[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-16889":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":1575,"aliases":1585,"duplicate_of":9,"upstream":1586,"downstream":1587,"duplicates":1602,"related":1603,"reserved_at":9,"published_at":1607,"modified_at":1608,"state":1609,"summary":1610,"references_raw":1618,"kevs":1649,"epss":1650,"epss_history":1653,"metrics":1924,"affected":1940},"CVE-2018-16889","Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.",null,[11,531,1500,1564],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-20","Improper Input Validation","The product receives input or data, but it does\n        not validate or incorrectly validates that the input has the\n        properties that are required to process the data safely and\n        correctly.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,232,236,240,244,248,252,256,260,264,268,272,276,280,284,325,329,333,381,385,389,393,397,401,451,455,459,463,467,471,475,479,483,487,491,495,499,503,507,511,515,519,523,527],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-101","Server Side Include (SSI) Injection",[],{"id":29,"name":30,"techniques":31},"CAPEC-104","Cross Zone Scripting",[],{"id":33,"name":34,"techniques":35},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-109","Object Relational Mapping Injection",[],{"id":41,"name":42,"techniques":43},"CAPEC-110","SQL Injection through SOAP Parameter Tampering",[],{"id":45,"name":46,"techniques":47},"CAPEC-120","Double Encoding",[],{"id":49,"name":50,"techniques":51},"CAPEC-13","Subverting Environment Variable Values",[52,150,192],{"id":53,"name":54,"tactics":55,"countermeasures":62},"T1562.003","Impair Command History Logging",[56,59],{"id":57,"name":58},"TA0030","Defense Evasion",{"id":60,"name":61},"TA0005","Stealth",[63,68,73,77,81,85,90,94,99,104,108,112,117,121,126,130,134,138,142,146],{"id":64,"name":65,"tactic":66},"D3-CI","Configuration Inventory",{"name":67},"Model",{"id":69,"name":70,"tactic":71},"D3-FA","File Analysis",{"name":72},"Detect",{"id":74,"name":75,"tactic":76},"D3-FIM","File Integrity Monitoring",{"name":72},{"id":78,"name":79,"tactic":80},"D3-DA","Dynamic Analysis",{"name":72},{"id":82,"name":83,"tactic":84},"D3-EFA","Emulated File Analysis",{"name":72},{"id":86,"name":87,"tactic":88},"D3-FEV","File Eviction",{"name":89},"Evict",{"id":91,"name":92,"tactic":93},"D3-RKD","Registry Key Deletion",{"name":89},{"id":95,"name":96,"tactic":97},"D3-DF","Decoy File",{"name":98},"Deceive",{"id":100,"name":101,"tactic":102},"D3-DRA","Disable Remote Access",{"name":103},"Harden",{"id":105,"name":106,"tactic":107},"D3-ACH","Application Configuration Hardening",{"name":103},{"id":109,"name":110,"tactic":111},"D3-FE","File Encryption",{"name":103},{"id":113,"name":114,"tactic":115},"D3-RC","Restore Configuration",{"name":116},"Restore",{"id":118,"name":119,"tactic":120},"D3-RF","Restore File",{"name":116},{"id":122,"name":123,"tactic":124},"D3-CQ","Content Quarantine",{"name":125},"Isolate",{"id":127,"name":128,"tactic":129},"D3-CF","Content Filtering",{"name":125},{"id":131,"name":132,"tactic":133},"D3-LFP","Local File Permissions",{"name":125},{"id":135,"name":136,"tactic":137},"D3-RFAM","Remote File Access Mediation",{"name":125},{"id":139,"name":140,"tactic":141},"D3-CM","Content Modification",{"name":125},{"id":143,"name":144,"tactic":145},"D3-EAL","Executable Allowlisting",{"name":125},{"id":147,"name":148,"tactic":149},"D3-EDL","Executable Denylisting",{"name":125},{"id":151,"name":152,"tactics":153,"countermeasures":165},"T1574.006","Dynamic Linker Hijacking",[154,157,160,161,162],{"id":155,"name":156},"TA0110","Persistence",{"id":158,"name":159},"TA0111","Privilege Escalation",{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},"TA0104","Execution",[166,170,172,174,176,178,180,182,184,186,188,190],{"id":167,"name":168,"tactic":169},"D3-SFA","System File Analysis",{"name":72},{"id":69,"name":70,"tactic":171},{"name":72},{"id":74,"name":75,"tactic":173},{"name":72},{"id":86,"name":87,"tactic":175},{"name":89},{"id":95,"name":96,"tactic":177},{"name":98},{"id":109,"name":110,"tactic":179},{"name":103},{"id":118,"name":119,"tactic":181},{"name":116},{"id":127,"name":128,"tactic":183},{"name":125},{"id":131,"name":132,"tactic":185},{"name":125},{"id":135,"name":136,"tactic":187},{"name":125},{"id":122,"name":123,"tactic":189},{"name":125},{"id":139,"name":140,"tactic":191},{"name":125},{"id":193,"name":194,"tactics":195,"countermeasures":201},"T1574.007","Path Interception by PATH Environment Variable",[196,197,198,199,200],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[202,204,206,208,210,212,214,216,218,220,222,224,226,228,230],{"id":69,"name":70,"tactic":203},{"name":72},{"id":74,"name":75,"tactic":205},{"name":72},{"id":78,"name":79,"tactic":207},{"name":72},{"id":82,"name":83,"tactic":209},{"name":72},{"id":86,"name":87,"tactic":211},{"name":89},{"id":95,"name":96,"tactic":213},{"name":98},{"id":109,"name":110,"tactic":215},{"name":103},{"id":118,"name":119,"tactic":217},{"name":116},{"id":127,"name":128,"tactic":219},{"name":125},{"id":131,"name":132,"tactic":221},{"name":125},{"id":135,"name":136,"tactic":223},{"name":125},{"id":122,"name":123,"tactic":225},{"name":125},{"id":139,"name":140,"tactic":227},{"name":125},{"id":143,"name":144,"tactic":229},{"name":125},{"id":147,"name":148,"tactic":231},{"name":125},{"id":233,"name":234,"techniques":235},"CAPEC-135","Format String Injection",[],{"id":237,"name":238,"techniques":239},"CAPEC-136","LDAP Injection",[],{"id":241,"name":242,"techniques":243},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":245,"name":246,"techniques":247},"CAPEC-153","Input Data Manipulation",[],{"id":249,"name":250,"techniques":251},"CAPEC-182","Flash Injection",[],{"id":253,"name":254,"techniques":255},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":257,"name":258,"techniques":259},"CAPEC-22","Exploiting Trust in Client",[],{"id":261,"name":262,"techniques":263},"CAPEC-23","File Content Injection",[],{"id":265,"name":266,"techniques":267},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":269,"name":270,"techniques":271},"CAPEC-231","Oversized Serialized Data Payloads",[],{"id":273,"name":274,"techniques":275},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":277,"name":278,"techniques":279},"CAPEC-250","XML Injection",[],{"id":281,"name":282,"techniques":283},"CAPEC-261","Fuzzing for garnering other adjacent user/sensitive data",[],{"id":285,"name":286,"techniques":287},"CAPEC-267","Leverage Alternate Encoding",[288],{"id":289,"name":290,"tactics":291,"countermeasures":294},"T1027","Obfuscated Files or Information",[292,293],{"id":57,"name":58},{"id":60,"name":61},[295,297,299,301,303,305,307,309,311,313,315,317,319,321,323],{"id":69,"name":70,"tactic":296},{"name":72},{"id":74,"name":75,"tactic":298},{"name":72},{"id":78,"name":79,"tactic":300},{"name":72},{"id":82,"name":83,"tactic":302},{"name":72},{"id":86,"name":87,"tactic":304},{"name":89},{"id":95,"name":96,"tactic":306},{"name":98},{"id":109,"name":110,"tactic":308},{"name":103},{"id":118,"name":119,"tactic":310},{"name":116},{"id":127,"name":128,"tactic":312},{"name":125},{"id":131,"name":132,"tactic":314},{"name":125},{"id":135,"name":136,"tactic":316},{"name":125},{"id":122,"name":123,"tactic":318},{"name":125},{"id":139,"name":140,"tactic":320},{"name":125},{"id":143,"name":144,"tactic":322},{"name":125},{"id":147,"name":148,"tactic":324},{"name":125},{"id":326,"name":327,"techniques":328},"CAPEC-28","Fuzzing",[],{"id":330,"name":331,"techniques":332},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":334,"name":335,"techniques":336},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[337],{"id":338,"name":339,"tactics":340,"countermeasures":344},"T1539","Steal Web Session Cookie",[341],{"id":342,"name":343},"TA0031","Credential Access",[345,349,353,357,361,365,369,373,377],{"id":346,"name":347,"tactic":348},"D3-CCSA","Credential Compromise Scope Analysis",{"name":72},{"id":350,"name":351,"tactic":352},"D3-CR","Credential Revocation",{"name":89},{"id":354,"name":355,"tactic":356},"D3-ANCI","Authentication Cache Invalidation",{"name":89},{"id":358,"name":359,"tactic":360},"D3-DUC","Decoy User Credential",{"name":98},{"id":362,"name":363,"tactic":364},"D3-CH","Credential Hardening",{"name":103},{"id":366,"name":367,"tactic":368},"D3-MFA","Multi-factor Authentication",{"name":103},{"id":370,"name":371,"tactic":372},"D3-CRO","Credential Rotation",{"name":103},{"id":374,"name":375,"tactic":376},"D3-RIC","Reissue Credential",{"name":116},{"id":378,"name":379,"tactic":380},"D3-CTS","Credential Transmission Scoping",{"name":125},{"id":382,"name":383,"techniques":384},"CAPEC-42","MIME Conversion",[],{"id":386,"name":387,"techniques":388},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":390,"name":391,"techniques":392},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":394,"name":395,"techniques":396},"CAPEC-46","Overflow Variables and Tags",[],{"id":398,"name":399,"techniques":400},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":402,"name":403,"techniques":404},"CAPEC-473","Signature Spoof",[405,442],{"id":406,"name":407,"tactics":408,"countermeasures":411},"T1036.001","Invalid Code Signature",[409,410],{"id":57,"name":58},{"id":60,"name":61},[412,414,416,418,420,422,424,426,428,430,432,434,436,438,440],{"id":69,"name":70,"tactic":413},{"name":72},{"id":74,"name":75,"tactic":415},{"name":72},{"id":78,"name":79,"tactic":417},{"name":72},{"id":82,"name":83,"tactic":419},{"name":72},{"id":86,"name":87,"tactic":421},{"name":89},{"id":95,"name":96,"tactic":423},{"name":98},{"id":109,"name":110,"tactic":425},{"name":103},{"id":118,"name":119,"tactic":427},{"name":116},{"id":127,"name":128,"tactic":429},{"name":125},{"id":131,"name":132,"tactic":431},{"name":125},{"id":135,"name":136,"tactic":433},{"name":125},{"id":122,"name":123,"tactic":435},{"name":125},{"id":139,"name":140,"tactic":437},{"name":125},{"id":143,"name":144,"tactic":439},{"name":125},{"id":147,"name":148,"tactic":441},{"name":125},{"id":443,"name":444,"tactics":445,"countermeasures":450},"T1553.002","Code Signing",[446,447],{"id":57,"name":58},{"id":448,"name":449},"TA0112","Defense Impairment",[],{"id":452,"name":453,"techniques":454},"CAPEC-52","Embedding NULL Bytes",[],{"id":456,"name":457,"techniques":458},"CAPEC-53","Postfix, Null Terminate, and Backslash",[],{"id":460,"name":461,"techniques":462},"CAPEC-588","DOM-Based XSS",[],{"id":464,"name":465,"techniques":466},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":468,"name":469,"techniques":470},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":472,"name":473,"techniques":474},"CAPEC-664","Server Side Request Forgery",[],{"id":476,"name":477,"techniques":478},"CAPEC-67","String Format Overflow in syslog()",[],{"id":480,"name":481,"techniques":482},"CAPEC-7","Blind SQL Injection",[],{"id":484,"name":485,"techniques":486},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":488,"name":489,"techniques":490},"CAPEC-72","URL Encoding",[],{"id":492,"name":493,"techniques":494},"CAPEC-73","User-Controlled Filename",[],{"id":496,"name":497,"techniques":498},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":500,"name":501,"techniques":502},"CAPEC-79","Using Slashes in Alternate Encoding",[],{"id":504,"name":505,"techniques":506},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":508,"name":509,"techniques":510},"CAPEC-80","Using UTF-8 Encoding to Bypass Validation Logic",[],{"id":512,"name":513,"techniques":514},"CAPEC-81","Web Server Logs Tampering",[],{"id":516,"name":517,"techniques":518},"CAPEC-83","XPath Injection",[],{"id":520,"name":521,"techniques":522},"CAPEC-85","AJAX Footprinting",[],{"id":524,"name":525,"techniques":526},"CAPEC-88","OS Command Injection",[],{"id":528,"name":529,"techniques":530},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"_key":532,"id":532,"name":533,"description":534,"type":15,"status":535,"abstraction":17,"likelihood_of_exploit":18,"capec":536},"CWE-200","Exposure of Sensitive Information to an Unauthorized Actor","The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.","Draft",[537,541,658,684,686,690,694,698,702,706,796,800,804,826,830,834,838,842,852,856,860,864,868,872,876,880,884,948,952,978,1000,1004,1008,1012,1016,1020,1024,1028,1032,1036,1040,1044,1048,1052,1056,1060,1092,1096,1118,1140,1186,1212,1312,1316,1423,1460,1470,1480,1498],{"id":538,"name":539,"techniques":540},"CAPEC-116","Excavation",[],{"id":49,"name":50,"techniques":542},[543,588,620],{"id":53,"name":54,"tactics":544,"countermeasures":547},[545,546],{"id":57,"name":58},{"id":60,"name":61},[548,550,552,554,556,558,560,562,564,566,568,570,572,574,576,578,580,582,584,586],{"id":64,"name":65,"tactic":549},{"name":67},{"id":69,"name":70,"tactic":551},{"name":72},{"id":74,"name":75,"tactic":553},{"name":72},{"id":78,"name":79,"tactic":555},{"name":72},{"id":82,"name":83,"tactic":557},{"name":72},{"id":86,"name":87,"tactic":559},{"name":89},{"id":91,"name":92,"tactic":561},{"name":89},{"id":95,"name":96,"tactic":563},{"name":98},{"id":100,"name":101,"tactic":565},{"name":103},{"id":105,"name":106,"tactic":567},{"name":103},{"id":109,"name":110,"tactic":569},{"name":103},{"id":113,"name":114,"tactic":571},{"name":116},{"id":118,"name":119,"tactic":573},{"name":116},{"id":122,"name":123,"tactic":575},{"name":125},{"id":127,"name":128,"tactic":577},{"name":125},{"id":131,"name":132,"tactic":579},{"name":125},{"id":135,"name":136,"tactic":581},{"name":125},{"id":139,"name":140,"tactic":583},{"name":125},{"id":143,"name":144,"tactic":585},{"name":125},{"id":147,"name":148,"tactic":587},{"name":125},{"id":151,"name":152,"tactics":589,"countermeasures":595},[590,591,592,593,594],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[596,598,600,602,604,606,608,610,612,614,616,618],{"id":167,"name":168,"tactic":597},{"name":72},{"id":69,"name":70,"tactic":599},{"name":72},{"id":74,"name":75,"tactic":601},{"name":72},{"id":86,"name":87,"tactic":603},{"name":89},{"id":95,"name":96,"tactic":605},{"name":98},{"id":109,"name":110,"tactic":607},{"name":103},{"id":118,"name":119,"tactic":609},{"name":116},{"id":127,"name":128,"tactic":611},{"name":125},{"id":131,"name":132,"tactic":613},{"name":125},{"id":135,"name":136,"tactic":615},{"name":125},{"id":122,"name":123,"tactic":617},{"name":125},{"id":139,"name":140,"tactic":619},{"name":125},{"id":193,"name":194,"tactics":621,"countermeasures":627},[622,623,624,625,626],{"id":155,"name":156},{"id":158,"name":159},{"id":57,"name":58},{"id":60,"name":61},{"id":163,"name":164},[628,630,632,634,636,638,640,642,644,646,648,650,652,654,656],{"id":69,"name":70,"tactic":629},{"name":72},{"id":74,"name":75,"tactic":631},{"name":72},{"id":78,"name":79,"tactic":633},{"name":72},{"id":82,"name":83,"tactic":635},{"name":72},{"id":86,"name":87,"tactic":637},{"name":89},{"id":95,"name":96,"tactic":639},{"name":98},{"id":109,"name":110,"tactic":641},{"name":103},{"id":118,"name":119,"tactic":643},{"name":116},{"id":127,"name":128,"tactic":645},{"name":125},{"id":131,"name":132,"tactic":647},{"name":125},{"id":135,"name":136,"tactic":649},{"name":125},{"id":122,"name":123,"tactic":651},{"name":125},{"id":139,"name":140,"tactic":653},{"name":125},{"id":143,"name":144,"tactic":655},{"name":125},{"id":147,"name":148,"tactic":657},{"name":125},{"id":659,"name":660,"techniques":661},"CAPEC-169","Footprinting",[662,670,678],{"id":663,"name":664,"tactics":665,"countermeasures":669},"T1217","Browser Information Discovery",[666],{"id":667,"name":668},"TA0102","Discovery",[],{"id":671,"name":672,"tactics":673,"countermeasures":677},"T1592","Gather Victim Host Information",[674],{"id":675,"name":676},"TA0043","Reconnaissance",[],{"id":679,"name":680,"tactics":681,"countermeasures":683},"T1595","Active Scanning",[682],{"id":675,"name":676},[],{"id":257,"name":258,"techniques":685},[],{"id":687,"name":688,"techniques":689},"CAPEC-224","Fingerprinting",[],{"id":691,"name":692,"techniques":693},"CAPEC-285","ICMP Echo Request Ping",[],{"id":695,"name":696,"techniques":697},"CAPEC-287","TCP SYN Scan",[],{"id":699,"name":700,"techniques":701},"CAPEC-290","Enumerate Mail Exchange (MX) Records",[],{"id":703,"name":704,"techniques":705},"CAPEC-291","DNS Zone Transfers",[],{"id":707,"name":708,"techniques":709},"CAPEC-292","Host Discovery",[710],{"id":711,"name":712,"tactics":713,"countermeasures":715},"T1018","Remote System Discovery",[714],{"id":667,"name":668},[716,720,722,724,726,730,734,738,742,746,750,754,758,762,764,766,768,770,774,776,778,780,782,784,788,790,792],{"id":717,"name":718,"tactic":719},"D3-SCA","System Call Analysis",{"name":72},{"id":167,"name":168,"tactic":721},{"name":72},{"id":69,"name":70,"tactic":723},{"name":72},{"id":74,"name":75,"tactic":725},{"name":72},{"id":727,"name":728,"tactic":729},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":72},{"id":731,"name":732,"tactic":733},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":72},{"id":735,"name":736,"tactic":737},"D3-CSPP","Client-server Payload Profiling",{"name":72},{"id":739,"name":740,"tactic":741},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":72},{"id":743,"name":744,"tactic":745},"D3-NTSA","Network Traffic Signature Analysis",{"name":72},{"id":747,"name":748,"tactic":749},"D3-APCA","Application Protocol Command Analysis",{"name":72},{"id":751,"name":752,"tactic":753},"D3-NTCD","Network Traffic Community Deviation",{"name":72},{"id":755,"name":756,"tactic":757},"D3-RTSD","Remote Terminal Session Detection",{"name":72},{"id":759,"name":760,"tactic":761},"D3-PSA","Process Spawn Analysis",{"name":72},{"id":86,"name":87,"tactic":763},{"name":89},{"id":95,"name":96,"tactic":765},{"name":98},{"id":109,"name":110,"tactic":767},{"name":103},{"id":118,"name":119,"tactic":769},{"name":116},{"id":771,"name":772,"tactic":773},"D3-SCF","System Call Filtering",{"name":125},{"id":127,"name":128,"tactic":775},{"name":125},{"id":131,"name":132,"tactic":777},{"name":125},{"id":135,"name":136,"tactic":779},{"name":125},{"id":122,"name":123,"tactic":781},{"name":125},{"id":139,"name":140,"tactic":783},{"name":125},{"id":785,"name":786,"tactic":787},"D3-NTF","Network Traffic Filtering",{"name":125},{"id":143,"name":144,"tactic":789},{"name":125},{"id":147,"name":148,"tactic":791},{"name":125},{"id":793,"name":794,"tactic":795},"D3-HBPI","Hardware-based Process Isolation",{"name":125},{"id":797,"name":798,"techniques":799},"CAPEC-293","Traceroute Route Enumeration",[],{"id":801,"name":802,"techniques":803},"CAPEC-294","ICMP Address Mask Request",[],{"id":805,"name":806,"techniques":807},"CAPEC-295","Timestamp Request",[808],{"id":809,"name":810,"tactics":811,"countermeasures":813},"T1124","System Time Discovery",[812],{"id":667,"name":668},[814,816,818,820,822,824],{"id":717,"name":718,"tactic":815},{"name":72},{"id":759,"name":760,"tactic":817},{"name":72},{"id":771,"name":772,"tactic":819},{"name":125},{"id":143,"name":144,"tactic":821},{"name":125},{"id":147,"name":148,"tactic":823},{"name":125},{"id":793,"name":794,"tactic":825},{"name":125},{"id":827,"name":828,"techniques":829},"CAPEC-296","ICMP Information Request",[],{"id":831,"name":832,"techniques":833},"CAPEC-297","TCP ACK Ping",[],{"id":835,"name":836,"techniques":837},"CAPEC-298","UDP Ping",[],{"id":839,"name":840,"techniques":841},"CAPEC-299","TCP SYN Ping",[],{"id":843,"name":844,"techniques":845},"CAPEC-300","Port Scanning",[846],{"id":847,"name":848,"tactics":849,"countermeasures":851},"T1046","Network Service Discovery",[850],{"id":667,"name":668},[],{"id":853,"name":854,"techniques":855},"CAPEC-301","TCP Connect Scan",[],{"id":857,"name":858,"techniques":859},"CAPEC-302","TCP FIN Scan",[],{"id":861,"name":862,"techniques":863},"CAPEC-303","TCP Xmas Scan",[],{"id":865,"name":866,"techniques":867},"CAPEC-304","TCP Null Scan",[],{"id":869,"name":870,"techniques":871},"CAPEC-305","TCP ACK Scan",[],{"id":873,"name":874,"techniques":875},"CAPEC-306","TCP Window Scan",[],{"id":877,"name":878,"techniques":879},"CAPEC-307","TCP RPC Scan",[],{"id":881,"name":882,"techniques":883},"CAPEC-308","UDP Scan",[],{"id":885,"name":886,"techniques":887},"CAPEC-309","Network Topology Mapping",[888,932,942],{"id":889,"name":890,"tactics":891,"countermeasures":893},"T1016","System Network Configuration Discovery",[892],{"id":667,"name":668},[894,896,898,900,902,904,906,908,910,912,914,916,918,920,922,924,926,928,930],{"id":69,"name":70,"tactic":895},{"name":72},{"id":74,"name":75,"tactic":897},{"name":72},{"id":78,"name":79,"tactic":899},{"name":72},{"id":82,"name":83,"tactic":901},{"name":72},{"id":717,"name":718,"tactic":903},{"name":72},{"id":759,"name":760,"tactic":905},{"name":72},{"id":86,"name":87,"tactic":907},{"name":89},{"id":95,"name":96,"tactic":909},{"name":98},{"id":109,"name":110,"tactic":911},{"name":103},{"id":118,"name":119,"tactic":913},{"name":116},{"id":127,"name":128,"tactic":915},{"name":125},{"id":131,"name":132,"tactic":917},{"name":125},{"id":135,"name":136,"tactic":919},{"name":125},{"id":122,"name":123,"tactic":921},{"name":125},{"id":139,"name":140,"tactic":923},{"name":125},{"id":143,"name":144,"tactic":925},{"name":125},{"id":147,"name":148,"tactic":927},{"name":125},{"id":771,"name":772,"tactic":929},{"name":125},{"id":793,"name":794,"tactic":931},{"name":125},{"id":933,"name":934,"tactics":935,"countermeasures":937},"T1049","System Network Connections Discovery",[936],{"id":667,"name":668},[938,940],{"id":717,"name":718,"tactic":939},{"name":72},{"id":771,"name":772,"tactic":941},{"name":125},{"id":943,"name":944,"tactics":945,"countermeasures":947},"T1590","Gather Victim Network Information",[946],{"id":675,"name":676},[],{"id":949,"name":950,"techniques":951},"CAPEC-310","Scanning for Vulnerable Software",[],{"id":953,"name":954,"techniques":955},"CAPEC-312","Active OS Fingerprinting",[956],{"id":957,"name":958,"tactics":959,"countermeasures":961},"T1082","System Information Discovery",[960],{"id":667,"name":668},[962,964,966,970,972,974,976],{"id":717,"name":718,"tactic":963},{"name":72},{"id":759,"name":760,"tactic":965},{"name":72},{"id":967,"name":968,"tactic":969},"D3-DE","Decoy Environment",{"name":98},{"id":771,"name":772,"tactic":971},{"name":125},{"id":143,"name":144,"tactic":973},{"name":125},{"id":147,"name":148,"tactic":975},{"name":125},{"id":793,"name":794,"tactic":977},{"name":125},{"id":979,"name":980,"techniques":981},"CAPEC-313","Passive OS Fingerprinting",[982],{"id":957,"name":958,"tactics":983,"countermeasures":985},[984],{"id":667,"name":668},[986,988,990,992,994,996,998],{"id":717,"name":718,"tactic":987},{"name":72},{"id":759,"name":760,"tactic":989},{"name":72},{"id":967,"name":968,"tactic":991},{"name":98},{"id":771,"name":772,"tactic":993},{"name":125},{"id":143,"name":144,"tactic":995},{"name":125},{"id":147,"name":148,"tactic":997},{"name":125},{"id":793,"name":794,"tactic":999},{"name":125},{"id":1001,"name":1002,"techniques":1003},"CAPEC-317","IP ID Sequencing Probe",[],{"id":1005,"name":1006,"techniques":1007},"CAPEC-318","IP 'ID' Echoed Byte-Order Probe",[],{"id":1009,"name":1010,"techniques":1011},"CAPEC-319","IP (DF) 'Don't Fragment Bit' Echoing Probe",[],{"id":1013,"name":1014,"techniques":1015},"CAPEC-320","TCP Timestamp Probe",[],{"id":1017,"name":1018,"techniques":1019},"CAPEC-321","TCP Sequence Number Probe",[],{"id":1021,"name":1022,"techniques":1023},"CAPEC-322","TCP (ISN) Greatest Common Divisor Probe",[],{"id":1025,"name":1026,"techniques":1027},"CAPEC-323","TCP (ISN) Counter Rate Probe",[],{"id":1029,"name":1030,"techniques":1031},"CAPEC-324","TCP (ISN) Sequence Predictability Probe",[],{"id":1033,"name":1034,"techniques":1035},"CAPEC-325","TCP Congestion Control Flag (ECN) Probe",[],{"id":1037,"name":1038,"techniques":1039},"CAPEC-326","TCP Initial Window Size Probe",[],{"id":1041,"name":1042,"techniques":1043},"CAPEC-327","TCP Options Probe",[],{"id":1045,"name":1046,"techniques":1047},"CAPEC-328","TCP 'RST' Flag Checksum Probe",[],{"id":1049,"name":1050,"techniques":1051},"CAPEC-329","ICMP Error Message Quoting Probe",[],{"id":1053,"name":1054,"techniques":1055},"CAPEC-330","ICMP Error Message Echoing Integrity Probe",[],{"id":1057,"name":1058,"techniques":1059},"CAPEC-472","Browser Fingerprinting",[],{"id":1061,"name":1062,"techniques":1063},"CAPEC-497","File Discovery",[1064],{"id":1065,"name":1066,"tactics":1067,"countermeasures":1069},"T1083","File and Directory Discovery",[1068],{"id":667,"name":668},[1070,1072,1074,1076,1078,1080,1082,1084,1086,1088,1090],{"id":69,"name":70,"tactic":1071},{"name":72},{"id":74,"name":75,"tactic":1073},{"name":72},{"id":86,"name":87,"tactic":1075},{"name":89},{"id":95,"name":96,"tactic":1077},{"name":98},{"id":109,"name":110,"tactic":1079},{"name":103},{"id":118,"name":119,"tactic":1081},{"name":116},{"id":131,"name":132,"tactic":1083},{"name":125},{"id":127,"name":128,"tactic":1085},{"name":125},{"id":135,"name":136,"tactic":1087},{"name":125},{"id":122,"name":123,"tactic":1089},{"name":125},{"id":139,"name":140,"tactic":1091},{"name":125},{"id":1093,"name":1094,"techniques":1095},"CAPEC-508","Shoulder Surfing",[],{"id":1097,"name":1098,"techniques":1099},"CAPEC-573","Process Footprinting",[1100],{"id":1101,"name":1102,"tactics":1103,"countermeasures":1105},"T1057","Process Discovery",[1104],{"id":667,"name":668},[1106,1108,1110,1112,1114,1116],{"id":717,"name":718,"tactic":1107},{"name":72},{"id":759,"name":760,"tactic":1109},{"name":72},{"id":771,"name":772,"tactic":1111},{"name":125},{"id":143,"name":144,"tactic":1113},{"name":125},{"id":147,"name":148,"tactic":1115},{"name":125},{"id":793,"name":794,"tactic":1117},{"name":125},{"id":1119,"name":1120,"techniques":1121},"CAPEC-574","Services Footprinting",[1122],{"id":1123,"name":1124,"tactics":1125,"countermeasures":1127},"T1007","System Service Discovery",[1126],{"id":667,"name":668},[1128,1130,1132,1134,1136,1138],{"id":717,"name":718,"tactic":1129},{"name":72},{"id":759,"name":760,"tactic":1131},{"name":72},{"id":771,"name":772,"tactic":1133},{"name":125},{"id":143,"name":144,"tactic":1135},{"name":125},{"id":147,"name":148,"tactic":1137},{"name":125},{"id":793,"name":794,"tactic":1139},{"name":125},{"id":1141,"name":1142,"techniques":1143},"CAPEC-575","Account Footprinting",[1144],{"id":1145,"name":1146,"tactics":1147,"countermeasures":1149},"T1087","Account Discovery",[1148],{"id":667,"name":668},[1150,1154,1158,1162,1166,1170,1174,1178,1182],{"id":1151,"name":1152,"tactic":1153},"D3-AM","Access Modeling",{"name":67},{"id":1155,"name":1156,"tactic":1157},"D3-LAM","Local Account Monitoring",{"name":72},{"id":1159,"name":1160,"tactic":1161},"D3-DAM","Domain Account Monitoring",{"name":72},{"id":1163,"name":1164,"tactic":1165},"D3-AL","Account Locking",{"name":89},{"id":1167,"name":1168,"tactic":1169},"D3-AA","Agent Authentication",{"name":103},{"id":1171,"name":1172,"tactic":1173},"D3-CDP","Change Default Password",{"name":103},{"id":1175,"name":1176,"tactic":1177},"D3-ULA","Unlock Account",{"name":116},{"id":1179,"name":1180,"tactic":1181},"D3-RUAA","Restore User Account Access",{"name":116},{"id":1183,"name":1184,"tactic":1185},"D3-UAP","User Account Permissions",{"name":125},{"id":1187,"name":1188,"techniques":1189},"CAPEC-576","Group Permission Footprinting",[1190,1196],{"id":1191,"name":1192,"tactics":1193,"countermeasures":1195},"T1069","Permission Groups Discovery",[1194],{"id":667,"name":668},[],{"id":1197,"name":1198,"tactics":1199,"countermeasures":1201},"T1615","Group Policy Discovery",[1200],{"id":667,"name":668},[1202,1204,1208,1210],{"id":64,"name":65,"tactic":1203},{"name":67},{"id":1205,"name":1206,"tactic":1207},"D3-NTPM","Network Traffic Policy Mapping",{"name":67},{"id":1151,"name":1152,"tactic":1209},{"name":67},{"id":113,"name":114,"tactic":1211},{"name":116},{"id":1213,"name":1214,"techniques":1215},"CAPEC-577","Owner Footprinting",[1216],{"id":1217,"name":1218,"tactics":1219,"countermeasures":1221},"T1033","System Owner/User Discovery",[1220],{"id":667,"name":668},[1222,1226,1228,1230,1232,1236,1240,1242,1244,1248,1252,1256,1260,1262,1264,1268,1272,1274,1278,1280,1282,1284,1286,1288,1290,1294,1296,1300,1304,1308,1310],{"id":1223,"name":1224,"tactic":1225},"D3-DI","Data Inventory",{"name":67},{"id":69,"name":70,"tactic":1227},{"name":72},{"id":74,"name":75,"tactic":1229},{"name":72},{"id":717,"name":718,"tactic":1231},{"name":72},{"id":1233,"name":1234,"tactic":1235},"D3-PLA","Process Lineage Analysis",{"name":72},{"id":1237,"name":1238,"tactic":1239},"D3-PSMD","Process Self-Modification Detection",{"name":72},{"id":759,"name":760,"tactic":1241},{"name":72},{"id":86,"name":87,"tactic":1243},{"name":89},{"id":1245,"name":1246,"tactic":1247},"D3-PT","Process Termination",{"name":89},{"id":1249,"name":1250,"tactic":1251},"D3-PS","Process Suspension",{"name":89},{"id":1253,"name":1254,"tactic":1255},"D3-HR","Host Reboot",{"name":89},{"id":1257,"name":1258,"tactic":1259},"D3-HS","Host Shutdown",{"name":89},{"id":95,"name":96,"tactic":1261},{"name":98},{"id":109,"name":110,"tactic":1263},{"name":103},{"id":1265,"name":1266,"tactic":1267},"D3-PSEP","Process Segment Execution Prevention",{"name":103},{"id":1269,"name":1270,"tactic":1271},"D3-SAOR","Segment Address Offset Randomization",{"name":103},{"id":118,"name":119,"tactic":1273},{"name":116},{"id":1275,"name":1276,"tactic":1277},"D3-RD","Restore Database",{"name":116},{"id":127,"name":128,"tactic":1279},{"name":125},{"id":131,"name":132,"tactic":1281},{"name":125},{"id":135,"name":136,"tactic":1283},{"name":125},{"id":122,"name":123,"tactic":1285},{"name":125},{"id":139,"name":140,"tactic":1287},{"name":125},{"id":771,"name":772,"tactic":1289},{"name":125},{"id":1291,"name":1292,"tactic":1293},"D3-KBPI","Kernel-based Process Isolation",{"name":125},{"id":793,"name":794,"tactic":1295},{"name":125},{"id":1297,"name":1298,"tactic":1299},"D3-ABPI","Application-based Process Isolation",{"name":125},{"id":1301,"name":1302,"tactic":1303},"D3-WSAM","Web Session Access Mediation",{"name":125},{"id":1305,"name":1306,"tactic":1307},"D3-DTP","Domain Trust Policy",{"name":125},{"id":143,"name":144,"tactic":1309},{"name":125},{"id":147,"name":148,"tactic":1311},{"name":125},{"id":1313,"name":1314,"techniques":1315},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":1317,"name":1318,"techniques":1319},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[1320,1354],{"id":1321,"name":1322,"tactics":1323,"countermeasures":1327},"T1134.001","Token Impersonation/Theft",[1324,1325,1326],{"id":57,"name":58},{"id":60,"name":61},{"id":158,"name":159},[1328,1330,1332,1334,1336,1338,1340,1342,1346,1350,1352],{"id":346,"name":347,"tactic":1329},{"name":72},{"id":350,"name":351,"tactic":1331},{"name":89},{"id":354,"name":355,"tactic":1333},{"name":89},{"id":358,"name":359,"tactic":1335},{"name":98},{"id":362,"name":363,"tactic":1337},{"name":103},{"id":366,"name":367,"tactic":1339},{"name":103},{"id":370,"name":371,"tactic":1341},{"name":103},{"id":1343,"name":1344,"tactic":1345},"D3-TB","Token Binding",{"name":103},{"id":1347,"name":1348,"tactic":1349},"D3-TBA","Token-based Authentication",{"name":103},{"id":374,"name":375,"tactic":1351},{"name":116},{"id":378,"name":379,"tactic":1353},{"name":125},{"id":1355,"name":1356,"tactics":1357,"countermeasures":1362},"T1550.004","Web Session Cookie",[1358,1359],{"id":57,"name":58},{"id":1360,"name":1361},"TA0109","Lateral Movement",[1363,1365,1367,1369,1371,1373,1375,1377,1379,1381,1383,1385,1387,1389,1391,1393,1395,1397,1399,1401,1403,1405,1407,1409,1411,1413,1415,1417,1419,1421],{"id":727,"name":728,"tactic":1364},{"name":72},{"id":731,"name":732,"tactic":1366},{"name":72},{"id":735,"name":736,"tactic":1368},{"name":72},{"id":739,"name":740,"tactic":1370},{"name":72},{"id":743,"name":744,"tactic":1372},{"name":72},{"id":747,"name":748,"tactic":1374},{"name":72},{"id":751,"name":752,"tactic":1376},{"name":72},{"id":755,"name":756,"tactic":1378},{"name":72},{"id":1233,"name":1234,"tactic":1380},{"name":72},{"id":1237,"name":1238,"tactic":1382},{"name":72},{"id":759,"name":760,"tactic":1384},{"name":72},{"id":346,"name":347,"tactic":1386},{"name":72},{"id":1245,"name":1246,"tactic":1388},{"name":89},{"id":1249,"name":1250,"tactic":1390},{"name":89},{"id":1253,"name":1254,"tactic":1392},{"name":89},{"id":1257,"name":1258,"tactic":1394},{"name":89},{"id":350,"name":351,"tactic":1396},{"name":89},{"id":354,"name":355,"tactic":1398},{"name":89},{"id":358,"name":359,"tactic":1400},{"name":98},{"id":362,"name":363,"tactic":1402},{"name":103},{"id":366,"name":367,"tactic":1404},{"name":103},{"id":370,"name":371,"tactic":1406},{"name":103},{"id":374,"name":375,"tactic":1408},{"name":116},{"id":785,"name":786,"tactic":1410},{"name":125},{"id":1291,"name":1292,"tactic":1412},{"name":125},{"id":771,"name":772,"tactic":1414},{"name":125},{"id":793,"name":794,"tactic":1416},{"name":125},{"id":1297,"name":1298,"tactic":1418},{"name":125},{"id":1301,"name":1302,"tactic":1420},{"name":125},{"id":378,"name":379,"tactic":1422},{"name":125},{"id":1424,"name":1425,"techniques":1426},"CAPEC-616","Establish Rogue Location",[1427],{"id":1428,"name":1429,"tactics":1430,"countermeasures":1433},"T1036.005","Match Legitimate Resource Name or Location",[1431,1432],{"id":57,"name":58},{"id":60,"name":61},[1434,1436,1438,1440,1442,1444,1446,1448,1450,1452,1454,1456,1458],{"id":717,"name":718,"tactic":1435},{"name":72},{"id":69,"name":70,"tactic":1437},{"name":72},{"id":74,"name":75,"tactic":1439},{"name":72},{"id":86,"name":87,"tactic":1441},{"name":89},{"id":95,"name":96,"tactic":1443},{"name":98},{"id":109,"name":110,"tactic":1445},{"name":103},{"id":118,"name":119,"tactic":1447},{"name":116},{"id":771,"name":772,"tactic":1449},{"name":125},{"id":127,"name":128,"tactic":1451},{"name":125},{"id":131,"name":132,"tactic":1453},{"name":125},{"id":135,"name":136,"tactic":1455},{"name":125},{"id":122,"name":123,"tactic":1457},{"name":125},{"id":139,"name":140,"tactic":1459},{"name":125},{"id":1461,"name":1462,"techniques":1463},"CAPEC-643","Identify Shared Files/Directories on System",[1464],{"id":1465,"name":1466,"tactics":1467,"countermeasures":1469},"T1135","Network Share Discovery",[1468],{"id":667,"name":668},[],{"id":1471,"name":1472,"techniques":1473},"CAPEC-646","Peripheral Footprinting",[1474],{"id":1475,"name":1476,"tactics":1477,"countermeasures":1479},"T1120","Peripheral Device Discovery",[1478],{"id":667,"name":668},[],{"id":1481,"name":1482,"techniques":1483},"CAPEC-651","Eavesdropping",[1484],{"id":1485,"name":1486,"tactics":1487,"countermeasures":1489},"T1111","Multi-Factor Authentication Interception",[1488],{"id":342,"name":343},[1490,1494],{"id":1491,"name":1492,"tactic":1493},"D3-HCI","Hardware Component Inventory",{"name":67},{"id":1495,"name":1496,"tactic":1497},"D3-RH","Radiation Hardening",{"name":103},{"id":500,"name":501,"techniques":1499},[],{"_key":1501,"id":1501,"name":1502,"description":1503,"type":15,"status":535,"abstraction":1504,"likelihood_of_exploit":9,"capec":1505},"CWE-312","Cleartext Storage of Sensitive Information","The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.","Base",[1506],{"id":1507,"name":1508,"techniques":1509},"CAPEC-37","Retrieve Embedded Sensitive Data",[1510,1540],{"id":1511,"name":1512,"tactics":1513,"countermeasures":1517},"T1005","Data from Local System",[1514],{"id":1515,"name":1516},"TA0100","Collection",[1518,1520,1522,1524,1526,1528,1530,1532,1534,1536,1538],{"id":69,"name":70,"tactic":1519},{"name":72},{"id":74,"name":75,"tactic":1521},{"name":72},{"id":86,"name":87,"tactic":1523},{"name":89},{"id":95,"name":96,"tactic":1525},{"name":98},{"id":109,"name":110,"tactic":1527},{"name":103},{"id":118,"name":119,"tactic":1529},{"name":116},{"id":127,"name":128,"tactic":1531},{"name":125},{"id":131,"name":132,"tactic":1533},{"name":125},{"id":135,"name":136,"tactic":1535},{"name":125},{"id":122,"name":123,"tactic":1537},{"name":125},{"id":139,"name":140,"tactic":1539},{"name":125},{"id":1541,"name":1542,"tactics":1543,"countermeasures":1545},"T1552.004","Private Keys",[1544],{"id":342,"name":343},[1546,1548,1550,1552,1554,1556,1558,1560,1562],{"id":346,"name":347,"tactic":1547},{"name":72},{"id":350,"name":351,"tactic":1549},{"name":89},{"id":354,"name":355,"tactic":1551},{"name":89},{"id":358,"name":359,"tactic":1553},{"name":98},{"id":362,"name":363,"tactic":1555},{"name":103},{"id":366,"name":367,"tactic":1557},{"name":103},{"id":370,"name":371,"tactic":1559},{"name":103},{"id":374,"name":375,"tactic":1561},{"name":116},{"id":378,"name":379,"tactic":1563},{"name":125},{"_key":1565,"id":1565,"name":1566,"description":1567,"type":15,"status":1568,"abstraction":1504,"likelihood_of_exploit":1569,"capec":1570},"CWE-532","Insertion of Sensitive Information into Log File","The product writes sensitive information to a log file.","Incomplete","Medium",[1571],{"id":1572,"name":1573,"techniques":1574},"CAPEC-215","Fuzzing for application mapping",[],[1576],{"_key":1577,"name":1578,"source":1579,"url":1580,"maturity":1581,"reliability_score":1582,"verified":1583,"type":9,"platforms":1584,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_37A15A4B3E6116D2","Exploit Reference (bugzilla.redhat.com)","reference","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16889","unknown",0.2,false,[],[],[],[1588,1590,1592,1594,1596,1598,1600],{"_key":1589},"SUSE-SU-2019:0499-1",{"_key":1591},"SUSE-SU-2019:2049-1",{"_key":1593},"SUSE-SU-2019:2364-1",{"_key":1595},"RHSA-2019:2538",{"_key":1597},"UBUNTU-CVE-2018-16889",{"_key":1599},"USN-4035-1",{"_key":1601},"DEBIAN-CVE-2018-16889",[],[1604,1605,1606],{"_key":1589},{"_key":1591},{"_key":1593},"2019-01-28T14:00:00.000Z","2024-08-05T10:39:57.643Z","Modified",{"cisa_kev":1583,"cisa_ransomware":1583,"cisa_vendor":9,"epss_severity":1611,"epss_score":1612,"severity":1613,"severity_score":1614,"severity_version":1615,"severity_source":1616,"severity_vector":1617,"severity_status":1609},"low",0.00068,"high",7.5,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[1619,1627,1634,1640,1645],{"url":1620,"sources":1621,"tags":1623},"http://www.securityfocus.com/bid/106528",[1622,1616],"cve.org",[1624,1625,1626],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":1580,"sources":1628,"tags":1629},[1622,1616],[1630,1631,1632,1633,1626],"X Refsource CONFIRM","Exploit","Issue Tracking","Patch",{"url":1635,"sources":1636,"tags":1637},"https://usn.ubuntu.com/4035-1/",[1622,1616],[1638,1639],"Vendor Advisory","X Refsource UBUNTU",{"url":1641,"sources":1642,"tags":1643},"https://access.redhat.com/errata/RHSA-2019:2538",[1622,1616],[1638,1644],"X Refsource REDHAT",{"url":1646,"sources":1647,"tags":1648},"https://access.redhat.com/errata/RHSA-2019:2541",[1622,1616],[1638,1644],[],{"date":1651,"score":1612,"percentile":1652},"2026-06-04",0.21081,[1654,1658,1660,1663,1666,1669,1672,1675,1678,1681,1684,1687,1690,1693,1696,1700,1703,1706,1709,1712,1715,1718,1721,1724,1727,1730,1733,1736,1739,1742,1745,1748,1751,1754,1757,1760,1763,1766,1769,1772,1775,1778,1781,1783,1786,1789,1792,1795,1798,1801,1804,1807,1810,1813,1816,1819,1822,1825,1828,1831,1834,1837,1840,1843,1846,1849,1852,1855,1858,1861,1864,1867,1870,1873,1876,1879,1882,1885,1888,1891,1894,1897,1900,1903,1906,1909,1912,1915,1918,1921],{"date":1655,"score":1656,"percentile":1657},"2025-11-04",0.00071,0.21905,{"date":1659,"score":1656,"percentile":1657},"2025-11-05",{"date":1661,"score":1656,"percentile":1662},"2025-11-06",0.21911,{"date":1664,"score":1656,"percentile":1665},"2025-11-07",0.21928,{"date":1667,"score":1656,"percentile":1668},"2025-11-08",0.21937,{"date":1670,"score":1656,"percentile":1671},"2025-11-09",0.21891,{"date":1673,"score":1656,"percentile":1674},"2025-11-10",0.21829,{"date":1676,"score":1656,"percentile":1677},"2025-11-11",0.21853,{"date":1679,"score":1656,"percentile":1680},"2025-11-12",0.21909,{"date":1682,"score":1656,"percentile":1683},"2025-11-13",0.21921,{"date":1685,"score":1656,"percentile":1686},"2025-11-14",0.2191,{"date":1688,"score":1656,"percentile":1689},"2025-11-15",0.21897,{"date":1691,"score":1656,"percentile":1692},"2025-11-16",0.21848,{"date":1694,"score":1656,"percentile":1695},"2025-11-17",0.21809,{"date":1697,"score":1698,"percentile":1699},"2025-11-18",0.00079,0.19554,{"date":1701,"score":1698,"percentile":1702},"2025-11-19",0.19578,{"date":1704,"score":1698,"percentile":1705},"2025-11-20",0.1956,{"date":1707,"score":1656,"percentile":1708},"2025-11-21",0.21771,{"date":1710,"score":1656,"percentile":1711},"2025-11-22",0.21766,{"date":1713,"score":1656,"percentile":1714},"2025-11-23",0.2173,{"date":1716,"score":1656,"percentile":1717},"2025-11-24",0.21703,{"date":1719,"score":1656,"percentile":1720},"2025-11-25",0.21688,{"date":1722,"score":1656,"percentile":1723},"2025-11-26",0.21675,{"date":1725,"score":1656,"percentile":1726},"2025-11-27",0.21637,{"date":1728,"score":1656,"percentile":1729},"2025-11-28",0.21613,{"date":1731,"score":1656,"percentile":1732},"2025-11-29",0.216,{"date":1734,"score":1656,"percentile":1735},"2025-11-30",0.2159,{"date":1737,"score":1656,"percentile":1738},"2025-12-01",0.21638,{"date":1740,"score":1656,"percentile":1741},"2025-12-02",0.21657,{"date":1743,"score":1656,"percentile":1744},"2025-12-03",0.21665,{"date":1746,"score":1656,"percentile":1747},"2025-12-04",0.2161,{"date":1749,"score":1656,"percentile":1750},"2025-12-05",0.21652,{"date":1752,"score":1656,"percentile":1753},"2025-12-06",0.21649,{"date":1755,"score":1656,"percentile":1756},"2025-12-07",0.2162,{"date":1758,"score":1656,"percentile":1759},"2025-12-08",0.21632,{"date":1761,"score":1656,"percentile":1762},"2025-12-09",0.21685,{"date":1764,"score":1656,"percentile":1765},"2025-12-10",0.2176,{"date":1767,"score":1656,"percentile":1768},"2025-12-11",0.21801,{"date":1770,"score":1656,"percentile":1771},"2025-12-12",0.21814,{"date":1773,"score":1656,"percentile":1774},"2025-12-13",0.21821,{"date":1776,"score":1656,"percentile":1777},"2025-12-14",0.21793,{"date":1779,"score":1656,"percentile":1780},"2025-12-15",0.2177,{"date":1782,"score":1656,"percentile":1768},"2025-12-16",{"date":1784,"score":1656,"percentile":1785},"2025-12-17",0.21876,{"date":1787,"score":1656,"percentile":1788},"2025-12-18",0.21957,{"date":1790,"score":1656,"percentile":1791},"2025-12-19",0.21981,{"date":1793,"score":1656,"percentile":1794},"2025-12-20",0.21956,{"date":1796,"score":1656,"percentile":1797},"2025-12-21",0.21899,{"date":1799,"score":1656,"percentile":1800},"2025-12-22",0.21866,{"date":1802,"score":1656,"percentile":1803},"2025-12-23",0.21863,{"date":1805,"score":1656,"percentile":1806},"2025-12-24",0.2188,{"date":1808,"score":1656,"percentile":1809},"2025-12-25",0.21962,{"date":1811,"score":1656,"percentile":1812},"2025-12-26",0.21943,{"date":1814,"score":1656,"percentile":1815},"2025-12-27",0.21952,{"date":1817,"score":1656,"percentile":1818},"2025-12-28",0.21907,{"date":1820,"score":1612,"percentile":1821},"2025-12-29",0.2115,{"date":1823,"score":1612,"percentile":1824},"2025-12-30",0.21133,{"date":1826,"score":1612,"percentile":1827},"2025-12-31",0.21199,{"date":1829,"score":1612,"percentile":1830},"2026-01-01",0.21289,{"date":1832,"score":1612,"percentile":1833},"2026-01-02",0.2129,{"date":1835,"score":1612,"percentile":1836},"2026-01-03",0.21275,{"date":1838,"score":1612,"percentile":1839},"2026-01-04",0.21179,{"date":1841,"score":1612,"percentile":1842},"2026-01-05",0.2117,{"date":1844,"score":1612,"percentile":1845},"2026-01-06",0.21183,{"date":1847,"score":1612,"percentile":1848},"2026-01-07",0.21218,{"date":1850,"score":1612,"percentile":1851},"2026-01-08",0.2127,{"date":1853,"score":1612,"percentile":1854},"2026-01-09",0.21265,{"date":1856,"score":1612,"percentile":1857},"2026-01-10",0.21246,{"date":1859,"score":1612,"percentile":1860},"2026-01-11",0.21217,{"date":1862,"score":1612,"percentile":1863},"2026-01-12",0.21181,{"date":1865,"score":1612,"percentile":1866},"2026-01-13",0.21157,{"date":1868,"score":1612,"percentile":1869},"2026-01-14",0.21216,{"date":1871,"score":1612,"percentile":1872},"2026-01-15",0.21219,{"date":1874,"score":1612,"percentile":1875},"2026-01-16",0.21248,{"date":1877,"score":1612,"percentile":1878},"2026-01-17",0.21257,{"date":1880,"score":1612,"percentile":1881},"2026-01-18",0.21207,{"date":1883,"score":1612,"percentile":1884},"2026-01-19",0.21159,{"date":1886,"score":1612,"percentile":1887},"2026-01-20",0.21136,{"date":1889,"score":1612,"percentile":1890},"2026-01-21",0.21096,{"date":1892,"score":1612,"percentile":1893},"2026-01-22",0.21075,{"date":1895,"score":1612,"percentile":1896},"2026-01-23",0.21169,{"date":1898,"score":1612,"percentile":1899},"2026-01-24",0.21191,{"date":1901,"score":1612,"percentile":1902},"2026-01-25",0.21112,{"date":1904,"score":1612,"percentile":1905},"2026-01-26",0.21002,{"date":1907,"score":1612,"percentile":1908},"2026-01-27",0.20993,{"date":1910,"score":1612,"percentile":1911},"2026-01-28",0.20994,{"date":1913,"score":1612,"percentile":1914},"2026-01-29",0.20954,{"date":1916,"score":1612,"percentile":1917},"2026-01-30",0.20956,{"date":1919,"score":1612,"percentile":1920},"2026-01-31",0.20962,{"date":1922,"score":1612,"percentile":1923},"2026-02-01",0.20996,[1925,1932],{"source":1622,"cvss_v2_0":9,"cvss_v3_0":1926,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1927,"baseSeverity":1928,"vectorString":1929,"impactScore":1930,"exploitabilityScore":1931},5.5,"MEDIUM","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",6,4.6,{"source":1616,"cvss_v2_0":1933,"cvss_v3_0":1938,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1934,"baseSeverity":9,"vectorString":1935,"impactScore":1936,"exploitabilityScore":1937},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":1614,"baseSeverity":1939,"vectorString":1617,"impactScore":1930,"exploitabilityScore":1937},"HIGH",[1941,1952],{"ecosystem":9,"name":1942,"vendor":1943,"product":1942,"cpe_part":1944,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1945},"ceph","redhat","a",[1946],{"version":1947,"is_range":1948,"range_type":1949,"version_start":9,"version_start_type":9,"version_end":1950,"version_end_type":1951,"fixed_in":9},"lte13.2.4",true,"cpe","13.2.4","including",{"ecosystem":9,"name":1942,"vendor":1953,"product":1942,"cpe_part":1944,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1954},"the ceph project",[1955],{"version":1956,"is_range":1948,"range_type":1622,"version_start":9,"version_start_type":9,"version_end":1957,"version_end_type":1951,"fixed_in":9},"up to v13.2.4","v13.2.4"]