[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-0202":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":1086,"aliases":1087,"duplicate_of":9,"upstream":1089,"downstream":1090,"duplicates":1095,"related":1096,"reserved_at":9,"published_at":1099,"modified_at":1100,"state":1101,"summary":1102,"references_raw":1111,"kevs":1135,"epss":1136,"epss_history":1139,"metrics":1398,"affected":1410},"CVE-2019-0202","The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-532","Insertion of Sensitive Information into Log File","The product writes sensitive information to a log file.","weakness","Incomplete","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-215","Fuzzing for application mapping",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":29,"likelihood_of_exploit":30,"capec":31},"CWE-200","Exposure of Sensitive Information to an Unauthorized Actor","The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.","Draft","Class","High",[32,36,220,246,250,254,258,262,266,270,360,364,368,390,394,398,402,406,416,420,424,428,432,436,440,444,448,512,516,542,564,568,572,576,580,584,588,592,596,600,604,608,612,616,620,624,656,660,682,704,750,776,876,880,1005,1042,1052,1062,1082],{"id":33,"name":34,"techniques":35},"CAPEC-116","Excavation",[],{"id":37,"name":38,"techniques":39},"CAPEC-13","Subverting Environment Variable Values",[40,138,180],{"id":41,"name":42,"tactics":43,"countermeasures":50},"T1562.003","Impair Command History Logging",[44,47],{"id":45,"name":46},"TA0030","Defense Evasion",{"id":48,"name":49},"TA0005","Stealth",[51,56,61,65,69,73,78,82,87,92,96,100,105,109,114,118,122,126,130,134],{"id":52,"name":53,"tactic":54},"D3-CI","Configuration Inventory",{"name":55},"Model",{"id":57,"name":58,"tactic":59},"D3-FA","File Analysis",{"name":60},"Detect",{"id":62,"name":63,"tactic":64},"D3-FIM","File Integrity Monitoring",{"name":60},{"id":66,"name":67,"tactic":68},"D3-DA","Dynamic Analysis",{"name":60},{"id":70,"name":71,"tactic":72},"D3-EFA","Emulated File Analysis",{"name":60},{"id":74,"name":75,"tactic":76},"D3-FEV","File Eviction",{"name":77},"Evict",{"id":79,"name":80,"tactic":81},"D3-RKD","Registry Key Deletion",{"name":77},{"id":83,"name":84,"tactic":85},"D3-DF","Decoy File",{"name":86},"Deceive",{"id":88,"name":89,"tactic":90},"D3-DRA","Disable Remote Access",{"name":91},"Harden",{"id":93,"name":94,"tactic":95},"D3-ACH","Application Configuration Hardening",{"name":91},{"id":97,"name":98,"tactic":99},"D3-FE","File Encryption",{"name":91},{"id":101,"name":102,"tactic":103},"D3-RC","Restore Configuration",{"name":104},"Restore",{"id":106,"name":107,"tactic":108},"D3-RF","Restore File",{"name":104},{"id":110,"name":111,"tactic":112},"D3-CQ","Content Quarantine",{"name":113},"Isolate",{"id":115,"name":116,"tactic":117},"D3-CF","Content Filtering",{"name":113},{"id":119,"name":120,"tactic":121},"D3-LFP","Local File Permissions",{"name":113},{"id":123,"name":124,"tactic":125},"D3-RFAM","Remote File Access Mediation",{"name":113},{"id":127,"name":128,"tactic":129},"D3-CM","Content Modification",{"name":113},{"id":131,"name":132,"tactic":133},"D3-EAL","Executable Allowlisting",{"name":113},{"id":135,"name":136,"tactic":137},"D3-EDL","Executable Denylisting",{"name":113},{"id":139,"name":140,"tactics":141,"countermeasures":153},"T1574.006","Dynamic Linker Hijacking",[142,145,148,149,150],{"id":143,"name":144},"TA0110","Persistence",{"id":146,"name":147},"TA0111","Privilege Escalation",{"id":45,"name":46},{"id":48,"name":49},{"id":151,"name":152},"TA0104","Execution",[154,158,160,162,164,166,168,170,172,174,176,178],{"id":155,"name":156,"tactic":157},"D3-SFA","System File Analysis",{"name":60},{"id":57,"name":58,"tactic":159},{"name":60},{"id":62,"name":63,"tactic":161},{"name":60},{"id":74,"name":75,"tactic":163},{"name":77},{"id":83,"name":84,"tactic":165},{"name":86},{"id":97,"name":98,"tactic":167},{"name":91},{"id":106,"name":107,"tactic":169},{"name":104},{"id":115,"name":116,"tactic":171},{"name":113},{"id":119,"name":120,"tactic":173},{"name":113},{"id":123,"name":124,"tactic":175},{"name":113},{"id":110,"name":111,"tactic":177},{"name":113},{"id":127,"name":128,"tactic":179},{"name":113},{"id":181,"name":182,"tactics":183,"countermeasures":189},"T1574.007","Path Interception by PATH Environment Variable",[184,185,186,187,188],{"id":143,"name":144},{"id":146,"name":147},{"id":45,"name":46},{"id":48,"name":49},{"id":151,"name":152},[190,192,194,196,198,200,202,204,206,208,210,212,214,216,218],{"id":57,"name":58,"tactic":191},{"name":60},{"id":62,"name":63,"tactic":193},{"name":60},{"id":66,"name":67,"tactic":195},{"name":60},{"id":70,"name":71,"tactic":197},{"name":60},{"id":74,"name":75,"tactic":199},{"name":77},{"id":83,"name":84,"tactic":201},{"name":86},{"id":97,"name":98,"tactic":203},{"name":91},{"id":106,"name":107,"tactic":205},{"name":104},{"id":115,"name":116,"tactic":207},{"name":113},{"id":119,"name":120,"tactic":209},{"name":113},{"id":123,"name":124,"tactic":211},{"name":113},{"id":110,"name":111,"tactic":213},{"name":113},{"id":127,"name":128,"tactic":215},{"name":113},{"id":131,"name":132,"tactic":217},{"name":113},{"id":135,"name":136,"tactic":219},{"name":113},{"id":221,"name":222,"techniques":223},"CAPEC-169","Footprinting",[224,232,240],{"id":225,"name":226,"tactics":227,"countermeasures":231},"T1217","Browser Information Discovery",[228],{"id":229,"name":230},"TA0102","Discovery",[],{"id":233,"name":234,"tactics":235,"countermeasures":239},"T1592","Gather Victim Host Information",[236],{"id":237,"name":238},"TA0043","Reconnaissance",[],{"id":241,"name":242,"tactics":243,"countermeasures":245},"T1595","Active Scanning",[244],{"id":237,"name":238},[],{"id":247,"name":248,"techniques":249},"CAPEC-22","Exploiting Trust in Client",[],{"id":251,"name":252,"techniques":253},"CAPEC-224","Fingerprinting",[],{"id":255,"name":256,"techniques":257},"CAPEC-285","ICMP Echo Request Ping",[],{"id":259,"name":260,"techniques":261},"CAPEC-287","TCP SYN Scan",[],{"id":263,"name":264,"techniques":265},"CAPEC-290","Enumerate Mail Exchange (MX) Records",[],{"id":267,"name":268,"techniques":269},"CAPEC-291","DNS Zone Transfers",[],{"id":271,"name":272,"techniques":273},"CAPEC-292","Host Discovery",[274],{"id":275,"name":276,"tactics":277,"countermeasures":279},"T1018","Remote System Discovery",[278],{"id":229,"name":230},[280,284,286,288,290,294,298,302,306,310,314,318,322,326,328,330,332,334,338,340,342,344,346,348,352,354,356],{"id":281,"name":282,"tactic":283},"D3-SCA","System Call Analysis",{"name":60},{"id":155,"name":156,"tactic":285},{"name":60},{"id":57,"name":58,"tactic":287},{"name":60},{"id":62,"name":63,"tactic":289},{"name":60},{"id":291,"name":292,"tactic":293},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":60},{"id":295,"name":296,"tactic":297},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":60},{"id":299,"name":300,"tactic":301},"D3-CSPP","Client-server Payload Profiling",{"name":60},{"id":303,"name":304,"tactic":305},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":60},{"id":307,"name":308,"tactic":309},"D3-NTSA","Network Traffic Signature Analysis",{"name":60},{"id":311,"name":312,"tactic":313},"D3-APCA","Application Protocol Command Analysis",{"name":60},{"id":315,"name":316,"tactic":317},"D3-NTCD","Network Traffic Community Deviation",{"name":60},{"id":319,"name":320,"tactic":321},"D3-RTSD","Remote Terminal Session Detection",{"name":60},{"id":323,"name":324,"tactic":325},"D3-PSA","Process Spawn Analysis",{"name":60},{"id":74,"name":75,"tactic":327},{"name":77},{"id":83,"name":84,"tactic":329},{"name":86},{"id":97,"name":98,"tactic":331},{"name":91},{"id":106,"name":107,"tactic":333},{"name":104},{"id":335,"name":336,"tactic":337},"D3-SCF","System Call Filtering",{"name":113},{"id":115,"name":116,"tactic":339},{"name":113},{"id":119,"name":120,"tactic":341},{"name":113},{"id":123,"name":124,"tactic":343},{"name":113},{"id":110,"name":111,"tactic":345},{"name":113},{"id":127,"name":128,"tactic":347},{"name":113},{"id":349,"name":350,"tactic":351},"D3-NTF","Network Traffic Filtering",{"name":113},{"id":131,"name":132,"tactic":353},{"name":113},{"id":135,"name":136,"tactic":355},{"name":113},{"id":357,"name":358,"tactic":359},"D3-HBPI","Hardware-based Process Isolation",{"name":113},{"id":361,"name":362,"techniques":363},"CAPEC-293","Traceroute Route Enumeration",[],{"id":365,"name":366,"techniques":367},"CAPEC-294","ICMP Address Mask Request",[],{"id":369,"name":370,"techniques":371},"CAPEC-295","Timestamp Request",[372],{"id":373,"name":374,"tactics":375,"countermeasures":377},"T1124","System Time Discovery",[376],{"id":229,"name":230},[378,380,382,384,386,388],{"id":281,"name":282,"tactic":379},{"name":60},{"id":323,"name":324,"tactic":381},{"name":60},{"id":335,"name":336,"tactic":383},{"name":113},{"id":131,"name":132,"tactic":385},{"name":113},{"id":135,"name":136,"tactic":387},{"name":113},{"id":357,"name":358,"tactic":389},{"name":113},{"id":391,"name":392,"techniques":393},"CAPEC-296","ICMP Information Request",[],{"id":395,"name":396,"techniques":397},"CAPEC-297","TCP ACK Ping",[],{"id":399,"name":400,"techniques":401},"CAPEC-298","UDP Ping",[],{"id":403,"name":404,"techniques":405},"CAPEC-299","TCP SYN Ping",[],{"id":407,"name":408,"techniques":409},"CAPEC-300","Port Scanning",[410],{"id":411,"name":412,"tactics":413,"countermeasures":415},"T1046","Network Service Discovery",[414],{"id":229,"name":230},[],{"id":417,"name":418,"techniques":419},"CAPEC-301","TCP Connect Scan",[],{"id":421,"name":422,"techniques":423},"CAPEC-302","TCP FIN Scan",[],{"id":425,"name":426,"techniques":427},"CAPEC-303","TCP Xmas Scan",[],{"id":429,"name":430,"techniques":431},"CAPEC-304","TCP Null Scan",[],{"id":433,"name":434,"techniques":435},"CAPEC-305","TCP ACK Scan",[],{"id":437,"name":438,"techniques":439},"CAPEC-306","TCP Window Scan",[],{"id":441,"name":442,"techniques":443},"CAPEC-307","TCP RPC Scan",[],{"id":445,"name":446,"techniques":447},"CAPEC-308","UDP Scan",[],{"id":449,"name":450,"techniques":451},"CAPEC-309","Network Topology Mapping",[452,496,506],{"id":453,"name":454,"tactics":455,"countermeasures":457},"T1016","System Network Configuration Discovery",[456],{"id":229,"name":230},[458,460,462,464,466,468,470,472,474,476,478,480,482,484,486,488,490,492,494],{"id":57,"name":58,"tactic":459},{"name":60},{"id":62,"name":63,"tactic":461},{"name":60},{"id":66,"name":67,"tactic":463},{"name":60},{"id":70,"name":71,"tactic":465},{"name":60},{"id":281,"name":282,"tactic":467},{"name":60},{"id":323,"name":324,"tactic":469},{"name":60},{"id":74,"name":75,"tactic":471},{"name":77},{"id":83,"name":84,"tactic":473},{"name":86},{"id":97,"name":98,"tactic":475},{"name":91},{"id":106,"name":107,"tactic":477},{"name":104},{"id":115,"name":116,"tactic":479},{"name":113},{"id":119,"name":120,"tactic":481},{"name":113},{"id":123,"name":124,"tactic":483},{"name":113},{"id":110,"name":111,"tactic":485},{"name":113},{"id":127,"name":128,"tactic":487},{"name":113},{"id":131,"name":132,"tactic":489},{"name":113},{"id":135,"name":136,"tactic":491},{"name":113},{"id":335,"name":336,"tactic":493},{"name":113},{"id":357,"name":358,"tactic":495},{"name":113},{"id":497,"name":498,"tactics":499,"countermeasures":501},"T1049","System Network Connections Discovery",[500],{"id":229,"name":230},[502,504],{"id":281,"name":282,"tactic":503},{"name":60},{"id":335,"name":336,"tactic":505},{"name":113},{"id":507,"name":508,"tactics":509,"countermeasures":511},"T1590","Gather Victim Network Information",[510],{"id":237,"name":238},[],{"id":513,"name":514,"techniques":515},"CAPEC-310","Scanning for Vulnerable Software",[],{"id":517,"name":518,"techniques":519},"CAPEC-312","Active OS Fingerprinting",[520],{"id":521,"name":522,"tactics":523,"countermeasures":525},"T1082","System Information Discovery",[524],{"id":229,"name":230},[526,528,530,534,536,538,540],{"id":281,"name":282,"tactic":527},{"name":60},{"id":323,"name":324,"tactic":529},{"name":60},{"id":531,"name":532,"tactic":533},"D3-DE","Decoy Environment",{"name":86},{"id":335,"name":336,"tactic":535},{"name":113},{"id":131,"name":132,"tactic":537},{"name":113},{"id":135,"name":136,"tactic":539},{"name":113},{"id":357,"name":358,"tactic":541},{"name":113},{"id":543,"name":544,"techniques":545},"CAPEC-313","Passive OS Fingerprinting",[546],{"id":521,"name":522,"tactics":547,"countermeasures":549},[548],{"id":229,"name":230},[550,552,554,556,558,560,562],{"id":281,"name":282,"tactic":551},{"name":60},{"id":323,"name":324,"tactic":553},{"name":60},{"id":531,"name":532,"tactic":555},{"name":86},{"id":335,"name":336,"tactic":557},{"name":113},{"id":131,"name":132,"tactic":559},{"name":113},{"id":135,"name":136,"tactic":561},{"name":113},{"id":357,"name":358,"tactic":563},{"name":113},{"id":565,"name":566,"techniques":567},"CAPEC-317","IP ID Sequencing Probe",[],{"id":569,"name":570,"techniques":571},"CAPEC-318","IP 'ID' Echoed Byte-Order Probe",[],{"id":573,"name":574,"techniques":575},"CAPEC-319","IP (DF) 'Don't Fragment Bit' Echoing Probe",[],{"id":577,"name":578,"techniques":579},"CAPEC-320","TCP Timestamp Probe",[],{"id":581,"name":582,"techniques":583},"CAPEC-321","TCP Sequence Number Probe",[],{"id":585,"name":586,"techniques":587},"CAPEC-322","TCP (ISN) Greatest Common Divisor Probe",[],{"id":589,"name":590,"techniques":591},"CAPEC-323","TCP (ISN) Counter Rate Probe",[],{"id":593,"name":594,"techniques":595},"CAPEC-324","TCP (ISN) Sequence Predictability Probe",[],{"id":597,"name":598,"techniques":599},"CAPEC-325","TCP Congestion Control Flag (ECN) Probe",[],{"id":601,"name":602,"techniques":603},"CAPEC-326","TCP Initial Window Size Probe",[],{"id":605,"name":606,"techniques":607},"CAPEC-327","TCP Options Probe",[],{"id":609,"name":610,"techniques":611},"CAPEC-328","TCP 'RST' Flag Checksum Probe",[],{"id":613,"name":614,"techniques":615},"CAPEC-329","ICMP Error Message Quoting Probe",[],{"id":617,"name":618,"techniques":619},"CAPEC-330","ICMP Error Message Echoing Integrity Probe",[],{"id":621,"name":622,"techniques":623},"CAPEC-472","Browser Fingerprinting",[],{"id":625,"name":626,"techniques":627},"CAPEC-497","File Discovery",[628],{"id":629,"name":630,"tactics":631,"countermeasures":633},"T1083","File and Directory Discovery",[632],{"id":229,"name":230},[634,636,638,640,642,644,646,648,650,652,654],{"id":57,"name":58,"tactic":635},{"name":60},{"id":62,"name":63,"tactic":637},{"name":60},{"id":74,"name":75,"tactic":639},{"name":77},{"id":83,"name":84,"tactic":641},{"name":86},{"id":97,"name":98,"tactic":643},{"name":91},{"id":106,"name":107,"tactic":645},{"name":104},{"id":119,"name":120,"tactic":647},{"name":113},{"id":115,"name":116,"tactic":649},{"name":113},{"id":123,"name":124,"tactic":651},{"name":113},{"id":110,"name":111,"tactic":653},{"name":113},{"id":127,"name":128,"tactic":655},{"name":113},{"id":657,"name":658,"techniques":659},"CAPEC-508","Shoulder Surfing",[],{"id":661,"name":662,"techniques":663},"CAPEC-573","Process Footprinting",[664],{"id":665,"name":666,"tactics":667,"countermeasures":669},"T1057","Process Discovery",[668],{"id":229,"name":230},[670,672,674,676,678,680],{"id":281,"name":282,"tactic":671},{"name":60},{"id":323,"name":324,"tactic":673},{"name":60},{"id":335,"name":336,"tactic":675},{"name":113},{"id":131,"name":132,"tactic":677},{"name":113},{"id":135,"name":136,"tactic":679},{"name":113},{"id":357,"name":358,"tactic":681},{"name":113},{"id":683,"name":684,"techniques":685},"CAPEC-574","Services Footprinting",[686],{"id":687,"name":688,"tactics":689,"countermeasures":691},"T1007","System Service Discovery",[690],{"id":229,"name":230},[692,694,696,698,700,702],{"id":281,"name":282,"tactic":693},{"name":60},{"id":323,"name":324,"tactic":695},{"name":60},{"id":335,"name":336,"tactic":697},{"name":113},{"id":131,"name":132,"tactic":699},{"name":113},{"id":135,"name":136,"tactic":701},{"name":113},{"id":357,"name":358,"tactic":703},{"name":113},{"id":705,"name":706,"techniques":707},"CAPEC-575","Account Footprinting",[708],{"id":709,"name":710,"tactics":711,"countermeasures":713},"T1087","Account Discovery",[712],{"id":229,"name":230},[714,718,722,726,730,734,738,742,746],{"id":715,"name":716,"tactic":717},"D3-AM","Access Modeling",{"name":55},{"id":719,"name":720,"tactic":721},"D3-LAM","Local Account Monitoring",{"name":60},{"id":723,"name":724,"tactic":725},"D3-DAM","Domain Account Monitoring",{"name":60},{"id":727,"name":728,"tactic":729},"D3-AL","Account Locking",{"name":77},{"id":731,"name":732,"tactic":733},"D3-AA","Agent Authentication",{"name":91},{"id":735,"name":736,"tactic":737},"D3-CDP","Change Default Password",{"name":91},{"id":739,"name":740,"tactic":741},"D3-ULA","Unlock Account",{"name":104},{"id":743,"name":744,"tactic":745},"D3-RUAA","Restore User Account Access",{"name":104},{"id":747,"name":748,"tactic":749},"D3-UAP","User Account Permissions",{"name":113},{"id":751,"name":752,"techniques":753},"CAPEC-576","Group Permission Footprinting",[754,760],{"id":755,"name":756,"tactics":757,"countermeasures":759},"T1069","Permission Groups Discovery",[758],{"id":229,"name":230},[],{"id":761,"name":762,"tactics":763,"countermeasures":765},"T1615","Group Policy Discovery",[764],{"id":229,"name":230},[766,768,772,774],{"id":52,"name":53,"tactic":767},{"name":55},{"id":769,"name":770,"tactic":771},"D3-NTPM","Network Traffic Policy Mapping",{"name":55},{"id":715,"name":716,"tactic":773},{"name":55},{"id":101,"name":102,"tactic":775},{"name":104},{"id":777,"name":778,"techniques":779},"CAPEC-577","Owner Footprinting",[780],{"id":781,"name":782,"tactics":783,"countermeasures":785},"T1033","System Owner/User Discovery",[784],{"id":229,"name":230},[786,790,792,794,796,800,804,806,808,812,816,820,824,826,828,832,836,838,842,844,846,848,850,852,854,858,860,864,868,872,874],{"id":787,"name":788,"tactic":789},"D3-DI","Data Inventory",{"name":55},{"id":57,"name":58,"tactic":791},{"name":60},{"id":62,"name":63,"tactic":793},{"name":60},{"id":281,"name":282,"tactic":795},{"name":60},{"id":797,"name":798,"tactic":799},"D3-PLA","Process Lineage Analysis",{"name":60},{"id":801,"name":802,"tactic":803},"D3-PSMD","Process Self-Modification Detection",{"name":60},{"id":323,"name":324,"tactic":805},{"name":60},{"id":74,"name":75,"tactic":807},{"name":77},{"id":809,"name":810,"tactic":811},"D3-PT","Process Termination",{"name":77},{"id":813,"name":814,"tactic":815},"D3-PS","Process Suspension",{"name":77},{"id":817,"name":818,"tactic":819},"D3-HR","Host Reboot",{"name":77},{"id":821,"name":822,"tactic":823},"D3-HS","Host Shutdown",{"name":77},{"id":83,"name":84,"tactic":825},{"name":86},{"id":97,"name":98,"tactic":827},{"name":91},{"id":829,"name":830,"tactic":831},"D3-PSEP","Process Segment Execution Prevention",{"name":91},{"id":833,"name":834,"tactic":835},"D3-SAOR","Segment Address Offset Randomization",{"name":91},{"id":106,"name":107,"tactic":837},{"name":104},{"id":839,"name":840,"tactic":841},"D3-RD","Restore Database",{"name":104},{"id":115,"name":116,"tactic":843},{"name":113},{"id":119,"name":120,"tactic":845},{"name":113},{"id":123,"name":124,"tactic":847},{"name":113},{"id":110,"name":111,"tactic":849},{"name":113},{"id":127,"name":128,"tactic":851},{"name":113},{"id":335,"name":336,"tactic":853},{"name":113},{"id":855,"name":856,"tactic":857},"D3-KBPI","Kernel-based Process Isolation",{"name":113},{"id":357,"name":358,"tactic":859},{"name":113},{"id":861,"name":862,"tactic":863},"D3-ABPI","Application-based Process Isolation",{"name":113},{"id":865,"name":866,"tactic":867},"D3-WSAM","Web Session Access Mediation",{"name":113},{"id":869,"name":870,"tactic":871},"D3-DTP","Domain Trust Policy",{"name":113},{"id":131,"name":132,"tactic":873},{"name":113},{"id":135,"name":136,"tactic":875},{"name":113},{"id":877,"name":878,"techniques":879},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":881,"name":882,"techniques":883},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[884,936],{"id":885,"name":886,"tactics":887,"countermeasures":891},"T1134.001","Token Impersonation/Theft",[888,889,890],{"id":45,"name":46},{"id":48,"name":49},{"id":146,"name":147},[892,896,900,904,908,912,916,920,924,928,932],{"id":893,"name":894,"tactic":895},"D3-CCSA","Credential Compromise Scope Analysis",{"name":60},{"id":897,"name":898,"tactic":899},"D3-CR","Credential Revocation",{"name":77},{"id":901,"name":902,"tactic":903},"D3-ANCI","Authentication Cache Invalidation",{"name":77},{"id":905,"name":906,"tactic":907},"D3-DUC","Decoy User Credential",{"name":86},{"id":909,"name":910,"tactic":911},"D3-CH","Credential Hardening",{"name":91},{"id":913,"name":914,"tactic":915},"D3-MFA","Multi-factor Authentication",{"name":91},{"id":917,"name":918,"tactic":919},"D3-CRO","Credential Rotation",{"name":91},{"id":921,"name":922,"tactic":923},"D3-TB","Token Binding",{"name":91},{"id":925,"name":926,"tactic":927},"D3-TBA","Token-based Authentication",{"name":91},{"id":929,"name":930,"tactic":931},"D3-RIC","Reissue Credential",{"name":104},{"id":933,"name":934,"tactic":935},"D3-CTS","Credential Transmission Scoping",{"name":113},{"id":937,"name":938,"tactics":939,"countermeasures":944},"T1550.004","Web Session Cookie",[940,941],{"id":45,"name":46},{"id":942,"name":943},"TA0109","Lateral Movement",[945,947,949,951,953,955,957,959,961,963,965,967,969,971,973,975,977,979,981,983,985,987,989,991,993,995,997,999,1001,1003],{"id":291,"name":292,"tactic":946},{"name":60},{"id":295,"name":296,"tactic":948},{"name":60},{"id":299,"name":300,"tactic":950},{"name":60},{"id":303,"name":304,"tactic":952},{"name":60},{"id":307,"name":308,"tactic":954},{"name":60},{"id":311,"name":312,"tactic":956},{"name":60},{"id":315,"name":316,"tactic":958},{"name":60},{"id":319,"name":320,"tactic":960},{"name":60},{"id":797,"name":798,"tactic":962},{"name":60},{"id":801,"name":802,"tactic":964},{"name":60},{"id":323,"name":324,"tactic":966},{"name":60},{"id":893,"name":894,"tactic":968},{"name":60},{"id":809,"name":810,"tactic":970},{"name":77},{"id":813,"name":814,"tactic":972},{"name":77},{"id":817,"name":818,"tactic":974},{"name":77},{"id":821,"name":822,"tactic":976},{"name":77},{"id":897,"name":898,"tactic":978},{"name":77},{"id":901,"name":902,"tactic":980},{"name":77},{"id":905,"name":906,"tactic":982},{"name":86},{"id":909,"name":910,"tactic":984},{"name":91},{"id":913,"name":914,"tactic":986},{"name":91},{"id":917,"name":918,"tactic":988},{"name":91},{"id":929,"name":930,"tactic":990},{"name":104},{"id":349,"name":350,"tactic":992},{"name":113},{"id":855,"name":856,"tactic":994},{"name":113},{"id":335,"name":336,"tactic":996},{"name":113},{"id":357,"name":358,"tactic":998},{"name":113},{"id":861,"name":862,"tactic":1000},{"name":113},{"id":865,"name":866,"tactic":1002},{"name":113},{"id":933,"name":934,"tactic":1004},{"name":113},{"id":1006,"name":1007,"techniques":1008},"CAPEC-616","Establish Rogue Location",[1009],{"id":1010,"name":1011,"tactics":1012,"countermeasures":1015},"T1036.005","Match Legitimate Resource Name or Location",[1013,1014],{"id":45,"name":46},{"id":48,"name":49},[1016,1018,1020,1022,1024,1026,1028,1030,1032,1034,1036,1038,1040],{"id":281,"name":282,"tactic":1017},{"name":60},{"id":57,"name":58,"tactic":1019},{"name":60},{"id":62,"name":63,"tactic":1021},{"name":60},{"id":74,"name":75,"tactic":1023},{"name":77},{"id":83,"name":84,"tactic":1025},{"name":86},{"id":97,"name":98,"tactic":1027},{"name":91},{"id":106,"name":107,"tactic":1029},{"name":104},{"id":335,"name":336,"tactic":1031},{"name":113},{"id":115,"name":116,"tactic":1033},{"name":113},{"id":119,"name":120,"tactic":1035},{"name":113},{"id":123,"name":124,"tactic":1037},{"name":113},{"id":110,"name":111,"tactic":1039},{"name":113},{"id":127,"name":128,"tactic":1041},{"name":113},{"id":1043,"name":1044,"techniques":1045},"CAPEC-643","Identify Shared Files/Directories on System",[1046],{"id":1047,"name":1048,"tactics":1049,"countermeasures":1051},"T1135","Network Share Discovery",[1050],{"id":229,"name":230},[],{"id":1053,"name":1054,"techniques":1055},"CAPEC-646","Peripheral Footprinting",[1056],{"id":1057,"name":1058,"tactics":1059,"countermeasures":1061},"T1120","Peripheral Device Discovery",[1060],{"id":229,"name":230},[],{"id":1063,"name":1064,"techniques":1065},"CAPEC-651","Eavesdropping",[1066],{"id":1067,"name":1068,"tactics":1069,"countermeasures":1073},"T1111","Multi-Factor Authentication Interception",[1070],{"id":1071,"name":1072},"TA0031","Credential Access",[1074,1078],{"id":1075,"name":1076,"tactic":1077},"D3-HCI","Hardware Component Inventory",{"name":55},{"id":1079,"name":1080,"tactic":1081},"D3-RH","Radiation Hardening",{"name":91},{"id":1083,"name":1084,"techniques":1085},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[1088],"GHSA-r9pv-hg64-jqrp",[],[1091,1093],{"_key":1092},"SUSE-SU-2020:2876-1",{"_key":1094},"SUSE-SU-2020:3309-1",[],[1097,1098],{"_key":1092},{"_key":1094},"2019-07-25T23:17:23.000Z","2024-08-04T17:44:14.845Z","Modified",{"cisa_kev":1103,"cisa_ransomware":1103,"cisa_vendor":9,"epss_severity":1104,"epss_score":1105,"severity":1106,"severity_score":1107,"severity_version":1108,"severity_source":1109,"severity_vector":1110,"severity_status":1101},false,"low",0.00641,"high",7.5,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[1112,1119,1125,1130],{"url":1113,"sources":1114,"tags":1116},"https://lists.apache.org/thread.html/220f1a77ff20749326a4c130446c5521db854da0afe81d1974b8109f%40%3Cuser.storm.apache.org%3E",[1115,1109],"cve.org",[1117,1118],"Mailing List","X Refsource MLIST",{"url":1120,"sources":1121,"tags":1123},"https://nvd.nist.gov/vuln/detail/CVE-2019-0202",[1122],"osv_maven",[1124],"Advisory",{"url":1126,"sources":1127,"tags":1128},"https://github.com/apache/storm",[1122],[1129],"PACKAGE",{"url":1131,"sources":1132,"tags":1133},"https://lists.apache.org/thread.html/220f1a77ff20749326a4c130446c5521db854da0afe81d1974b8109f@%3Cuser.storm.apache.org%3E",[1122],[1134],"WEB",[],{"date":1137,"score":1105,"percentile":1138},"2026-06-04",0.70985,[1140,1143,1146,1149,1152,1155,1158,1161,1163,1166,1169,1172,1175,1178,1181,1184,1187,1190,1193,1196,1199,1202,1205,1208,1211,1214,1217,1220,1223,1226,1229,1232,1235,1238,1240,1242,1245,1248,1251,1254,1257,1260,1263,1266,1269,1272,1275,1278,1281,1283,1285,1288,1291,1293,1296,1299,1301,1304,1307,1310,1313,1315,1318,1321,1324,1327,1330,1333,1336,1338,1341,1344,1347,1350,1353,1356,1359,1362,1364,1366,1369,1372,1375,1378,1381,1384,1387,1390,1393,1395],{"date":1141,"score":1105,"percentile":1142},"2025-11-04",0.69776,{"date":1144,"score":1105,"percentile":1145},"2025-11-05",0.69762,{"date":1147,"score":1105,"percentile":1148},"2025-11-06",0.6976,{"date":1150,"score":1105,"percentile":1151},"2025-11-07",0.69772,{"date":1153,"score":1105,"percentile":1154},"2025-11-08",0.69773,{"date":1156,"score":1105,"percentile":1157},"2025-11-09",0.69763,{"date":1159,"score":1105,"percentile":1160},"2025-11-10",0.69753,{"date":1162,"score":1105,"percentile":1157},"2025-11-11",{"date":1164,"score":1105,"percentile":1165},"2025-11-12",0.69786,{"date":1167,"score":1105,"percentile":1168},"2025-11-13",0.69792,{"date":1170,"score":1105,"percentile":1171},"2025-11-14",0.698,{"date":1173,"score":1105,"percentile":1174},"2025-11-15",0.69797,{"date":1176,"score":1105,"percentile":1177},"2025-11-16",0.69794,{"date":1179,"score":1105,"percentile":1180},"2025-11-17",0.6979,{"date":1182,"score":1105,"percentile":1183},"2025-11-18",0.68211,{"date":1185,"score":1105,"percentile":1186},"2025-11-19",0.68219,{"date":1188,"score":1105,"percentile":1189},"2025-11-20",0.68214,{"date":1191,"score":1105,"percentile":1192},"2025-11-21",0.69808,{"date":1194,"score":1105,"percentile":1195},"2025-11-22",0.69803,{"date":1197,"score":1105,"percentile":1198},"2025-11-23",0.69788,{"date":1200,"score":1105,"percentile":1201},"2025-11-24",0.6978,{"date":1203,"score":1105,"percentile":1204},"2025-11-25",0.69781,{"date":1206,"score":1105,"percentile":1207},"2025-11-26",0.69787,{"date":1209,"score":1105,"percentile":1210},"2025-11-27",0.69789,{"date":1212,"score":1105,"percentile":1213},"2025-11-28",0.69778,{"date":1215,"score":1105,"percentile":1216},"2025-11-29",0.69765,{"date":1218,"score":1105,"percentile":1219},"2025-11-30",0.69759,{"date":1221,"score":1105,"percentile":1222},"2025-12-01",0.69905,{"date":1224,"score":1105,"percentile":1225},"2025-12-02",0.69913,{"date":1227,"score":1105,"percentile":1228},"2025-12-03",0.6991,{"date":1230,"score":1105,"percentile":1231},"2025-12-04",0.69754,{"date":1233,"score":1105,"percentile":1234},"2025-12-05",0.69768,{"date":1236,"score":1105,"percentile":1237},"2025-12-06",0.69774,{"date":1239,"score":1105,"percentile":1151},"2025-12-07",{"date":1241,"score":1105,"percentile":1142},"2025-12-08",{"date":1243,"score":1105,"percentile":1244},"2025-12-09",0.69809,{"date":1246,"score":1105,"percentile":1247},"2025-12-10",0.69851,{"date":1249,"score":1105,"percentile":1250},"2025-12-11",0.69873,{"date":1252,"score":1105,"percentile":1253},"2025-12-12",0.69898,{"date":1255,"score":1105,"percentile":1256},"2025-12-13",0.69901,{"date":1258,"score":1105,"percentile":1259},"2025-12-14",0.69903,{"date":1261,"score":1105,"percentile":1262},"2025-12-15",0.69899,{"date":1264,"score":1105,"percentile":1265},"2025-12-16",0.69906,{"date":1267,"score":1105,"percentile":1268},"2025-12-17",0.69921,{"date":1270,"score":1105,"percentile":1271},"2025-12-18",0.6995,{"date":1273,"score":1105,"percentile":1274},"2025-12-19",0.69968,{"date":1276,"score":1105,"percentile":1277},"2025-12-20",0.69964,{"date":1279,"score":1105,"percentile":1280},"2025-12-21",0.69954,{"date":1282,"score":1105,"percentile":1271},"2025-12-22",{"date":1284,"score":1105,"percentile":1271},"2025-12-23",{"date":1286,"score":1105,"percentile":1287},"2025-12-24",0.69958,{"date":1289,"score":1105,"percentile":1290},"2025-12-25",0.69983,{"date":1292,"score":1105,"percentile":1290},"2025-12-26",{"date":1294,"score":1105,"percentile":1295},"2025-12-27",0.70022,{"date":1297,"score":1105,"percentile":1298},"2025-12-28",0.69957,{"date":1300,"score":1105,"percentile":1280},"2025-12-29",{"date":1302,"score":1105,"percentile":1303},"2025-12-30",0.69966,{"date":1305,"score":1105,"percentile":1306},"2025-12-31",0.69985,{"date":1308,"score":1105,"percentile":1309},"2026-01-01",0.70143,{"date":1311,"score":1105,"percentile":1312},"2026-01-02",0.70136,{"date":1314,"score":1105,"percentile":1312},"2026-01-03",{"date":1316,"score":1105,"percentile":1317},"2026-01-04",0.69984,{"date":1319,"score":1105,"percentile":1320},"2026-01-05",0.69976,{"date":1322,"score":1105,"percentile":1323},"2026-01-06",0.69982,{"date":1325,"score":1105,"percentile":1326},"2026-01-07",0.69997,{"date":1328,"score":1105,"percentile":1329},"2026-01-08",0.70012,{"date":1331,"score":1105,"percentile":1332},"2026-01-09",0.70017,{"date":1334,"score":1105,"percentile":1335},"2026-01-10",0.70018,{"date":1337,"score":1105,"percentile":1329},"2026-01-11",{"date":1339,"score":1105,"percentile":1340},"2026-01-12",0.70007,{"date":1342,"score":1105,"percentile":1343},"2026-01-13",0.70004,{"date":1345,"score":1105,"percentile":1346},"2026-01-14",0.70034,{"date":1348,"score":1105,"percentile":1349},"2026-01-15",0.7004,{"date":1351,"score":1105,"percentile":1352},"2026-01-16",0.70058,{"date":1354,"score":1105,"percentile":1355},"2026-01-17",0.70051,{"date":1357,"score":1105,"percentile":1358},"2026-01-18",0.70031,{"date":1360,"score":1105,"percentile":1361},"2026-01-19",0.70023,{"date":1363,"score":1105,"percentile":1358},"2026-01-20",{"date":1365,"score":1105,"percentile":1346},"2026-01-21",{"date":1367,"score":1105,"percentile":1368},"2026-01-22",0.70047,{"date":1370,"score":1105,"percentile":1371},"2026-01-23",0.70079,{"date":1373,"score":1105,"percentile":1374},"2026-01-24",0.70084,{"date":1376,"score":1105,"percentile":1377},"2026-01-25",0.70055,{"date":1379,"score":1105,"percentile":1380},"2026-01-26",0.7005,{"date":1382,"score":1105,"percentile":1383},"2026-01-27",0.70054,{"date":1385,"score":1105,"percentile":1386},"2026-01-28",0.70067,{"date":1388,"score":1105,"percentile":1389},"2026-01-29",0.70065,{"date":1391,"score":1105,"percentile":1392},"2026-01-30",0.70074,{"date":1394,"score":1105,"percentile":1371},"2026-01-31",{"date":1396,"score":1105,"percentile":1397},"2026-02-01",0.70212,[1399,1408],{"source":1109,"cvss_v2_0":1400,"cvss_v3_0":1405,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1401,"baseSeverity":9,"vectorString":1402,"impactScore":1403,"exploitabilityScore":1404},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":1107,"baseSeverity":1406,"vectorString":1110,"impactScore":1407,"exploitabilityScore":1404},"HIGH",6,{"source":1122,"cvss_v2_0":9,"cvss_v3_0":1409,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1107,"baseSeverity":9,"vectorString":1110,"impactScore":1407,"exploitabilityScore":1404},[1411,1429],{"ecosystem":9,"name":1412,"vendor":1413,"product":1412,"cpe_part":1414,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1415},"storm","apache","a",[1416,1423,1425,1427],{"version":1417,"is_range":1418,"range_type":1419,"version_start":1420,"version_start_type":1421,"version_end":1422,"version_end_type":1421,"fixed_in":9},"gte0.9.3_lte1.2.2",true,"cpe","0.9.3","including","1.2.2",{"version":1424,"is_range":1103,"range_type":1419,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"0.9.1:incubating",{"version":1426,"is_range":1103,"range_type":1419,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"0.9.2:incubating",{"version":1428,"is_range":1103,"range_type":1115,"version_start":1428,"version_start_type":1421,"version_end":1428,"version_end_type":1421,"fixed_in":9},"0.9.1-incubating to 1.2.2",{"ecosystem":1430,"name":1431,"vendor":1432,"product":1433,"cpe_part":9,"purl_type":1434,"purl_namespace":1432,"purl_name":1433,"source":9,"versions":1435},"Maven","org.apache.storm:storm-core","org.apache.storm","storm-core","maven",[1436],{"version":1437,"is_range":1418,"range_type":1438,"version_start":1439,"version_start_type":1421,"version_end":1440,"version_end_type":1441,"fixed_in":9},"gte0_9_1_incubating_lt1_2_3","ecosystem","0.9.1-incubating","1.2.3","excluding"]