 |
Avamar |
secondary_impact |
T1036 |
Masquerading |
| CVE-2018-11067 |
Avamar |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2020-5328 |
Isilon OneFS |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3784 |
Stratos |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3762 |
Data Protection Central |
primary_impact |
T1553 |
Subvert Trust Controls |
| CVE-2019-3762 |
Data Protection Central |
exploitation_technique |
T1588.004 |
Digital Certificates |
| CVE-2019-18582 |
Data Protection Advisor |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2018-11049 |
Pivotal Operations Manager |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5350 |
Integrated Data Protection Appliance |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5350 |
Integrated Data Protection Appliance |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2018-15801 |
Spring Security |
secondary_impact |
T1550.001 |
Application Access Token |
| CVE-2019-18581 |
Data Protection Advisor |
primary_impact |
T1562 |
Impair Defenses |
| CVE-2019-18581 |
Data Protection Advisor |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5332 |
RSA Archer |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3778 |
Spring Security OAuth |
secondary_impact |
T1036 |
Masquerading |
| CVE-2019-3778 |
Spring Security OAuth |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2018-15774 |
iDRAC |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2018-15780 |
RSA Archer |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-15780 |
RSA Archer |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-3786 |
BOSH Backup and Restore |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3786 |
BOSH Backup and Restore |
exploitation_technique |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-3706 |
iDRAC |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2018-11072 |
Dell Digital Delivery |
primary_impact |
T1055.001 |
Dynamic-link Library Injection |
| CVE-2018-11073 |
Authentication Manager |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2018-11073 |
Authentication Manager |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2018-11073 |
Authentication Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2018-11087 |
Spring AMQP |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2018-15767 |
OpenManage Network Manager |
primary_impact |
T1548.003 |
Sudo and Sudo Caching |
| CVE-2018-11069 |
RSA BSAFE SSL-J |
primary_impact |
T1600 |
Weaken Encryption |
| CVE-2018-11069 |
RSA BSAFE SSL-J |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-3763 |
RSA Identity Governance and Lifecycle |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2019-3763 |
RSA Identity Governance and Lifecycle |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-3750 |
Dell Command Update (DCU) |
primary_impact |
T1485 |
Data Destruction |
| CVE-2020-15105 |
django-two-factor-auth |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2020-15105 |
django-two-factor-auth |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2020-15188 |
soycms |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15188 |
soycms |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-5250 |
PrestaShop |
primary_impact |
T1036 |
Masquerading |
| CVE-2020-5250 |
PrestaShop |
secondary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2019-16768 |
Sylius |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-15147 |
Red-DiscordBot |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15147 |
Red-DiscordBot |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15118 |
wagtail |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15118 |
wagtail |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5210 |
NetHack |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5210 |
NetHack |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11055 |
BookStack |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-11055 |
BookStack |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-5283 |
viewvc |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-5283 |
viewvc |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-15211 |
tensorflow |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15211 |
tensorflow |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5220 |
SyliusResourceBundle |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5220 |
SyliusResourceBundle |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11021 |
http-client |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11021 |
http-client |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-5269 |
PrestaShop |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5269 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5269 |
PrestaShop |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11030 |
WordPress |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11030 |
WordPress |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11030 |
WordPress |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11036 |
GLPI |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11036 |
GLPI |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2020-11036 |
GLPI |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-15100 |
freewvs |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-15100 |
freewvs |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-15100 |
freewvs |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2020-15094 |
symfony |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15094 |
symfony |
exploitation_technique |
T1040 |
Network Sniffing |
| CVE-2020-15140 |
Red-DiscordBot |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15140 |
Red-DiscordBot |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-11087 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11087 |
FreeRDP |
secondary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-11023 |
jQuery |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-11023 |
jQuery |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-11023 |
jQuery |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5290 |
rctf |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2020-5290 |
rctf |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2020-11090 |
Indy Node |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1036 |
Masquerading |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5270 |
PrestaShop |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2020-5270 |
PrestaShop |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2020-5254 |
NetHack |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2020-5254 |
NetHack |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15096 |
electron |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2020-15096 |
electron |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11013 |
Helm |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15095 |
cli |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2020-15233 |
fosite |
secondary_impact |
T1036 |
Masquerading |
| CVE-2020-15233 |
fosite |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2020-5252 |
safety |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11019 |
FreeRDP |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-11019 |
FreeRDP |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2020-11019 |
FreeRDP |
secondary_impact |
T1211 |
Exploitation for Defense Evasion |
| CVE-2020-15182 |
soycms |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2020-15182 |
soycms |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-5264 |
PrestaShop |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2020-5264 |
PrestaShop |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2020-5264 |
PrestaShop |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2020-11078 |
httplib2 |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-11050 |
Java-WebSocket |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15170 |
apollo |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2020-15170 |
apollo |
primary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2020-5295 |
october |
primary_impact |
T1005 |
Data from Local System |
| CVE-2020-5295 |
october |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2020-15189 |
soycms |
primary_impact |
T1505.003 |
Web Shell |
| CVE-2020-15189 |
soycms |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
