| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15243 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15976 |
Cisco Data Center Network Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1098 |
Account Manipulation |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15956 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15958 |
Cisco Prime Infrastructure |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15958 |
Cisco Prime Infrastructure |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
secondary_impact |
T1562 |
Impair Defenses |
| CVE-2019-12660 |
Cisco IOS XE Software 3.2.11aSG |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1753 |
Cisco IOS XE Software |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1753 |
Cisco IOS XE Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1753 |
Cisco IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1753 |
Cisco IOS XE Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1860 |
Cisco Unified Intelligence Center |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1860 |
Cisco Unified Intelligence Center |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1831 |
Cisco Email Security Appliance (ESA) |
primary_impact |
T1036 |
Masquerading |
| CVE-2019-1831 |
Cisco Email Security Appliance (ESA) |
secondary_impact |
T1566 |
Phishing |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1942 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15972 |
Cisco Unified Communications Manager |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-16009 |
Cisco IOS 12.2(15)B |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-16009 |
Cisco IOS 12.2(15)B |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1879 |
Cisco Unified Computing System (Management Software) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1863 |
Cisco Unified Computing System E-Series Software (UCSE) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1941 |
Cisco Identity Services Engine Software |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1838 |
Cisco Application Policy Infrastructure Controller (APIC) |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15249 |
Cisco SPA112 2-Port Phone Adapter |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15280 |
Cisco Firepower Management Center |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-15280 |
Cisco Firepower Management Center |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-15280 |
Cisco Firepower Management Center |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15288 |
Cisco TelePresence TC Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1781 |
Cisco NX-OS Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1781 |
Cisco NX-OS Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1781 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1768 |
Cisco NX-OS Software |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1768 |
Cisco NX-OS Software |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1768 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1724 |
Cisco Small Business RV Series Router Firmware |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-1817 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1529 |
System Shutdown/Reboot |
| CVE-2019-1817 |
Cisco Web Security Appliance (WSA) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1794 |
Cisco Directory Connector |
primary_impact |
T1574.008 |
Path Interception by Search Order Hijacking |
| CVE-2019-1794 |
Cisco Directory Connector |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1620 |
Cisco Data Center Network Manager |
primary_impact |
T1105 |
Ingress Tool Transfer |
| CVE-2019-1620 |
Cisco Data Center Network Manager |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1886 |
Cisco Web Security Appliance (WSA) |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-1711 |
Cisco IOS XR Software |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-1857 |
Cisco HyperFlex HX-Series |
primary_impact |
T1608 |
Stage Capabilities |
| CVE-2019-1857 |
Cisco HyperFlex HX-Series |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1703 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1499.002 |
Service Exhaustion Flood |
| CVE-2019-15963 |
Cisco Unity Connection |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-15963 |
Cisco Unity Connection |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1689 |
Cisco Webex Teams |
primary_impact |
T1105 |
Ingress Tool Transfer |
| CVE-2019-1689 |
Cisco Webex Teams |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1689 |
Cisco Webex Teams |
secondary_impact |
T1531 |
Account Access Removal |
| CVE-2019-15287 |
Cisco WebEx WRF Player |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15287 |
Cisco WebEx WRF Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-15998 |
Cisco IOS XR Software |
primary_impact |
T1133 |
External Remote Services |
| CVE-2019-15998 |
Cisco IOS XR Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1889 |
Cisco Application Policy Infrastructure Controller (APIC) |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1889 |
Cisco Application Policy Infrastructure Controller (APIC) |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1736 |
Cisco Identity Services Engine Software |
primary_impact |
T1542.001 |
System Firmware |
| CVE-2019-1764 |
Cisco Wireless IP Phone 8821 and 8821-EX |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1764 |
Cisco Wireless IP Phone 8821 and 8821-EX |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
secondary_impact |
T1189 |
Drive-by Compromise |
| CVE-2019-1943 |
Cisco Small Business 300 Series Managed Switches |
exploitation_technique |
T1557 |
Man-in-the-Middle |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1665 |
Cisco HyperFlex HX-Series |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-15994 |
Cisco Stealthwatch Enterprise |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-1747 |
Cisco IOS and IOS XE Software |
primary_impact |
T1477 |
Exploit via Radio Interfaces |
| CVE-2019-1747 |
Cisco IOS and IOS XE Software |
secondary_impact |
T1489 |
Service Stop |
| CVE-2019-15959 |
Cisco SPA525G2 5-line IP Phone |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-15959 |
Cisco SPA525G2 5-line IP Phone |
exploitation_technique |
T1091 |
Replication Through Removable Media |
| CVE-2019-15974 |
Cisco Managed Services Accelerator |
primary_impact |
T1565.002 |
Transmitted Data Manipulation |
| CVE-2019-15974 |
Cisco Managed Services Accelerator |
secondary_impact |
T1189 |
Drive-by Compromise |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1772 |
Cisco WebEx WRF Player |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-12696 |
Cisco FireSIGHT System Software |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-12696 |
Cisco FireSIGHT System Software |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1594 |
Nexus 1000V Switch for VMware vSphere |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1594 |
Nexus 1000V Switch for VMware vSphere |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1876 |
Cisco Wide Area Application Services (WAAS) |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1876 |
Cisco Wide Area Application Services (WAAS) |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1612 |
Nexus 3000 Series Switches |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1078 |
Valid Accounts |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
primary_impact |
T1040 |
Network Sniffing |
| CVE-2019-1715 |
Cisco Adaptive Security Appliance (ASA) Software |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1609 |
MDS 9000 Series Multilayer Switches |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1836 |
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
primary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-1836 |
Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-15289 |
Cisco TelePresence TC Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-15289 |
Cisco TelePresence TC Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1611 |
Firepower 4100 Series Next-Generation Firewalls |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15276 |
Cisco Wireless LAN Controller (WLC) |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1915 |
Cisco Unified Communications Manager |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1746 |
Cisco IOS and IOS XE Software |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1746 |
Cisco IOS and IOS XE Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1812 |
Cisco NX-OS Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1812 |
Cisco NX-OS Software |
secondary_impact |
T1548 |
Abuse Elevation Control Mechanism |
| CVE-2019-1812 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-1704 |
Cisco Firepower Threat Defense Software |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-1704 |
Cisco Firepower Threat Defense Software |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1790 |
Cisco NX-OS Software |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1790 |
Cisco NX-OS Software |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1790 |
Cisco NX-OS Software |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3707 |
iDRAC |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3735 |
Dell SupportAssist for Business PCs |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3735 |
Dell SupportAssist for Business PCs |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3754 |
Unity Operating Environment |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-3754 |
Unity Operating Environment |
secondary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-3754 |
Unity Operating Environment |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-3723 |
OpenManage Server Administrator |
primary_impact |
T1485 |
Data Destruction |
| CVE-2019-3723 |
OpenManage Server Administrator |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3723 |
OpenManage Server Administrator |
secondary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-3723 |
OpenManage Server Administrator |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3717 |
Dell Client Commercial and Consumer platforms |
primary_impact |
T1548 |
Abuse Elevation Control Mechanism |
| CVE-2019-3717 |
Dell Client Commercial and Consumer platforms |
exploitation_technique |
T1200 |
Hardware Additions |
| CVE-2019-3732 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3732 |
RSA BSAFE Crypto-C Micro Edition |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3731 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3731 |
RSA BSAFE Crypto-C Micro Edition |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18573 |
RSA Identity Governance & Lifecycle |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3727 |
RecoverPoint |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3727 |
RecoverPoint |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3728 |
RSA BSAFE Crypto-C Micro Edition |
primary_impact |
T1489 |
Service Stop |
| CVE-2019-3790 |
Pivotal Ops Manager |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3790 |
Pivotal Ops Manager |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3719 |
SupportAssist Client |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3719 |
SupportAssist Client |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3704 |
VNX Control Station in Dell EMC VNX2 OE for File |
exploitation_technique |
T1078 |
Valid Accounts |
| CVE-2019-3799 |
Spring Cloud Config |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3799 |
Spring Cloud Config |
exploitation_technique |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18578 |
XtremIO |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-18578 |
XtremIO |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-18578 |
XtremIO |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-3758 |
RSA Archer |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3758 |
RSA Archer |
secondary_impact |
T1136 |
Create Account |
| CVE-2019-3767 |
ImageAssist |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3775 |
UAA Release (OSS) |
primary_impact |
T1098 |
Account Manipulation |
| CVE-2019-3787 |
UAA Release (OSS) |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2019-3787 |
UAA Release (OSS) |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-3787 |
UAA Release (OSS) |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-18571 |
RSA Identity Governance & Lifecycle |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-3782 |
CredHub CLI |
primary_impact |
T1552.001 |
Credentials In Files |
| CVE-2019-3782 |
CredHub CLI |
secondary_impact |
T1098 |
Account Manipulation |
| CVE-2019-3780 |
Cloud Foundry Container Runtime (CFCR) |
primary_impact |
T1552.001 |
Credentials In Files |
| CVE-2019-3780 |
Cloud Foundry Container Runtime (CFCR) |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3798 |
CAPI-release |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-3798 |
CAPI-release |
exploitation_technique |
T1136 |
Create Account |
| CVE-2019-3788 |
UAA Release (OSS) |
secondary_impact |
T1036 |
Masquerading |
| CVE-2019-3788 |
UAA Release (OSS) |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2019-3784 |
Stratos |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-3762 |
Data Protection Central |
primary_impact |
T1553 |
Subvert Trust Controls |
| CVE-2019-3762 |
Data Protection Central |
exploitation_technique |
T1588.004 |
Digital Certificates |
| CVE-2019-18582 |
Data Protection Advisor |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-18581 |
Data Protection Advisor |
primary_impact |
T1562 |
Impair Defenses |
| CVE-2019-18581 |
Data Protection Advisor |
secondary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-3778 |
Spring Security OAuth |
secondary_impact |
T1036 |
Masquerading |
| CVE-2019-3778 |
Spring Security OAuth |
exploitation_technique |
T1566.002 |
Spearphishing Link |
| CVE-2019-3786 |
BOSH Backup and Restore |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-3786 |
BOSH Backup and Restore |
exploitation_technique |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-3706 |
iDRAC |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
primary_impact |
T1059.007 |
JavaScript |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
secondary_impact |
T1185 |
Man in the Browser |
| CVE-2019-3708 |
Dell EMC IsilonSD Management Server |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-3763 |
RSA Identity Governance and Lifecycle |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2019-3763 |
RSA Identity Governance and Lifecycle |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-3750 |
Dell Command Update (DCU) |
primary_impact |
T1485 |
Data Destruction |
| CVE-2019-16768 |
Sylius |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-16784 |
PyInstaller |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-16784 |
PyInstaller |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-16784 |
PyInstaller |
secondary_impact |
T1059.006 |
Python |
| CVE-2019-16760 |
cargo |
primary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-16760 |
cargo |
secondary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2019-16782 |
rack |
primary_impact |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-16782 |
rack |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-6522 |
Moxa IKS, EDS |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-6522 |
Moxa IKS, EDS |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-10980 |
LCDS LAquis SCADA |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-10980 |
LCDS LAquis SCADA |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
primary_impact |
T1557 |
Man-in-the-Middle |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
exploitation_technique |
T0860 |
Wireless Compromise |
| CVE-2019-6538 |
Medtronic Conexus Radio Frequency Telemetry Protocol |
exploitation_technique |
T1477 |
Exploit via Radio Interfaces |
| CVE-2019-13511 |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-13511 |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier |
exploitation_technique |
T1204.001 |
Malicious Link |
| CVE-2019-6563 |
Moxa IKS, EDS |
primary_impact |
T1539 |
Steal Web Session Cookie |
| CVE-2019-6563 |
Moxa IKS, EDS |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-6563 |
Moxa IKS, EDS |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-13555 |
Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior. |
primary_impact |
T1499 |
Endpoint Denial of Service |
| CVE-2019-13555 |
Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior. |
secondary_impact |
T0826 |
Loss of Availability |
| CVE-2019-10990 |
Red Lion Controls Crimson (Windows configuration software) |
primary_impact |
T1078.001 |
Default Accounts |
| CVE-2019-10990 |
Red Lion Controls Crimson (Windows configuration software) |
secondary_impact |
T1066 |
|
| CVE-2019-10971 |
Network Configurator for DeviceNet Safety |
primary_impact |
T1574.001 |
DLL Search Order Hijacking |
| CVE-2019-18234 |
Equinox Control Expert |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-18234 |
Equinox Control Expert |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-18234 |
Equinox Control Expert |
secondary_impact |
T1505.003 |
Web Shell |
| CVE-2019-18234 |
Equinox Control Expert |
secondary_impact |
T1136 |
Create Account |
| CVE-2019-18234 |
Equinox Control Expert |
secondary_impact |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18234 |
Equinox Control Expert |
secondary_impact |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-18234 |
Equinox Control Expert |
exploitation_technique |
T1133 |
External Remote Services |
| CVE-2019-13522 |
EZ PLC Editor |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-13522 |
EZ PLC Editor |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-6549 |
PR100088 Modbus gateway |
primary_impact |
T1552 |
Unsecured Credentials |
| CVE-2019-6549 |
PR100088 Modbus gateway |
secondary_impact |
T1078 |
Valid Accounts |
| CVE-2019-18263 |
Philips Veradius Unity, Pulsera, and Endura Dual WAN Router |
exploitation_technique |
T1110 |
Brute Force |
| CVE-2019-10987 |
WebAccess/SCADA |
primary_impact |
T1575 |
Native Code |
| CVE-2019-13541 |
Horner Automation Cscape |
primary_impact |
T1575 |
Native Code |
| CVE-2019-0911 |
Internet Explorer 11 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-0911 |
Internet Explorer 11 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-0911 |
Internet Explorer 11 |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-0911 |
Internet Explorer 11 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1087 |
Windows |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1270 |
Windows |
primary_impact |
T1565 |
Data Manipulation |
| CVE-2019-1270 |
Windows |
primary_impact |
T1485 |
Data Destruction |
| CVE-2019-1270 |
Windows |
exploitation_technique |
T1202 |
Indirect Command Execution |
| CVE-2019-1118 |
Windows |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-1118 |
Windows |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1118 |
Windows |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1118 |
Windows |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2019-1118 |
Windows |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2019-1118 |
Windows |
secondary_impact |
T1136 |
Create Account |
| CVE-2019-1118 |
Windows |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-1118 |
Windows |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1086 |
Windows |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-0576 |
Windows 7 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-0576 |
Windows 7 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-0576 |
Windows 7 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1021 |
Windows |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1423 |
Windows 10 Version 1903 for 32-bit Systems |
primary_impact |
T1565 |
Data Manipulation |
| CVE-2019-1423 |
Windows 10 Version 1903 for 32-bit Systems |
secondary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1013 |
Windows |
primary_impact |
T1005 |
Data from Local System |
| CVE-2019-1013 |
Windows |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1013 |
Windows |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-0609 |
Internet Explorer 11 |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-0609 |
Internet Explorer 11 |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-0609 |
Internet Explorer 11 |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-0609 |
Internet Explorer 11 |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2019-0609 |
Internet Explorer 11 |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2019-0609 |
Internet Explorer 11 |
secondary_impact |
T1136 |
Create Account |
| CVE-2019-0609 |
Internet Explorer 11 |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-0609 |
Internet Explorer 11 |
exploitation_technique |
T1566 |
Phishing |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
primary_impact |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
secondary_impact |
T1005 |
Data from Local System |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
secondary_impact |
T1565 |
Data Manipulation |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
secondary_impact |
T1485 |
Data Destruction |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
secondary_impact |
T1478 |
Install Insecure or Malicious Configuration |
| CVE-2019-1031 |
Microsoft SharePoint Foundation |
secondary_impact |
T1036 |
Masquerading |
| CVE-2019-1402 |
Microsoft Office |
primary_impact |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1106 |
Microsoft Edge |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-1106 |
Microsoft Edge |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1106 |
Microsoft Edge |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-1106 |
Microsoft Edge |
exploitation_technique |
T1203 |
Exploitation for Client Execution |
| CVE-2019-1035 |
Microsoft Office |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-1035 |
Microsoft Office |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1035 |
Microsoft Office |
exploitation_technique |
T1204.002 |
Malicious File |
| CVE-2019-1035 |
Microsoft Office |
exploitation_technique |
T1203 |
Exploitation for Client Execution |
| CVE-2019-0926 |
Microsoft Edge |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-0926 |
Microsoft Edge |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-0926 |
Microsoft Edge |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-0926 |
Microsoft Edge |
exploitation_technique |
T1203 |
Exploitation for Client Execution |
| CVE-2019-1052 |
Microsoft Edge |
primary_impact |
T1574 |
Hijack Execution Flow |
| CVE-2019-1052 |
Microsoft Edge |
primary_impact |
T1499.004 |
Application or System Exploitation |
| CVE-2019-1052 |
Microsoft Edge |
exploitation_technique |
T1189 |
Drive-by Compromise |
| CVE-2019-1052 |
Microsoft Edge |
exploitation_technique |
T1203 |
Exploitation for Client Execution |
| CVE-2019-9670 |
n/a |
uncategorized |
T1005 |
Data from Local System |
| CVE-2019-9670 |
n/a |
uncategorized |
T1552.001 |
Credentials In Files |
| CVE-2019-9978 |
n/a |
uncategorized |
T1055 |
Process Injection |
| CVE-2019-9978 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-1458 |
Windows |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-1458 |
Windows |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-13538 |
n/a |
uncategorized |
T1059.007 |
JavaScript |
| CVE-2019-13538 |
n/a |
uncategorized |
T1185 |
Man in the Browser |
| CVE-2019-1215 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-1214 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-0859 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-15821 |
n/a |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-15821 |
n/a |
uncategorized |
T1133 |
External Remote Services |
| CVE-2019-15821 |
n/a |
uncategorized |
T1136 |
Create Account |
| CVE-2019-15821 |
n/a |
uncategorized |
T1565 |
Data Manipulation |
| CVE-2019-15821 |
n/a |
uncategorized |
T1149 |
|
| CVE-2019-5786 |
Chrome |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-5786 |
Chrome |
uncategorized |
T1211 |
Exploitation for Defense Evasion |
| CVE-2019-2215 |
Android |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-2215 |
Android |
uncategorized |
T1404 |
Exploit OS Vulnerability |
| CVE-2019-0808 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-0808 |
Windows |
uncategorized |
T1497 |
Virtualization/Sandbox Evasion |
| CVE-2019-5954 |
JR East Japan train operation information push notification App for Android |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-5954 |
JR East Japan train operation information push notification App for Android |
uncategorized |
T1565.001 |
Stored Data Manipulation |
| CVE-2019-19735 |
n/a |
uncategorized |
T1110 |
Brute Force |
| CVE-2019-11219 |
n/a |
uncategorized |
T1110 |
Brute Force |
| CVE-2019-11219 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-18872 |
n/a |
uncategorized |
T1110.001 |
Password Guessing |
| CVE-2019-11510 |
n/a |
uncategorized |
T1133 |
External Remote Services |
| CVE-2019-11510 |
n/a |
uncategorized |
T1212 |
Exploitation for Credential Access |
| CVE-2019-11510 |
n/a |
uncategorized |
T1083 |
File and Directory Discovery |
| CVE-2019-7286 |
iOS |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-7286 |
iOS |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-18935 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-18935 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-17026 |
Firefox ESR |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-17026 |
Firefox ESR |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-13720 |
Chrome |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-13720 |
Chrome |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-11886 |
n/a |
uncategorized |
T1189 |
Drive-by Compromise |
| CVE-2019-11886 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-6703 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-16759 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-15107 |
n/a |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-1132 |
Windows |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-10973 |
Quest KACE |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-0880 |
Windows Server |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-5910 |
HOUSE GATE App for iOS |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-5910 |
HOUSE GATE App for iOS |
uncategorized |
T1005 |
Data from Local System |
| CVE-2019-2729 |
WebLogic Server |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-2729 |
WebLogic Server |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-2725 |
Tape Library ACSLS |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-2725 |
Tape Library ACSLS |
uncategorized |
T1059 |
Command and Scripting Interpreter |
| CVE-2019-11708 |
Firefox ESR |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-11708 |
Firefox ESR |
uncategorized |
T1133 |
External Remote Services |
| CVE-2019-11708 |
Firefox ESR |
uncategorized |
T1211 |
Exploitation for Defense Evasion |
| CVE-2019-8540 |
iOS |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-8540 |
iOS |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2019-0604 |
Microsoft SharePoint Server |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-0604 |
Microsoft SharePoint Server |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2019-9019 |
n/a |
uncategorized |
T1200 |
Hardware Additions |
| CVE-2019-9019 |
n/a |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-9791 |
Thunderbird |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-1579 |
Palo Alto Networks GlobalProtect Portal/Gateway Interface |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-11932 |
android-gif-drawable |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-0903 |
Windows |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-0803 |
Windows |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-10149 |
exim |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-10149 |
exim |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3396 |
Confluence Server |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-3396 |
Confluence Server |
uncategorized |
T1190 |
Exploit Public-Facing Application |
| CVE-2019-3396 |
Confluence Server |
uncategorized |
T1083 |
File and Directory Discovery |
| CVE-2019-13510 |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-13510 |
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2019-13541 |
Horner Automation Cscape |
uncategorized |
T1204.002 |
Malicious File |
| CVE-2019-13541 |
Horner Automation Cscape |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-13527 |
Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier |
uncategorized |
T1204.002 |
Malicious File |
| CVE-2019-13527 |
Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-7287 |
iOS |
uncategorized |
T1404 |
Exploit OS Vulnerability |
| CVE-2019-3568 |
WhatsApp for Android |
uncategorized |
T1477 |
Exploit via Radio Interfaces |
| CVE-2019-9081 |
|
uncategorized |
T1497 |
Virtualization/Sandbox Evasion |
| CVE-2019-9081 |
|
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-9081 |
|
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-11707 |
Firefox ESR |
uncategorized |
T1499 |
Endpoint Denial of Service |
| CVE-2019-16302 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2019-11869 |
n/a |
uncategorized |
T1499.004 |
Application or System Exploitation |
| CVE-2019-13922 |
SINEMA Remote Connect Server |
uncategorized |
T1552 |
Unsecured Credentials |
| CVE-2019-12258 |
n/a |
uncategorized |
T1563 |
Remote Service Session Hijacking |
| CVE-2019-6340 |
Drupal Core |
uncategorized |
T1566.001 |
Spearphishing Attachment |
| CVE-2019-6340 |
Drupal Core |
uncategorized |
T1203 |
Exploitation for Client Execution |
| CVE-2019-0708 |
Windows |
uncategorized |
T1574 |
Hijack Execution Flow |
| CVE-2019-0708 |
Windows |
uncategorized |
T1068 |
Exploitation for Privilege Escalation |
| CVE-2019-0797 |
Windows Server |
uncategorized |
T1608 |
Stage Capabilities |
| CVE-2019-13533 |
Omron PLC CJ and CS Series |
uncategorized |
T0855 |
Unauthorized Command Message |
| CVE-2019-13533 |
Omron PLC CJ and CS Series |
uncategorized |
T0842 |
Network Sniffing |
| CVE-2019-10980 |
LCDS LAquis SCADA |
uncategorized |
T0873 |
Project File Infection |
| CVE-2019-10980 |
LCDS LAquis SCADA |
uncategorized |
T1203 |
Exploitation for Client Execution |
