{"vulnerability": "CVE-2022-3099", "sightings": [{"uuid": "0e561e47-75ff-461d-bf9b-3a833921e2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30995", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "1deebe21-cd4b-4f02-b557-200581078cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30995", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:46.000000Z"}, {"uuid": "2571c37e-4405-43b9-bd22-4a362818e751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30995", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "f868059d-c58a-442f-9fe6-8abda3686e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30995", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/acronis_cyber_protect_machine_info_disclosure.rb", "content": "", "creation_timestamp": "2024-11-27T15:56:37.000000Z"}, {"uuid": "5b19425e-c014-4633-a2b4-45ad73b18403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30997", "type": "seen", "source": "https://t.me/ics_cert/557", "content": "\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a  Yokogawa\n \n\u06f1- \n\u0627\u0646\u062a\u0642\u0627\u0644 \u0645\u062a\u0646 \u0634\u0641\u0627\u0641 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 CWE-319\n \u0645\u062d\u0635\u0648\u0644 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u0631\u0627 \u0628\u0647 \u0635\u0648\u0631\u062a \u0645\u062a\u0646 \u0634\u0641\u0627\u0641 \u0645\u0646\u062a\u0642\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u06a9\u0647 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u06cc \u06a9\u0647 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0631\u0648\u06cc \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u0628\u062e\u0648\u0627\u0646\u062f/\u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u062f \u06cc\u0627 \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 \u0631\u0627 \u0628\u0627 \u0633\u06cc\u0633\u062a\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u062f.\n CVE-2022-29519 \u0628\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0646\u0645\u0631\u0647 \u067e\u0627\u06cc\u0647 CVSS v3 4.8 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc CVSS (AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \u0627\u0633\u062a.\n\n \u06f2-\n \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0633\u062e\u062a CWE-798\n \u0645\u062d\u0635\u0648\u0644 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc\u200c\u0634\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0647\u0627\u062c\u0645 \u0631\u0627 \u0642\u0627\u062f\u0631 \u200c\u0633\u0627\u0632\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u0628\u062e\u0648\u0627\u0646\u062f/\u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u062f \u06cc\u0627 \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 \u0631\u0627 \u0628\u0627 \u0633\u06cc\u0633\u062a\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u062f.  \n\u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f\u060c \u0648\u0627\u062d\u062f\u0647\u0627\u06cc \u0648\u0627\u062d\u062f CPU \u06a9\u0646\u062a\u0631\u0644\u0631 FCN/FCJ \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0646\u0645\u06cc \u06af\u06cc\u0631\u0646\u062f.\n CVE-2022-30997 \u0628\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0646\u0645\u0631\u0647 \u067e\u0627\u06cc\u0647 CVSS v3 6.3 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc CVSS (AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \u0627\u0633\u062a.\n\n \u06f3-\n \u0646\u0642\u0636 \u0627\u0635\u0648\u0644 \u0637\u0631\u0627\u062d\u06cc \u0627\u06cc\u0645\u0646 CWE-657\n \u0627\u06af\u0631 \u0645\u0647\u0627\u062c\u0645 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 CAMS \u0628\u0631\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 HIS \u0628\u0627 \u0645\u0648\u0641\u0642\u06cc\u062a \u0631\u0627\u06cc\u0627\u0646\u0647\u200c\u0627\u06cc \u0631\u0627 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0642\u0631\u0627\u0631 \u062f\u0647\u062f\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 CAMS \u0628\u0631\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 HIS \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f.  \u0627\u06cc\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 CAMS \u0628\u0631\u0627\u06cc \u0639\u0645\u0644\u06a9\u0631\u062f\u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 HIS \u062f\u0631 \u0647\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u062f\u06cc\u062f\u0647 \u0634\u0648\u062f.\n CVE-2022-30707 \u0628\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0646\u0645\u0631\u0647 \u067e\u0627\u06cc\u0647 CVSS v3 6.4 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc CVSS (AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H) \u0627\u0633\u062a.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2022-06-29T16:43:00.000000Z"}, {"uuid": "30f08c33-01c1-4b07-9fb5-04ae7f164f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30999", "type": "seen", "source": "https://t.me/cibsecurity/43710", "content": "\u203c CVE-2022-30999 \u203c\n\nFriendsofFlarum (FoF) Upload is an extension that handles file uploads intelligently for your forum. If FoF Upload prior to version 1.2.3 is configured to allow the uploading of SVG files ('image/svg+xml'), navigating directly to an SVG file URI could execute arbitrary Javascript code decided by an attacker. This Javascript code could include the execution of HTTP web requests to Flarum, or any other web service. This could allow data to be leaked by an authenticated Flarum user, or, possibly, for data to be modified maliciously. This issue has been patched with v1.2.3, which now sanitizes uploaded SVG files. As a workaround, remove the ability for users to upload SVG files through FoF Upload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T18:38:46.000000Z"}, {"uuid": "517b255d-6772-43d9-9e2b-30913768757e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3099", "type": "seen", "source": "https://t.me/cibsecurity/49275", "content": "\u203c CVE-2022-3099 \u203c\n\nUse After Free in GitHub repository vim/vim prior to 9.0.0359.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-03T20:40:22.000000Z"}, {"uuid": "cb470976-9be7-4e41-8248-c9fae0df53cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30998", "type": "seen", "source": "https://t.me/cibsecurity/46827", "content": "\u203c CVE-2022-30998 \u203c\n\nMultiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin &lt;= 1.1 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T20:23:33.000000Z"}, {"uuid": "dfd20e5b-97a4-4f20-9247-2b82878aabcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30995", "type": "seen", "source": "https://t.me/cibsecurity/63208", "content": "\u203c CVE-2022-30995 \u203c\n\nSensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T14:30:54.000000Z"}, {"uuid": "c4374b08-f8e8-43e9-9cdc-f2b404c7c5c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30993", "type": "seen", "source": "https://t.me/cibsecurity/42968", "content": "\u203c CVE-2022-30993 \u203c\n\nCleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T00:29:00.000000Z"}, {"uuid": "8f398b4f-400b-426e-949e-33ef2cf2eb04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30997", "type": "seen", "source": "https://t.me/cibsecurity/45283", "content": "\u203c CVE-2022-30997 \u203c\n\nUse of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T16:35:57.000000Z"}, {"uuid": "8cf84254-1643-4e0a-9e77-fd70a9a2d686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30990", "type": "seen", "source": "https://t.me/cibsecurity/42965", "content": "\u203c CVE-2022-30990 \u203c\n\nSensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T00:28:54.000000Z"}, {"uuid": "d179439a-b5e1-43ab-ac10-df8e5ccd2dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30991", "type": "seen", "source": "https://t.me/cibsecurity/42961", "content": "\u203c CVE-2022-30991 \u203c\n\nHTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T00:28:48.000000Z"}, {"uuid": "083090de-dbf8-416c-b417-cd7395151e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3099", "type": "seen", "source": "https://t.me/cultofwire/1186", "content": "Exploit Prediction Scoring System (EPSS)\n\n\u041d\u0435\u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0435 \u0431\u044b\u0432\u0430\u0435\u0442. \u041f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u044b\u0439 \u0434\u0435\u043d\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE \u0438 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043a\u0430\u0436\u0434\u043e\u0439 \u043d\u043e\u0432\u043e\u0439 \u043d\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e. \u0421\u043a\u0430\u043d\u0435\u0440\u044b \u0438 XDR \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u0441\u0451 \u0438 \u0441\u0440\u0430\u0437\u0443 \u043d\u0435\u043b\u044c\u0437\u044f, \u043d\u0430 \u0432\u0441\u0451 \u043d\u0435 \u0445\u0432\u0430\u0442\u0438\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0430 \u043c\u043e\u0436\u0435\u0442 \u0438 \u0432\u043e\u0432\u0441\u0435 \u043d\u0435 \u0431\u044b\u0442\u044c \u043f\u0430\u0442\u0447\u0430 \u0438 \u043d\u0443\u0436\u043d\u044b \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b. \u041d\u043e \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u043e\u0436\u0434\u0430\u0442\u044c, \u0430 \u0447\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0438\u043a\u0440\u044b\u0442\u044c \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c? \u0412 \u044d\u0442\u043e\u043c \u043d\u0430\u043c \u043f\u043e\u043c\u043e\u0436\u0435\u0442 EPSS.\n\nExploit Prediction Scoring System (EPSS) - \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 in the wild. \u0425\u043e\u0442\u044f \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u044b \u0431\u044b\u043b\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u043e\u0436\u0434\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0441\u0442\u0438\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e\u043d\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u044b \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u0443\u0433\u0440\u043e\u0437\u044b. EPSS \u0432\u043e\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0431\u0435\u043b, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u0435\u043a\u0443\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u0433\u0440\u043e\u0437\u0430\u0445 \u0438\u0437 CVE \u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u0445.\n\n\u0414\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EPSS \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0441\u044f\u0442\u043a\u0430 \u043a\u0440\u0438\u0442\u0435\u0440\u0438\u0435\u0432. \u0421\u044e\u0434\u0430 \u0432\u0445\u043e\u0434\u044f\u0442:\n- CVE,\n- \u043e\u0446\u0435\u043d\u043a\u0430 CVSS,\n- \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432,\n- \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430,\n- \u0432\u0435\u043d\u0434\u043e\u0440\n- \u0438 \u043f\u0440\u043e\u0447\u0438\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0432\u0441\u0435 \u043a\u0440\u0438\u0442\u0435\u0440\u0438\u0438, EPSS \u0432\u044b\u0434\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u043d\u0442 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\u041c\u043e\u0434\u0435\u043b\u044c EPSS \u0432\u044b\u0434\u0430\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 0 \u0434\u043e 1 (\u043e\u0442 0 \u0434\u043e 100 %).\n\u0427\u0435\u043c \u0432\u044b\u0448\u0435 \u0431\u0430\u043b\u043b, \u0442\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\nEPSS \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0432 2019 \u0433\u043e\u0434\u0443 \u041c\u0430\u0439\u043a\u043b\u043e\u043c \u0420\u043e\u0439\u0442\u043c\u0430\u043d\u043e\u043c (Michael Roytman) \u0438\u0437 Kenna Security \u0438 \u0414\u0436\u0435\u0435\u043c \u0414\u0436\u0435\u0439\u043a\u043e\u0431\u0441\u043e\u043c (Jay Jacobs) \u0438\u0437 Cyentia Institute \u043d\u0430 Black Hat USA, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c FIRST (Forum of Incident Response and Security Teams). \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0420\u043e\u0439\u0442\u043c\u0430\u043d\u0430 \u0438 \u0414\u0436\u0435\u0439\u043a\u043e\u0431\u0441\u0430, \u043a\u0430\u0436\u0434\u044b\u0439 \u043c\u0435\u0441\u044f\u0446 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u0433\u043e 10% \u043e\u0442 \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438 \u0442\u043e\u043b\u044c\u043a\u043e 2-5% \u043e\u0442 \u0432\u0441\u0435\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f EPSS \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b. \u0420\u0430\u0437\u0432\u0435 \u0447\u0442\u043e \u044d\u0442\u0443 \u0438\u0434\u0435\u044e \u043f\u043e\u0434\u0445\u0432\u0430\u0442\u0438\u043b\u0438 \u0440\u0435\u0431\u044f\u0442\u0430 \u0438\u0437 Vulners.\n\u0410 \u0432 \u0440\u0443\u0441\u0441\u043a\u043e\u044f\u0437\u044b\u0447\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u0440\u043e EPSS \u0437\u043d\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u041b\u0443\u043a\u0430\u0446\u043a\u0438\u0439.\n\n\u041a\u0430\u043a EPSS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043d\u0443\u0436\u043d\u043e \u043b\u0438 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c?\n\n\u0414\u043e\u043f\u0443\u0441\u0442\u0438\u043c, \u0443 \u043d\u0430\u0441 \u0435\u0441\u0442\u044c vim \u0441 CVE-2022-3099 (NIST / Vulners) \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c\u044e High \u0438 CVSS Score 7.8. \u041d\u043e \u043d\u0430\u0434\u043e \u043b\u0438 \u0431\u0435\u0436\u0430\u0442\u044c \u0438 \u043f\u0430\u0442\u0447\u0438\u0442\u044c? \u041f\u0430\u0442\u0447\u0438\u0442\u044c \u043d\u0430\u0434\u043e, \u043d\u043e \u0431\u0435\u0436\u0430\u0442\u044c \u043d\u0435 \u043d\u0430\u0434\u043e. \u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0432\u043e\u043f\u0440\u043e\u0441 \u043d\u0430\u043c \u0438 \u043e\u0442\u0432\u0435\u0442\u0438\u0442 EPSS.\n\u0410 EPSS \u043d\u0430\u043c \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 0.000760000 (\u0432 \u043f\u0435\u0440\u0446\u0435\u043d\u0442\u0438\u043b\u044f\u0445 0.312700000, \u0447\u0442\u043e \u043c\u044b \u0441\u0447\u0438\u0442\u0430\u0435\u043c \u0437\u0430 31.3%), \u0447\u0442\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 Low.\n\n\u0417\u0430\u043c\u0435\u043d\u044f\u0435\u0442 \u043b\u0438 \u043d\u0430\u043c EPSS \u043f\u0440\u0438\u0432\u044b\u0447\u043d\u044b\u0439 CVSS Score? \u041d\u0435\u0442, \u0441\u043a\u043e\u0440\u0435\u0439 \u0434\u043e\u043f\u043e\u043b\u043d\u044f\u0435\u0442. CVSS Score \u043d\u0430\u043c \u043c\u043e\u0436\u0435\u0442 \u0434\u0430\u0442\u044c \u043e\u0431\u0449\u0443\u044e \u043a\u0430\u0440\u0442\u0438\u043d\u0443, \u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e EPSS \u0443\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u044b.\n\u041f\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u043c\u0443 \u0441\u0447\u0451\u0442\u0443, \u0448\u0442\u0443\u043a\u0430 \u0443\u0434\u043e\u0431\u043d\u0430\u044f, \u043d\u043e \u043d\u0435 \u0445\u0432\u0430\u0442\u0430\u0435\u0442 \u044d\u0442\u043e\u0439 \u043e\u0446\u0435\u043d\u043a\u0438 \u043d\u0430 NIST \u0438\u043b\u0438 \u0424\u0421\u0422\u042d\u041a \u0411\u0414\u0423. \u041d\u043e \u0442\u0443\u0442 \u043d\u0430\u0441 \u0432\u044b\u0440\u0443\u0447\u0438\u0442 Vulners, \u0433\u0434\u0435 \u0432\u0441\u0451 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043e.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438:\nFIRST: EPSS Mission\nFIRST: The EPSS Model\nFIRST: EPSS Tools\nVulners Blog. EPSS: Exploit Prediction Scoring System Overview\n\n\u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 EPSS:\nSploitScan (\u041f\u0440\u043e \u043d\u0435\u0433\u043e \u0443 \u043c\u0435\u043d\u044f \u0431\u044b\u043b \u043f\u043e\u0441\u0442)\nCVE_Prioritizer", "creation_timestamp": "2024-01-29T09:15:37.000000Z"}, {"uuid": "e95a2831-630b-4c5f-8624-a11760dd836a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30994", "type": "seen", "source": "https://t.me/cibsecurity/42964", "content": "\u203c CVE-2022-30994 \u203c\n\nCleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T00:28:53.000000Z"}, {"uuid": "07a9ab84-9c87-4261-a0b0-585f9987d29b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30992", "type": "seen", "source": "https://t.me/cibsecurity/42963", "content": "\u203c CVE-2022-30992 \u203c\n\nOpen redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T00:28:52.000000Z"}]}