Common Information
| Type | Value |
|---|---|
| Value |
Vulnerabilities - T1588.006 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may acquire information about vulnerabilities that can be used during targeting. A vulnerability is a weakness in computer hardware or software that can, potentially, be exploited by an adversary to cause unintended or unanticipated behavior to occur. Adversaries may find vulnerability information by searching open databases or gaining access to closed vulnerability databases.(Citation: National Vulnerability Database) An adversary may monitor vulnerability disclosures/databases to understand the state of existing, as well as newly discovered, vulnerabilities. There is usually a delay between when a vulnerability is discovered and when it is made public. An adversary may target the systems of those known to conduct vulnerability research (including commercial vendors). Knowledge of a vulnerability may cause an adversary to search for an existing exploit (i.e. [Exploits](https://attack.mitre.org/techniques/T1588/005)) or to attempt to develop one themselves (i.e. [Exploits](https://attack.mitre.org/techniques/T1587/004)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | — | 0 | New SolarWinds Orion Vulnerabilities Disclosed - IBM X-Force Collection | ||
| Details | Website | — | 0 | Microsoft Security Update for Edge - IBM X-Force Collection | ||
| Details | Website | — | 0 | Mozilla Security Advisory for Thunderbird - IBM X-Force Collection | ||
| Details | Website | — | 0 | Multiple Vulnerabilities in Exim Disclosed - IBM X-Force Collection | ||
| Details | Website | — | 0 | Home user guidance to manage processor vulnerabilities ‘Meltdown’ and ‘Spectre’ | ||
| Details | Website | — | 0 | Critical Nagios Vulnerabilities - IBM X-Force Collection | ||
| Details | Website | — | 0 | SAP Applications Facing Critical Vulnerabilities - IBM X-Force Collection | ||
| Details | Website | — | 0 | Multiple RCE Vulnerabilities in PTC Axeda Agent - IBM X-Force Collection | ||
| Details | Website | — | 0 | VEEAM Backup and Replication Vulnerability - IBM X-Force Collection | ||
| Details | Website | — | 0 | Critical VMWare Vulnerabilities - IBM X-Force Collection | ||
| Details | Website | — | 0 | WhatsApp Zero-Day - IBM X-Force Collection | ||
| Details | Website | — | 0 | Critical Vulnerabilities in VMware Workspace ONE Assist - IBM X-Force Collection | ||
| Details | Website | — | 0 | Critical Command Injection Bug on Cisco IP Phones - IBM X-Force Collection | ||
| Details | Website | — | 0 | Equities process | ||
| Details | Website | — | 0 | Critical Vulnerability in Citrix ADC and Gateway - IBM X-Force Collection | ||
| Details | Website | — | 0 | High Severity Vulnerability Disclosed and Fixed in curl 8.4.0 - IBM X-Force Collection | ||
| Details | Website | — | 0 | Meltdown' and 'Spectre' guidance | ||
| Details | Website | — | 0 | Vulnerability management | ||
| Details | Website | — | 0 | Firmware bugs are like buses | ||
| Details | Website | — | 0 | Why vulnerabilities are like buses | ||
| Details | Website | — | 1 | Password Managers. | ||
| Details | Website | — | 6 | Exploiting A Tricky SQL Injection With sqlmap | pentestmonkey | ||
| Details | Website | — | 4 | UNKNOWN | ||
| Details | Website | — | 8 | UNKNOWN | ||
| Details | Website | — | 57 | UNKNOWN |