Basware Banking/Maksuliikenne
概要
Basware Banking/Maksuliikenne, a cash/bank account management software package for enterprises from software vendor Basware, has multiple critical vulnerabilities, which are described in this report. These vulnerabilities were first observed and reported to Basware by security researcher and author of this report, Samuel Lavitt, in August 2012. These vulnerabilities, and exploits to unlawfully gain economically from them in an undetectable manner, were demonstrated by the author to Basware and CERT-FI (part of the National Cyber Security Centre Finland) on 7 July 2014. The Finnish Financial Supervisory Authority was also informed in July 2014. At least one vulnerability has been partially fixed since.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 9.16
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 9.16
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1190 - Exploit Public-Facing Application
- T1587.004 - Exploits
MITREへのリンク →
Score: 10.58
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1195 - Supply Chain Compromise
MITREへのリンク →
Score: 9.45
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1190 - Exploit Public-Facing Application
- T1588.005 - Exploits
MITREへのリンク →
Score: 4.91
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 6.01
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1674 - Input Injection
MITREへのリンク →
Score: 12.48
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1589.001 - Credentials
- T1030 - Data Transfer Size Limits
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 10.87
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1218.010 - Regsvr32
- T1588.005 - Exploits
MITREへのリンク →
Score: 8.53
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 8.53
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1589.001 - Credentials
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
MITREへのリンク →
Score: 4.22
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1218.010 - Regsvr32
MITREへのリンク →
Score: 11.50
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1218.010 - Regsvr32
- T1587.004 - Exploits
- T1589.001 - Credentials
MITREへのリンク →
Score: 3.99
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
MITREへのリンク →
Score: 9.85
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1212 - Exploitation for Credential Access
- T1587.004 - Exploits
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 4.91
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 7.43
Matched TTPs:
- T1190 - Exploit Public-Facing Application
- T1657 - Financial Theft
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1657 - Financial Theft
- T1538 - Cloud Service Dashboard
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 3.62
Matched TTPs:
- T1036.010 - Masquerade Account Name
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1564.005 - Hidden File System
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1608.006 - SEO Poisoning
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.79
Matched TTPs:
- T1211 - Exploitation for Defense Evasion
- T1589.001 - Credentials
- T1190 - Exploit Public-Facing Application
- T1030 - Data Transfer Size Limits
MITREへのリンク →
Score: 0.73
Matched TTPs:
- T1587.004 - Exploits
- T1589.001 - Credentials
- T1218.010 - Regsvr32
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.72
Matched TTPs:
- T1657 - Financial Theft
- T1218.010 - Regsvr32
- T1588.006 - Vulnerabilities
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1657 - Financial Theft
- T1218.010 - Regsvr32
- T1588.005 - Exploits
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1587.004 - Exploits
- T1212 - Exploitation for Credential Access
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1657 - Financial Theft
- T1556 - Modify Authentication Process
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1588.006 - Vulnerabilities
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1195 - Supply Chain Compromise
- T1588.005 - Exploits
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1587.004 - Exploits
- T1588.006 - Vulnerabilities
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Score: 0.57
Matched TTPs:
- T1589.001 - Credentials
- T1036.010 - Masquerade Account Name
- T1190 - Exploit Public-Facing Application
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design