Vulnerabilities used by  Ransomhub


This information is provided by Ransomware-Vulnerability-Matrix


This is the list of vulnerabilities that have been observed during intrusions by  
Ransomhub

Vendor Product CVE Source
Apache ActiveMQ  🔴  CVE-2023-46604 cisa.gov
Atlassian Confluence Data Center & Server  🔴  CVE-2023-22515 cisa.gov
Citrix NetScaler ADC & Gateway  🔴  CVE-2023-3519 cisa.gov
Fortinet FortiOS SSL-VPN & FortiProxy  🔴  CVE-2023-27997 cisa.gov
Fortinet FortiClientEMS  🔴  CVE-2023-48788 cisa.gov
F5 BIG-IP  🔴  CVE-2023-46747 cisa.gov
Windows NetLogon  🌕  CVE-2020-1472 ("ZeroLogon") cisa.gov
Windows BITS  🟠  CVE-2020-0787 cisa.gov
Windows SMBv1  🟠  CVE-2017-0144 ("EternalBlue") cisa.gov

CVE Severity Levels

Severity Score Range Description
⚪️ Low 0.1 - 3.9 Minor impact on the system; typically does not require immediate action.
🌕 Medium 4.0 - 6.9 Moderate impact; may require action but is generally not urgent.
🟠 High 7.0 - 8.9 Significant impact; needs attention soon to prevent potential exploitation.
🔴 Critical 9.0 - 10.0 Severe impact; requires immediate action due to the high risk of exploitation and potential for serious damage.