|
CVE-2019-15243
|
Cisco SPA112 2-Port Phone Adapter
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15243
|
Cisco SPA112 2-Port Phone Adapter
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15243
|
Cisco SPA112 2-Port Phone Adapter
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-15976
|
Cisco Data Center Network Manager
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-15976
|
Cisco Data Center Network Manager
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15976
|
Cisco Data Center Network Manager
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15956
|
Cisco Web Security Appliance (WSA)
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2019-15956
|
Cisco Web Security Appliance (WSA)
| primary_impact |
T1098
|
Account Manipulation
|
|
CVE-2019-15956
|
Cisco Web Security Appliance (WSA)
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15956
|
Cisco Web Security Appliance (WSA)
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-15958
|
Cisco Prime Infrastructure
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15958
|
Cisco Prime Infrastructure
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-12660
|
Cisco IOS XE Software 3.2.11aSG
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-12660
|
Cisco IOS XE Software 3.2.11aSG
| secondary_impact |
T1562
|
Impair Defenses
|
|
CVE-2019-12660
|
Cisco IOS XE Software 3.2.11aSG
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1753
|
Cisco IOS XE Software
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1753
|
Cisco IOS XE Software
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1753
|
Cisco IOS XE Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1753
|
Cisco IOS XE Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1860
|
Cisco Unified Intelligence Center
| primary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1860
|
Cisco Unified Intelligence Center
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-1831
|
Cisco Email Security Appliance (ESA)
| primary_impact |
T1036
|
Masquerading
|
|
CVE-2019-1831
|
Cisco Email Security Appliance (ESA)
| secondary_impact |
T1566
|
Phishing
|
|
CVE-2019-1942
|
Cisco Identity Services Engine Software
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1942
|
Cisco Identity Services Engine Software
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-1942
|
Cisco Identity Services Engine Software
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-1942
|
Cisco Identity Services Engine Software
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-1942
|
Cisco Identity Services Engine Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-15972
|
Cisco Unified Communications Manager
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15972
|
Cisco Unified Communications Manager
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-15972
|
Cisco Unified Communications Manager
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-15972
|
Cisco Unified Communications Manager
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-15972
|
Cisco Unified Communications Manager
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-16009
|
Cisco IOS 12.2(15)B
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2019-16009
|
Cisco IOS 12.2(15)B
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-1879
|
Cisco Unified Computing System (Management Software)
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1879
|
Cisco Unified Computing System (Management Software)
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1879
|
Cisco Unified Computing System (Management Software)
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1863
|
Cisco Unified Computing System E-Series Software (UCSE)
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1863
|
Cisco Unified Computing System E-Series Software (UCSE)
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-1863
|
Cisco Unified Computing System E-Series Software (UCSE)
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1863
|
Cisco Unified Computing System E-Series Software (UCSE)
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1941
|
Cisco Identity Services Engine Software
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-1941
|
Cisco Identity Services Engine Software
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1941
|
Cisco Identity Services Engine Software
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-1838
|
Cisco Application Policy Infrastructure Controller (APIC)
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-1838
|
Cisco Application Policy Infrastructure Controller (APIC)
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1838
|
Cisco Application Policy Infrastructure Controller (APIC)
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-15249
|
Cisco SPA112 2-Port Phone Adapter
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15249
|
Cisco SPA112 2-Port Phone Adapter
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15249
|
Cisco SPA112 2-Port Phone Adapter
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-15280
|
Cisco Firepower Management Center
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-15280
|
Cisco Firepower Management Center
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-15280
|
Cisco Firepower Management Center
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-15288
|
Cisco TelePresence TC Software
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2019-15288
|
Cisco TelePresence TC Software
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-15288
|
Cisco TelePresence TC Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1781
|
Cisco NX-OS Software
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2019-1781
|
Cisco NX-OS Software
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1781
|
Cisco NX-OS Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1768
|
Cisco NX-OS Software
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2019-1768
|
Cisco NX-OS Software
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1768
|
Cisco NX-OS Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1724
|
Cisco Small Business RV Series Router Firmware
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-1817
|
Cisco Web Security Appliance (WSA)
| primary_impact |
T1529
|
System Shutdown/Reboot
|
|
CVE-2019-1817
|
Cisco Web Security Appliance (WSA)
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1794
|
Cisco Directory Connector
| primary_impact |
T1574.008
|
Path Interception by Search Order Hijacking
|
|
CVE-2019-1794
|
Cisco Directory Connector
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1620
|
Cisco Data Center Network Manager
| primary_impact |
T1105
|
Ingress Tool Transfer
|
|
CVE-2019-1620
|
Cisco Data Center Network Manager
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1886
|
Cisco Web Security Appliance (WSA)
| primary_impact |
T1489
|
Service Stop
|
|
CVE-2019-1711
|
Cisco IOS XR Software
| primary_impact |
T1489
|
Service Stop
|
|
CVE-2019-1857
|
Cisco HyperFlex HX-Series
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2019-1857
|
Cisco HyperFlex HX-Series
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-1703
|
Cisco Firepower Threat Defense Software
| primary_impact |
T1499.002
|
Service Exhaustion Flood
|
|
CVE-2019-15963
|
Cisco Unity Connection
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-15963
|
Cisco Unity Connection
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1689
|
Cisco Webex Teams
| primary_impact |
T1105
|
Ingress Tool Transfer
|
|
CVE-2019-1689
|
Cisco Webex Teams
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-1689
|
Cisco Webex Teams
| secondary_impact |
T1531
|
Account Access Removal
|
|
CVE-2019-15287
|
Cisco WebEx WRF Player
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15287
|
Cisco WebEx WRF Player
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-15998
|
Cisco IOS XR Software
| primary_impact |
T1133
|
External Remote Services
|
|
CVE-2019-15998
|
Cisco IOS XR Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1889
|
Cisco Application Policy Infrastructure Controller (APIC)
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1889
|
Cisco Application Policy Infrastructure Controller (APIC)
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1736
|
Cisco Identity Services Engine Software
| primary_impact |
T1542.001
|
System Firmware
|
|
CVE-2019-1764
|
Cisco Wireless IP Phone 8821 and 8821-EX
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1764
|
Cisco Wireless IP Phone 8821 and 8821-EX
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-1943
|
Cisco Small Business 300 Series Managed Switches
| primary_impact |
T1565.002
|
Transmitted Data Manipulation
|
|
CVE-2019-1943
|
Cisco Small Business 300 Series Managed Switches
| secondary_impact |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1943
|
Cisco Small Business 300 Series Managed Switches
| exploitation_technique |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1665
|
Cisco HyperFlex HX-Series
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-1665
|
Cisco HyperFlex HX-Series
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1665
|
Cisco HyperFlex HX-Series
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-15994
|
Cisco Stealthwatch Enterprise
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-15994
|
Cisco Stealthwatch Enterprise
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-15994
|
Cisco Stealthwatch Enterprise
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-1747
|
Cisco IOS and IOS XE Software
| primary_impact |
T1477
|
Exploit via Radio Interfaces
|
|
CVE-2019-1747
|
Cisco IOS and IOS XE Software
| secondary_impact |
T1489
|
Service Stop
|
|
CVE-2019-15959
|
Cisco SPA525G2 5-line IP Phone
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-15959
|
Cisco SPA525G2 5-line IP Phone
| exploitation_technique |
T1091
|
Replication Through Removable Media
|
|
CVE-2019-15974
|
Cisco Managed Services Accelerator
| primary_impact |
T1565.002
|
Transmitted Data Manipulation
|
|
CVE-2019-15974
|
Cisco Managed Services Accelerator
| secondary_impact |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1772
|
Cisco WebEx WRF Player
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1772
|
Cisco WebEx WRF Player
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2019-1772
|
Cisco WebEx WRF Player
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-12696
|
Cisco FireSIGHT System Software
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-12696
|
Cisco FireSIGHT System Software
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1594
|
Nexus 1000V Switch for VMware vSphere
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1594
|
Nexus 1000V Switch for VMware vSphere
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1876
|
Cisco Wide Area Application Services (WAAS)
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1876
|
Cisco Wide Area Application Services (WAAS)
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1612
|
Nexus 3000 Series Switches
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1612
|
Nexus 3000 Series Switches
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1612
|
Nexus 3000 Series Switches
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1612
|
Nexus 3000 Series Switches
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-1715
|
Cisco Adaptive Security Appliance (ASA) Software
| primary_impact |
T1078
|
Valid Accounts
|
|
CVE-2019-1715
|
Cisco Adaptive Security Appliance (ASA) Software
| primary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-1715
|
Cisco Adaptive Security Appliance (ASA) Software
| primary_impact |
T1040
|
Network Sniffing
|
|
CVE-2019-1715
|
Cisco Adaptive Security Appliance (ASA) Software
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2019-1609
|
MDS 9000 Series Multilayer Switches
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1609
|
MDS 9000 Series Multilayer Switches
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1609
|
MDS 9000 Series Multilayer Switches
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1836
|
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode
| primary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-1836
|
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-15289
|
Cisco TelePresence TC Software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-15289
|
Cisco TelePresence TC Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1611
|
Firepower 4100 Series Next-Generation Firewalls
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1611
|
Firepower 4100 Series Next-Generation Firewalls
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1611
|
Firepower 4100 Series Next-Generation Firewalls
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-15276
|
Cisco Wireless LAN Controller (WLC)
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-15276
|
Cisco Wireless LAN Controller (WLC)
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-15276
|
Cisco Wireless LAN Controller (WLC)
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15276
|
Cisco Wireless LAN Controller (WLC)
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| secondary_impact |
T1098
|
Account Manipulation
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2019-1915
|
Cisco Unified Communications Manager
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1746
|
Cisco IOS and IOS XE Software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1746
|
Cisco IOS and IOS XE Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1812
|
Cisco NX-OS Software
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1812
|
Cisco NX-OS Software
| secondary_impact |
T1548
|
Abuse Elevation Control Mechanism
|
|
CVE-2019-1812
|
Cisco NX-OS Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-1704
|
Cisco Firepower Threat Defense Software
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2019-1704
|
Cisco Firepower Threat Defense Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1790
|
Cisco NX-OS Software
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1790
|
Cisco NX-OS Software
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1790
|
Cisco NX-OS Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-3707
|
iDRAC
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3735
|
Dell SupportAssist for Business PCs
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-3735
|
Dell SupportAssist for Business PCs
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-3754
|
Unity Operating Environment
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-3754
|
Unity Operating Environment
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-3754
|
Unity Operating Environment
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-3723
|
OpenManage Server Administrator
| primary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-3723
|
OpenManage Server Administrator
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-3723
|
OpenManage Server Administrator
| secondary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-3723
|
OpenManage Server Administrator
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3717
|
Dell Client Commercial and Consumer platforms
| primary_impact |
T1548
|
Abuse Elevation Control Mechanism
|
|
CVE-2019-3717
|
Dell Client Commercial and Consumer platforms
| exploitation_technique |
T1200
|
Hardware Additions
|
|
CVE-2019-3732
|
RSA BSAFE Crypto-C Micro Edition
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-3732
|
RSA BSAFE Crypto-C Micro Edition
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3731
|
RSA BSAFE Crypto-C Micro Edition
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-3731
|
RSA BSAFE Crypto-C Micro Edition
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-18573
|
RSA Identity Governance & Lifecycle
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-3727
|
RecoverPoint
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-3727
|
RecoverPoint
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-3728
|
RSA BSAFE Crypto-C Micro Edition
| primary_impact |
T1489
|
Service Stop
|
|
CVE-2019-3790
|
Pivotal Ops Manager
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-3790
|
Pivotal Ops Manager
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-3719
|
SupportAssist Client
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-3719
|
SupportAssist Client
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-3704
|
VNX Control Station in Dell EMC VNX2 OE for File
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-3704
|
VNX Control Station in Dell EMC VNX2 OE for File
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-3704
|
VNX Control Station in Dell EMC VNX2 OE for File
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2019-3799
|
Spring Cloud Config
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-3799
|
Spring Cloud Config
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-18578
|
XtremIO
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-18578
|
XtremIO
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2019-18578
|
XtremIO
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-3758
|
RSA Archer
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3758
|
RSA Archer
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2019-3767
|
ImageAssist
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-3775
|
UAA Release (OSS)
| primary_impact |
T1098
|
Account Manipulation
|
|
CVE-2019-3787
|
UAA Release (OSS)
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2019-3787
|
UAA Release (OSS)
| secondary_impact |
T1078
|
Valid Accounts
|
|
CVE-2019-3787
|
UAA Release (OSS)
| secondary_impact |
T1098
|
Account Manipulation
|
|
CVE-2019-18571
|
RSA Identity Governance & Lifecycle
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-18571
|
RSA Identity Governance & Lifecycle
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2019-18571
|
RSA Identity Governance & Lifecycle
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-3782
|
CredHub CLI
| primary_impact |
T1552.001
|
Credentials In Files
|
|
CVE-2019-3782
|
CredHub CLI
| secondary_impact |
T1098
|
Account Manipulation
|
|
CVE-2019-3780
|
Cloud Foundry Container Runtime (CFCR)
| primary_impact |
T1552.001
|
Credentials In Files
|
|
CVE-2019-3780
|
Cloud Foundry Container Runtime (CFCR)
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-3798
|
CAPI-release
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-3798
|
CAPI-release
| exploitation_technique |
T1136
|
Create Account
|
|
CVE-2019-3788
|
UAA Release (OSS)
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2019-3788
|
UAA Release (OSS)
| exploitation_technique |
T1566.002
|
Spearphishing Link
|
|
CVE-2019-3784
|
Stratos
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-3762
|
Data Protection Central
| primary_impact |
T1553
|
Subvert Trust Controls
|
|
CVE-2019-3762
|
Data Protection Central
| exploitation_technique |
T1588.004
|
Digital Certificates
|
|
CVE-2019-18582
|
Data Protection Advisor
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-18581
|
Data Protection Advisor
| primary_impact |
T1562
|
Impair Defenses
|
|
CVE-2019-18581
|
Data Protection Advisor
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-3778
|
Spring Security OAuth
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2019-3778
|
Spring Security OAuth
| exploitation_technique |
T1566.002
|
Spearphishing Link
|
|
CVE-2019-3786
|
BOSH Backup and Restore
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-3786
|
BOSH Backup and Restore
| exploitation_technique |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-3706
|
iDRAC
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3708
|
Dell EMC IsilonSD Management Server
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2019-3708
|
Dell EMC IsilonSD Management Server
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2019-3708
|
Dell EMC IsilonSD Management Server
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-3763
|
RSA Identity Governance and Lifecycle
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2019-3763
|
RSA Identity Governance and Lifecycle
| secondary_impact |
T1078
|
Valid Accounts
|
|
CVE-2019-3750
|
Dell Command Update (DCU)
| primary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-16768
|
Sylius
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-16784
|
PyInstaller
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-16784
|
PyInstaller
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-16784
|
PyInstaller
| secondary_impact |
T1059.006
|
Python
|
|
CVE-2019-16760
|
cargo
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-16760
|
cargo
| secondary_impact |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2019-16782
|
rack
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-16782
|
rack
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2019-6522
|
Moxa IKS, EDS
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-6522
|
Moxa IKS, EDS
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-10980
|
LCDS LAquis SCADA
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-10980
|
LCDS LAquis SCADA
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| primary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| exploitation_technique |
T0860
|
Wireless Compromise
|
|
CVE-2019-6538
|
Medtronic Conexus Radio Frequency Telemetry Protocol
| exploitation_technique |
T1477
|
Exploit via Radio Interfaces
|
|
CVE-2019-13511
|
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-13511
|
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2019-6563
|
Moxa IKS, EDS
| primary_impact |
T1539
|
Steal Web Session Cookie
|
|
CVE-2019-6563
|
Moxa IKS, EDS
| secondary_impact |
T1078
|
Valid Accounts
|
|
CVE-2019-6563
|
Moxa IKS, EDS
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2019-13555
|
Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2019-13555
|
Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.
| secondary_impact |
T0826
|
Loss of Availability
|
|
CVE-2019-10990
|
Red Lion Controls Crimson (Windows configuration software)
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2019-10990
|
Red Lion Controls Crimson (Windows configuration software)
| secondary_impact |
T1066
|
|
|
CVE-2019-10971
|
Network Configurator for DeviceNet Safety
| primary_impact |
T1574.001
|
DLL Search Order Hijacking
|
|
CVE-2019-18234
|
Equinox Control Expert
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-18234
|
Equinox Control Expert
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-18234
|
Equinox Control Expert
| secondary_impact |
T1505.003
|
Web Shell
|
|
CVE-2019-18234
|
Equinox Control Expert
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2019-18234
|
Equinox Control Expert
| secondary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-18234
|
Equinox Control Expert
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-18234
|
Equinox Control Expert
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2019-13522
|
EZ PLC Editor
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-13522
|
EZ PLC Editor
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-6549
|
PR100088 Modbus gateway
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2019-6549
|
PR100088 Modbus gateway
| secondary_impact |
T1078
|
Valid Accounts
|
|
CVE-2019-18263
|
Philips Veradius Unity, Pulsera, and Endura Dual WAN Router
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2019-10987
|
WebAccess/SCADA
| primary_impact |
T1575
|
Native Code
|
|
CVE-2019-13541
|
Horner Automation Cscape
| primary_impact |
T1575
|
Native Code
|
|
CVE-2019-0911
|
Internet Explorer 11
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-0911
|
Internet Explorer 11
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-0911
|
Internet Explorer 11
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-0911
|
Internet Explorer 11
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1087
|
Windows
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1270
|
Windows
| primary_impact |
T1565
|
Data Manipulation
|
|
CVE-2019-1270
|
Windows
| primary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-1270
|
Windows
| exploitation_technique |
T1202
|
Indirect Command Execution
|
|
CVE-2019-1118
|
Windows
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-1118
|
Windows
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1118
|
Windows
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-1118
|
Windows
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2019-1118
|
Windows
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-1118
|
Windows
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2019-1118
|
Windows
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1118
|
Windows
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1086
|
Windows
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-0576
|
Windows 7
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-0576
|
Windows 7
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-0576
|
Windows 7
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1021
|
Windows
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1423
|
Windows 10 Version 1903 for 32-bit Systems
| primary_impact |
T1565
|
Data Manipulation
|
|
CVE-2019-1423
|
Windows 10 Version 1903 for 32-bit Systems
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1013
|
Windows
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-1013
|
Windows
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1013
|
Windows
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2019-0609
|
Internet Explorer 11
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-0609
|
Internet Explorer 11
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-0609
|
Internet Explorer 11
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-0609
|
Internet Explorer 11
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2019-0609
|
Internet Explorer 11
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-0609
|
Internet Explorer 11
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2019-0609
|
Internet Explorer 11
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-0609
|
Internet Explorer 11
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| secondary_impact |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2019-1031
|
Microsoft SharePoint Foundation
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2019-1402
|
Microsoft Office
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1106
|
Microsoft Edge
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-1106
|
Microsoft Edge
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1106
|
Microsoft Edge
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1106
|
Microsoft Edge
| exploitation_technique |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-1035
|
Microsoft Office
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-1035
|
Microsoft Office
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1035
|
Microsoft Office
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2019-1035
|
Microsoft Office
| exploitation_technique |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-0926
|
Microsoft Edge
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-0926
|
Microsoft Edge
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-0926
|
Microsoft Edge
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-0926
|
Microsoft Edge
| exploitation_technique |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-1052
|
Microsoft Edge
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-1052
|
Microsoft Edge
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-1052
|
Microsoft Edge
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1052
|
Microsoft Edge
| exploitation_technique |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-9670
|
n/a
| uncategorized |
T1005
|
Data from Local System
|
|
CVE-2019-9670
|
n/a
| uncategorized |
T1552.001
|
Credentials In Files
|
|
CVE-2019-9978
|
n/a
| uncategorized |
T1055
|
Process Injection
|
|
CVE-2019-9978
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-1458
|
Windows
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-1458
|
Windows
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-13538
|
n/a
| uncategorized |
T1059.007
|
JavaScript
|
|
CVE-2019-13538
|
n/a
| uncategorized |
T1185
|
Man in the Browser
|
|
CVE-2019-1215
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-1214
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-0859
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-15821
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-15821
|
n/a
| uncategorized |
T1133
|
External Remote Services
|
|
CVE-2019-15821
|
n/a
| uncategorized |
T1136
|
Create Account
|
|
CVE-2019-15821
|
n/a
| uncategorized |
T1565
|
Data Manipulation
|
|
CVE-2019-15821
|
n/a
| uncategorized |
T1149
|
|
|
CVE-2019-5786
|
Chrome
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-5786
|
Chrome
| uncategorized |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2019-2215
|
Android
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-2215
|
Android
| uncategorized |
T1404
|
Exploit OS Vulnerability
|
|
CVE-2019-0808
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-0808
|
Windows
| uncategorized |
T1497
|
Virtualization/Sandbox Evasion
|
|
CVE-2019-5954
|
JR East Japan train operation information push notification App for Android
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-5954
|
JR East Japan train operation information push notification App for Android
| uncategorized |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2019-19735
|
n/a
| uncategorized |
T1110
|
Brute Force
|
|
CVE-2019-11219
|
n/a
| uncategorized |
T1110
|
Brute Force
|
|
CVE-2019-11219
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-18872
|
n/a
| uncategorized |
T1110.001
|
Password Guessing
|
|
CVE-2019-11510
|
n/a
| uncategorized |
T1133
|
External Remote Services
|
|
CVE-2019-11510
|
n/a
| uncategorized |
T1212
|
Exploitation for Credential Access
|
|
CVE-2019-11510
|
n/a
| uncategorized |
T1083
|
File and Directory Discovery
|
|
CVE-2019-7286
|
iOS
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-7286
|
iOS
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-18935
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-18935
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-17026
|
Firefox ESR
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-17026
|
Firefox ESR
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-13720
|
Chrome
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-13720
|
Chrome
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-11886
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2019-11886
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-6703
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-16759
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-15107
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-1132
|
Windows
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-10973
|
Quest KACE
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-0880
|
Windows Server
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-5910
|
HOUSE GATE App for iOS
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-5910
|
HOUSE GATE App for iOS
| uncategorized |
T1005
|
Data from Local System
|
|
CVE-2019-2729
|
WebLogic Server
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-2729
|
WebLogic Server
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-2725
|
Tape Library ACSLS
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-2725
|
Tape Library ACSLS
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2019-11708
|
Firefox ESR
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-11708
|
Firefox ESR
| uncategorized |
T1133
|
External Remote Services
|
|
CVE-2019-11708
|
Firefox ESR
| uncategorized |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2019-8540
|
iOS
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-8540
|
iOS
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-0604
|
Microsoft SharePoint Server
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-0604
|
Microsoft SharePoint Server
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-9019
|
n/a
| uncategorized |
T1200
|
Hardware Additions
|
|
CVE-2019-9019
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-9791
|
Thunderbird
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-1579
|
Palo Alto Networks GlobalProtect Portal/Gateway Interface
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-11932
|
android-gif-drawable
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-0903
|
Windows
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-0803
|
Windows
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-10149
|
exim
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-10149
|
exim
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3396
|
Confluence Server
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-3396
|
Confluence Server
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2019-3396
|
Confluence Server
| uncategorized |
T1083
|
File and Directory Discovery
|
|
CVE-2019-13510
|
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-13510
|
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-13541
|
Horner Automation Cscape
| uncategorized |
T1204.002
|
Malicious File
|
|
CVE-2019-13541
|
Horner Automation Cscape
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-13527
|
Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier
| uncategorized |
T1204.002
|
Malicious File
|
|
CVE-2019-13527
|
Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-7287
|
iOS
| uncategorized |
T1404
|
Exploit OS Vulnerability
|
|
CVE-2019-3568
|
WhatsApp for Android
| uncategorized |
T1477
|
Exploit via Radio Interfaces
|
|
CVE-2019-9081
|
| uncategorized |
T1497
|
Virtualization/Sandbox Evasion
|
|
CVE-2019-9081
|
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-9081
|
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-11707
|
Firefox ESR
| uncategorized |
T1499
|
Endpoint Denial of Service
|
|
CVE-2019-16302
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-11869
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2019-13922
|
SINEMA Remote Connect Server
| uncategorized |
T1552
|
Unsecured Credentials
|
|
CVE-2019-12258
|
n/a
| uncategorized |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2019-6340
|
Drupal Core
| uncategorized |
T1566.001
|
Spearphishing Attachment
|
|
CVE-2019-6340
|
Drupal Core
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2019-0708
|
Windows
| uncategorized |
T1574
|
Hijack Execution Flow
|
|
CVE-2019-0708
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2019-0797
|
Windows Server
| uncategorized |
T1608
|
Stage Capabilities
|
|
CVE-2019-13533
|
Omron PLC CJ and CS Series
| uncategorized |
T0855
|
Unauthorized Command Message
|
|
CVE-2019-13533
|
Omron PLC CJ and CS Series
| uncategorized |
T0842
|
Network Sniffing
|
|
CVE-2019-10980
|
LCDS LAquis SCADA
| uncategorized |
T0873
|
Project File Infection
|
|
CVE-2019-10980
|
LCDS LAquis SCADA
| uncategorized |
T1203
|
Exploitation for Client Execution
|
