diff --git a/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json b/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json index e3ad13f8..67302871 100644 --- a/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json +++ b/mappings/cve/attack-9.0/cve-10.21.2021/enterprise/cve-10.21.2021_attack-9.0-enterprise.json @@ -41,7 +41,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "primary_impact", "capability_group": "2019", @@ -52,7 +52,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -63,7 +63,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -74,7 +74,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "primary_impact", "capability_group": "2019", @@ -85,7 +85,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -96,7 +96,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -107,7 +107,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "primary_impact", "capability_group": "2019", @@ -118,7 +118,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "primary_impact", "capability_group": "2019", @@ -129,7 +129,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -140,7 +140,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-15956", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -151,7 +151,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Prime Infrastructure", "capability_id": "CVE-2019-15958", "mapping_type": "primary_impact", "capability_group": "2019", @@ -162,7 +162,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Prime Infrastructure", "capability_id": "CVE-2019-15958", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -173,7 +173,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software 3.2.11aSG", "capability_id": "CVE-2019-12660", "mapping_type": "primary_impact", "capability_group": "2019", @@ -184,7 +184,7 @@ "attack_object_id": "T1562", "attack_object_name": "Impair Defenses", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software 3.2.11aSG", "capability_id": "CVE-2019-12660", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -195,7 +195,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software 3.2.11aSG", "capability_id": "CVE-2019-12660", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -206,7 +206,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2019-1753", "mapping_type": "primary_impact", "capability_group": "2019", @@ -217,7 +217,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2019-1753", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -228,7 +228,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2019-1753", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -239,7 +239,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2019-1753", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -250,7 +250,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Intelligence Center", "capability_id": "CVE-2019-1860", "mapping_type": "primary_impact", "capability_group": "2019", @@ -261,7 +261,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Intelligence Center", "capability_id": "CVE-2019-1860", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -272,7 +272,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2019-1831", "mapping_type": "primary_impact", "capability_group": "2019", @@ -283,7 +283,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2019-1831", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -294,7 +294,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "primary_impact", "capability_group": "2019", @@ -305,7 +305,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -316,7 +316,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -327,7 +327,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -338,7 +338,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1942", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -349,7 +349,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "primary_impact", "capability_group": "2019", @@ -360,7 +360,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -371,7 +371,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -382,7 +382,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -393,7 +393,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-15972", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -404,7 +404,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(15)B", "capability_id": "CVE-2019-16009", "mapping_type": "primary_impact", "capability_group": "2019", @@ -415,7 +415,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(15)B", "capability_id": "CVE-2019-16009", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -426,7 +426,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "primary_impact", "capability_group": "2019", @@ -437,7 +437,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -448,7 +448,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System (Management Software)", "capability_id": "CVE-2019-1879", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -459,7 +459,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "primary_impact", "capability_group": "2019", @@ -470,7 +470,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -481,7 +481,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -492,7 +492,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Computing System E-Series Software (UCSE)", "capability_id": "CVE-2019-1863", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -503,7 +503,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "primary_impact", "capability_group": "2020", @@ -514,7 +514,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -525,7 +525,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3403", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -536,7 +536,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "primary_impact", "capability_group": "2019", @@ -547,7 +547,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -558,7 +558,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1941", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -569,7 +569,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "primary_impact", "capability_group": "2020", @@ -580,7 +580,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -591,7 +591,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -602,7 +602,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2020-3292", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -613,7 +613,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15397", "mapping_type": "primary_impact", "capability_group": "2018", @@ -624,7 +624,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15397", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -635,7 +635,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3253", "mapping_type": "primary_impact", "capability_group": "2020", @@ -646,7 +646,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3253", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -657,7 +657,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "primary_impact", "capability_group": "2019", @@ -668,7 +668,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -679,7 +679,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1838", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -690,7 +690,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "primary_impact", "capability_group": "2020", @@ -701,7 +701,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -712,7 +712,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3233", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -723,7 +723,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment", "capability_id": "CVE-2018-15401", "mapping_type": "primary_impact", "capability_group": "2018", @@ -734,7 +734,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Hosted Collaboration Mediation Fulfillment", "capability_id": "CVE-2018-15401", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -745,7 +745,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "primary_impact", "capability_group": "2019", @@ -756,7 +756,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -767,7 +767,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15249", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -778,7 +778,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "primary_impact", "capability_group": "2019", @@ -789,7 +789,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -800,7 +800,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Management Center", "capability_id": "CVE-2019-15280", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -811,7 +811,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "primary_impact", "capability_group": "2019", @@ -822,7 +822,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -833,7 +833,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15288", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -844,7 +844,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1781", "mapping_type": "primary_impact", "capability_group": "2019", @@ -855,7 +855,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1781", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -866,7 +866,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1781", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -877,7 +877,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3460", "mapping_type": "primary_impact", "capability_group": "2020", @@ -888,7 +888,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3460", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -899,7 +899,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "primary_impact", "capability_group": "2020", @@ -910,7 +910,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -921,7 +921,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3137", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -932,7 +932,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3312", "mapping_type": "primary_impact", "capability_group": "2020", @@ -943,7 +943,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3312", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -954,7 +954,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1768", "mapping_type": "primary_impact", "capability_group": "2019", @@ -965,7 +965,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1768", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -976,7 +976,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1768", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -987,7 +987,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN Solution", "capability_id": "CVE-2020-3379", "mapping_type": "primary_impact", "capability_group": "2020", @@ -998,7 +998,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN Solution", "capability_id": "CVE-2020-3379", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1009,7 +1009,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business RV Series Router Firmware", "capability_id": "CVE-2019-1724", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1020,7 +1020,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1817", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1031,7 +1031,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1817", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1042,7 +1042,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3477", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1053,7 +1053,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3477", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1064,7 +1064,7 @@ "attack_object_id": "T1574.008", "attack_object_name": "Path Interception by Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "Cisco Directory Connector", "capability_id": "CVE-2019-1794", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1075,7 +1075,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Directory Connector", "capability_id": "CVE-2019-1794", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1086,7 +1086,7 @@ "attack_object_id": "T1105", "attack_object_name": "Ingress Tool Transfer", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-1620", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1097,7 +1097,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-1620", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1108,7 +1108,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE SD-WAN Software", "capability_id": "CVE-2020-3216", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1119,7 +1119,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE SD-WAN Software", "capability_id": "CVE-2020-3216", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -1130,7 +1130,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2020-3306", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1141,7 +1141,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2020-3306", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1152,7 +1152,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "", + "capability_description": "Cisco Web Security Appliance (WSA)", "capability_id": "CVE-2019-1886", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1163,7 +1163,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-1711", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1174,7 +1174,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3375", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1185,7 +1185,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3375", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1196,7 +1196,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1857", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1207,7 +1207,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1857", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1218,7 +1218,7 @@ "attack_object_id": "T1499.002", "attack_object_name": "Service Exhaustion Flood", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1703", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1229,7 +1229,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Unity Connection", "capability_id": "CVE-2019-15963", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1240,7 +1240,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Unity Connection", "capability_id": "CVE-2019-15963", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1251,7 +1251,7 @@ "attack_object_id": "T1105", "attack_object_name": "Ingress Tool Transfer", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1262,7 +1262,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1273,7 +1273,7 @@ "attack_object_id": "T1531", "attack_object_name": "Account Access Removal", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Teams", "capability_id": "CVE-2019-1689", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1284,7 +1284,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3476", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1295,7 +1295,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3476", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1306,7 +1306,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Cisco Policy Suite (CPS) Software", "capability_id": "CVE-2018-15466", "mapping_type": "primary_impact", "capability_group": "2018", @@ -1317,7 +1317,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Policy Suite (CPS) Software", "capability_id": "CVE-2018-15466", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -1328,7 +1328,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-15287", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1339,7 +1339,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-15287", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1350,7 +1350,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-15998", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1361,7 +1361,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2019-15998", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1372,7 +1372,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1889", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1383,7 +1383,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Application Policy Infrastructure Controller (APIC)", "capability_id": "CVE-2019-1889", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1394,7 +1394,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3134", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1405,7 +1405,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "Cisco Identity Services Engine Software", "capability_id": "CVE-2019-1736", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1416,7 +1416,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XR Software", "capability_id": "CVE-2020-3120", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1427,7 +1427,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless IP Phone 8821 and 8821-EX", "capability_id": "CVE-2019-1764", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1438,7 +1438,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless IP Phone 8821 and 8821-EX", "capability_id": "CVE-2019-1764", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1449,7 +1449,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1460,7 +1460,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1471,7 +1471,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Small Business 300 Series Managed Switches", "capability_id": "CVE-2019-1943", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1482,7 +1482,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1493,7 +1493,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1504,7 +1504,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco HyperFlex HX-Series", "capability_id": "CVE-2019-1665", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1515,7 +1515,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1526,7 +1526,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1537,7 +1537,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Stealthwatch Enterprise", "capability_id": "CVE-2019-15994", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1548,7 +1548,7 @@ "attack_object_id": "T1477", "attack_object_name": "Exploit via Radio Interfaces", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS and IOS XE Software", "capability_id": "CVE-2019-1747", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1559,7 +1559,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS and IOS XE Software", "capability_id": "CVE-2019-1747", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1570,7 +1570,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA525G2 5-line IP Phone", "capability_id": "CVE-2019-15959", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1581,7 +1581,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA525G2 5-line IP Phone", "capability_id": "CVE-2019-15959", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1592,7 +1592,7 @@ "attack_object_id": "T1565.002", "attack_object_name": "Transmitted Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Managed Services Accelerator", "capability_id": "CVE-2019-15974", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1603,7 +1603,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco Managed Services Accelerator", "capability_id": "CVE-2019-15974", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1614,7 +1614,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1625,7 +1625,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1636,7 +1636,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco WebEx WRF Player", "capability_id": "CVE-2019-1772", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1647,7 +1647,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3133", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1658,7 +1658,7 @@ "attack_object_id": "T1566.001", "attack_object_name": "Spearphishing Attachment", "references": [], - "capability_description": "", + "capability_description": "Cisco Email Security Appliance (ESA)", "capability_id": "CVE-2020-3133", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1669,7 +1669,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco FireSIGHT System Software", "capability_id": "CVE-2019-12696", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1680,7 +1680,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco FireSIGHT System Software", "capability_id": "CVE-2019-12696", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1691,7 +1691,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1702,7 +1702,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1713,7 +1713,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco SD-WAN vManage", "capability_id": "CVE-2020-3387", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1724,7 +1724,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "primary_impact", "capability_group": "2018", @@ -1735,7 +1735,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -1746,7 +1746,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Content Security Management Appliance (SMA)", "capability_id": "CVE-2018-15393", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -1757,7 +1757,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Nexus 1000V Switch for VMware vSphere", "capability_id": "CVE-2019-1594", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1768,7 +1768,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Nexus 1000V Switch for VMware vSphere", "capability_id": "CVE-2019-1594", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1779,7 +1779,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1790,7 +1790,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1801,7 +1801,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings", "capability_id": "CVE-2020-3440", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1812,7 +1812,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Wide Area Application Services (WAAS)", "capability_id": "CVE-2019-1876", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1823,7 +1823,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Wide Area Application Services (WAAS)", "capability_id": "CVE-2019-1876", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1834,7 +1834,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "primary_impact", "capability_group": "2020", @@ -1845,7 +1845,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -1856,7 +1856,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco 550X Series Stackable Managed Switches", "capability_id": "CVE-2020-3121", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -1867,7 +1867,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Nexus 3000 Series Switches", "capability_id": "CVE-2019-1612", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1878,7 +1878,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Nexus 3000 Series Switches", "capability_id": "CVE-2019-1612", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1889,7 +1889,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Nexus 3000 Series Switches", "capability_id": "CVE-2019-1612", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1900,7 +1900,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Nexus 3000 Series Switches", "capability_id": "CVE-2019-1612", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1911,7 +1911,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1922,7 +1922,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1933,7 +1933,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1944,7 +1944,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2019-1715", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1955,7 +1955,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "MDS 9000 Series Multilayer Switches", "capability_id": "CVE-2019-1609", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1966,7 +1966,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "MDS 9000 Series Multilayer Switches", "capability_id": "CVE-2019-1609", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -1977,7 +1977,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "MDS 9000 Series Multilayer Switches", "capability_id": "CVE-2019-1609", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -1988,7 +1988,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", "capability_id": "CVE-2019-1836", "mapping_type": "primary_impact", "capability_group": "2019", @@ -1999,7 +1999,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode", "capability_id": "CVE-2019-1836", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2010,7 +2010,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15289", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2021,7 +2021,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco TelePresence TC Software", "capability_id": "CVE-2019-15289", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2032,7 +2032,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2043,7 +2043,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -2054,7 +2054,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco Energy Management Suite", "capability_id": "CVE-2018-15444", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2065,7 +2065,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Firepower 4100 Series Next-Generation Firewalls", "capability_id": "CVE-2019-1611", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2076,7 +2076,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Firepower 4100 Series Next-Generation Firewalls", "capability_id": "CVE-2019-1611", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -2087,7 +2087,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Firepower 4100 Series Next-Generation Firewalls", "capability_id": "CVE-2019-1611", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2098,7 +2098,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3407", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2109,7 +2109,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3407", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2120,7 +2120,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3237", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2131,7 +2131,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco IOx", "capability_id": "CVE-2020-3237", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2142,7 +2142,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS Software", "capability_id": "CVE-2018-15376", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2153,7 +2153,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS Software", "capability_id": "CVE-2018-15376", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2164,7 +2164,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS Software", "capability_id": "CVE-2018-15376", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2175,7 +2175,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS Software", "capability_id": "CVE-2018-15376", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2186,7 +2186,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS Software", "capability_id": "CVE-2018-15376", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2197,7 +2197,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2208,7 +2208,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2219,7 +2219,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2230,7 +2230,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco Wireless LAN Controller (WLC)", "capability_id": "CVE-2019-15276", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2241,7 +2241,7 @@ "attack_object_id": "T1542.004", "attack_object_name": "ROMMONkit", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3416", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2252,7 +2252,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3416", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2263,7 +2263,7 @@ "attack_object_id": "T1080", "attack_object_name": "Taint Shared Content", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings Multimedia Viewer", "capability_id": "CVE-2020-3126", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2274,7 +2274,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings Multimedia Viewer", "capability_id": "CVE-2020-3126", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2285,7 +2285,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Meetings Multimedia Viewer", "capability_id": "CVE-2020-3126", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2296,7 +2296,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2307,7 +2307,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2318,7 +2318,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3356", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2329,7 +2329,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2340,7 +2340,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -2351,7 +2351,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2362,7 +2362,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2373,7 +2373,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2384,7 +2384,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2019-1915", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2395,7 +2395,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS and IOS XE Software", "capability_id": "CVE-2019-1746", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2406,7 +2406,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS and IOS XE Software", "capability_id": "CVE-2019-1746", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2417,7 +2417,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2020-3397", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2428,7 +2428,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2020-3397", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2439,7 +2439,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1812", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2450,7 +2450,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1812", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -2461,7 +2461,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1812", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2472,7 +2472,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Network Recording Player", "capability_id": "CVE-2020-3322", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2483,7 +2483,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Network Recording Player", "capability_id": "CVE-2020-3322", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2494,7 +2494,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco Webex Network Recording Player", "capability_id": "CVE-2020-3322", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2505,7 +2505,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2516,7 +2516,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2527,7 +2527,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2538,7 +2538,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2549,7 +2549,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2560,7 +2560,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2571,7 +2571,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2582,7 +2582,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS 12.2(60)EZ16", "capability_id": "CVE-2020-3198", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2593,7 +2593,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2604,7 +2604,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2615,7 +2615,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2626,7 +2626,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2020-3309", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2637,7 +2637,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2020-3177", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2648,7 +2648,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Unified Communications Manager", "capability_id": "CVE-2020-3177", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2659,7 +2659,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3510", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2670,7 +2670,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3510", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2681,7 +2681,7 @@ "attack_object_id": "T1542.004", "attack_object_name": "ROMMONkit", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3513", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2692,7 +2692,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS XE Software", "capability_id": "CVE-2020-3513", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2703,7 +2703,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3409", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2714,7 +2714,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS", "capability_id": "CVE-2020-3409", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2725,7 +2725,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2736,7 +2736,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2747,7 +2747,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2020-3349", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2758,7 +2758,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco Industrial Network Director", "capability_id": "CVE-2018-15392", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2769,7 +2769,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Industrial Network Director", "capability_id": "CVE-2018-15392", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2780,7 +2780,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2018-15462", "mapping_type": "primary_impact", "capability_group": "2018", @@ -2791,7 +2791,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2018-15462", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -2802,7 +2802,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1704", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2813,7 +2813,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Firepower Threat Defense Software", "capability_id": "CVE-2019-1704", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2824,7 +2824,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Cisco ASR 5000 Series Software", "capability_id": "CVE-2020-3244", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2835,7 +2835,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco ASR 5000 Series Software", "capability_id": "CVE-2020-3244", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2846,7 +2846,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2857,7 +2857,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2868,7 +2868,7 @@ "attack_object_id": "T1003.008", "attack_object_name": "/etc/passwd and /etc/shadow", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2879,7 +2879,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2890,7 +2890,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2901,7 +2901,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Cisco UCS Director", "capability_id": "CVE-2020-3240", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -2912,7 +2912,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1790", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2923,7 +2923,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1790", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -2934,7 +2934,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Cisco NX-OS Software", "capability_id": "CVE-2019-1790", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -2945,7 +2945,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5364", "mapping_type": "primary_impact", "capability_group": "2020", @@ -2956,7 +2956,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5364", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -2967,7 +2967,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "iDRAC", "capability_id": "CVE-2019-3707", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2978,7 +2978,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Dell SupportAssist for Business PCs", "capability_id": "CVE-2019-3735", "mapping_type": "primary_impact", "capability_group": "2019", @@ -2989,7 +2989,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Dell SupportAssist for Business PCs", "capability_id": "CVE-2019-3735", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3000,7 +3000,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2018-11048", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3011,7 +3011,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2018-11048", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -3022,7 +3022,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2018-11048", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -3033,7 +3033,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2018-11048", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3044,7 +3044,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3055,7 +3055,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3066,7 +3066,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Unity Operating Environment", "capability_id": "CVE-2019-3754", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3077,7 +3077,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "OMIMSSC (OpenManage Integration for Microsoft System Center)", "capability_id": "CVE-2020-5374", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3088,7 +3088,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Dell EMC RecoverPoint", "capability_id": "CVE-2018-15771", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3099,7 +3099,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Dell EMC RecoverPoint", "capability_id": "CVE-2018-15771", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -3110,7 +3110,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2018-15782", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3121,7 +3121,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2018-15782", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3132,7 +3132,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2018-15782", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3143,7 +3143,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "OpenManage Server Administrator", "capability_id": "CVE-2019-3723", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3154,7 +3154,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "OpenManage Server Administrator", "capability_id": "CVE-2019-3723", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3165,7 +3165,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "OpenManage Server Administrator", "capability_id": "CVE-2019-3723", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3176,7 +3176,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "OpenManage Server Administrator", "capability_id": "CVE-2019-3723", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3187,7 +3187,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Pivotal Operations Manager", "capability_id": "CVE-2018-11045", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3198,7 +3198,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Pivotal Operations Manager", "capability_id": "CVE-2018-11045", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3209,7 +3209,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Unisphere for PowerMax", "capability_id": "CVE-2020-5345", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3220,7 +3220,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Unisphere for PowerMax", "capability_id": "CVE-2020-5345", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3231,7 +3231,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2020-5336", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3242,7 +3242,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2020-5336", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -3253,7 +3253,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2020-5336", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3264,7 +3264,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "CredHub Service Broker", "capability_id": "CVE-2018-15795", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3275,7 +3275,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "CredHub Service Broker", "capability_id": "CVE-2018-15795", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3286,7 +3286,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5365", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3297,7 +3297,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5365", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3308,7 +3308,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "Dell Client Commercial and Consumer platforms", "capability_id": "CVE-2019-3717", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3319,7 +3319,7 @@ "attack_object_id": "T1200", "attack_object_name": "Hardware Additions", "references": [], - "capability_description": "", + "capability_description": "Dell Client Commercial and Consumer platforms", "capability_id": "CVE-2019-3717", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3330,7 +3330,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE Crypto-C Micro Edition", "capability_id": "CVE-2019-3732", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3341,7 +3341,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE Crypto-C Micro Edition", "capability_id": "CVE-2019-3732", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3352,7 +3352,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE Crypto-C Micro Edition", "capability_id": "CVE-2019-3731", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3363,7 +3363,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE Crypto-C Micro Edition", "capability_id": "CVE-2019-3731", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3374,7 +3374,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Dell Client Consumer and Commercial Platforms", "capability_id": "CVE-2020-5326", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3385,7 +3385,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "Dell Client Consumer and Commercial Platforms", "capability_id": "CVE-2020-5326", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -3396,7 +3396,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "iDRAC", "capability_id": "CVE-2018-15776", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3407,7 +3407,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "iDRAC", "capability_id": "CVE-2018-15776", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3418,7 +3418,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance & Lifecycle", "capability_id": "CVE-2019-18573", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3429,7 +3429,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "RecoverPoint", "capability_id": "CVE-2019-3727", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3440,7 +3440,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "RecoverPoint", "capability_id": "CVE-2019-3727", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3451,7 +3451,7 @@ "attack_object_id": "T1489", "attack_object_name": "Service Stop", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE Crypto-C Micro Edition", "capability_id": "CVE-2019-3728", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3462,7 +3462,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "Pivotal Ops Manager", "capability_id": "CVE-2019-3790", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3473,7 +3473,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Pivotal Ops Manager", "capability_id": "CVE-2019-3790", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3484,7 +3484,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "SupportAssist Client", "capability_id": "CVE-2019-3719", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3495,7 +3495,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "SupportAssist Client", "capability_id": "CVE-2019-3719", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3506,7 +3506,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "ESRS Policy Manager", "capability_id": "CVE-2018-15764", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3517,7 +3517,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "ESRS Policy Manager", "capability_id": "CVE-2018-15764", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3528,7 +3528,7 @@ "attack_object_id": "T1496", "attack_object_name": "Resource Hijacking", "references": [], - "capability_description": "", + "capability_description": "Garden-runC", "capability_id": "CVE-2018-11084", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3539,7 +3539,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5339", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3550,7 +3550,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5339", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -3561,7 +3561,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5339", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3572,7 +3572,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Dell Networking OS10", "capability_id": "CVE-2018-15784", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3583,7 +3583,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Elastic Cloud Storage", "capability_id": "CVE-2020-5386", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3594,7 +3594,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "VNX Control Station in Dell EMC VNX2 OE for File", "capability_id": "CVE-2019-3704", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3605,7 +3605,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "VNX Control Station in Dell EMC VNX2 OE for File", "capability_id": "CVE-2019-3704", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3616,7 +3616,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "VNX Control Station in Dell EMC VNX2 OE for File", "capability_id": "CVE-2019-3704", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3627,7 +3627,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Spring Cloud Config", "capability_id": "CVE-2019-3799", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3638,7 +3638,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Spring Cloud Config", "capability_id": "CVE-2019-3799", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3649,7 +3649,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "XtremIO", "capability_id": "CVE-2019-18578", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3660,7 +3660,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "XtremIO", "capability_id": "CVE-2019-18578", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3671,7 +3671,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "XtremIO", "capability_id": "CVE-2019-18578", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -3682,7 +3682,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5340", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3693,7 +3693,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5340", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -3704,7 +3704,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "RSA Authentication Manager", "capability_id": "CVE-2020-5340", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -3715,7 +3715,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Dell Encryption Enterprise", "capability_id": "CVE-2020-5358", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3726,7 +3726,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5371", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3737,7 +3737,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5371", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -3748,7 +3748,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2019-3758", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3759,7 +3759,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2019-3758", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3770,7 +3770,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Certificate Manager Path Traversal Vulnerability", "capability_id": "CVE-2018-11051", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3781,7 +3781,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Certificate Manager Path Traversal Vulnerability", "capability_id": "CVE-2018-11051", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3792,7 +3792,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "CPG BIOS", "capability_id": "CVE-2020-5378", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3803,7 +3803,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "ImageAssist", "capability_id": "CVE-2019-3767", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3814,7 +3814,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Bits Service Release", "capability_id": "CVE-2018-15800", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3825,7 +3825,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Bits Service Release", "capability_id": "CVE-2018-15800", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3836,7 +3836,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-11059", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3847,7 +3847,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-11059", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -3858,7 +3858,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-11059", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3869,7 +3869,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3775", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3880,7 +3880,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11075", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3891,7 +3891,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11075", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -3902,7 +3902,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11075", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3913,7 +3913,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "CPG BIOS", "capability_id": "CVE-2020-5376", "mapping_type": "primary_impact", "capability_group": "2020", @@ -3924,7 +3924,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "UAA", "capability_id": "CVE-2018-15761", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3935,7 +3935,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "UAA", "capability_id": "CVE-2018-15761", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -3946,7 +3946,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3787", "mapping_type": "primary_impact", "capability_group": "2019", @@ -3957,7 +3957,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3787", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3968,7 +3968,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3787", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -3979,7 +3979,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "NFS Volume Release", "capability_id": "CVE-2018-15797", "mapping_type": "primary_impact", "capability_group": "2018", @@ -3990,7 +3990,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "NFS Volume Release", "capability_id": "CVE-2018-15797", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4001,7 +4001,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Dell EMC RecoverPoint", "capability_id": "CVE-2018-15772", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4012,7 +4012,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2020-5331", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4023,7 +4023,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Dell Client Consumer and Commercial platforms", "capability_id": "CVE-2020-5362", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4034,7 +4034,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "Dell Client Consumer and Commercial platforms", "capability_id": "CVE-2020-5362", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4045,7 +4045,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance & Lifecycle", "capability_id": "CVE-2019-18571", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4056,7 +4056,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance & Lifecycle", "capability_id": "CVE-2019-18571", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4067,7 +4067,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance & Lifecycle", "capability_id": "CVE-2019-18571", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4078,7 +4078,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "CredHub CLI", "capability_id": "CVE-2019-3782", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4089,7 +4089,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "CredHub CLI", "capability_id": "CVE-2019-3782", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4100,7 +4100,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "CPG BIOS", "capability_id": "CVE-2020-5379", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4111,7 +4111,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "Application Service", "capability_id": "CVE-2018-11088", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4122,7 +4122,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Application Service", "capability_id": "CVE-2018-11088", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -4133,7 +4133,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Integrated Data Protection Appliance", "capability_id": "CVE-2018-11062", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4144,7 +4144,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Spring Security OAuth", "capability_id": "CVE-2018-15758", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4155,7 +4155,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Spring Security OAuth", "capability_id": "CVE-2018-15758", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4166,7 +4166,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "Cloud Foundry Container Runtime (CFCR)", "capability_id": "CVE-2019-3780", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4177,7 +4177,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Cloud Foundry Container Runtime (CFCR)", "capability_id": "CVE-2019-3780", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4188,7 +4188,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5369", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4199,7 +4199,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Integrated Dell Remote Access Controller (iDRAC)", "capability_id": "CVE-2020-5366", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4210,7 +4210,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Integrated Dell Remote Access Controller (iDRAC)", "capability_id": "CVE-2020-5366", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4221,7 +4221,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "CAPI-release", "capability_id": "CVE-2019-3798", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4232,7 +4232,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "CAPI-release", "capability_id": "CVE-2019-3798", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4243,7 +4243,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "OMIMSSC (OpenManage Integration for Microsoft System Center)", "capability_id": "CVE-2020-5373", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4254,7 +4254,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "OMIMSSC (OpenManage Integration for Microsoft System Center)", "capability_id": "CVE-2020-5373", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4265,7 +4265,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3788", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4276,7 +4276,7 @@ "attack_object_id": "T1566.002", "attack_object_name": "Spearphishing Link", "references": [], - "capability_description": "", + "capability_description": "UAA Release (OSS)", "capability_id": "CVE-2019-3788", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4287,7 +4287,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-11060", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4298,7 +4298,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Avamar", "capability_id": "CVE-2018-11067", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -4309,7 +4309,7 @@ "attack_object_id": "T1566.002", "attack_object_name": "Spearphishing Link", "references": [], - "capability_description": "", + "capability_description": "Avamar", "capability_id": "CVE-2018-11067", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4320,7 +4320,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Isilon OneFS", "capability_id": "CVE-2020-5328", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4331,7 +4331,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "Stratos", "capability_id": "CVE-2019-3784", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4342,7 +4342,7 @@ "attack_object_id": "T1553", "attack_object_name": "Subvert Trust Controls", "references": [], - "capability_description": "", + "capability_description": "Data Protection Central", "capability_id": "CVE-2019-3762", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4353,7 +4353,7 @@ "attack_object_id": "T1588.004", "attack_object_name": "Digital Certificates", "references": [], - "capability_description": "", + "capability_description": "Data Protection Central", "capability_id": "CVE-2019-3762", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4364,7 +4364,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2019-18582", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4375,7 +4375,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Pivotal Operations Manager", "capability_id": "CVE-2018-11049", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4386,7 +4386,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Integrated Data Protection Appliance", "capability_id": "CVE-2020-5350", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4397,7 +4397,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "Integrated Data Protection Appliance", "capability_id": "CVE-2020-5350", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4408,7 +4408,7 @@ "attack_object_id": "T1550.001", "attack_object_name": "Application Access Token", "references": [], - "capability_description": "", + "capability_description": "Spring Security", "capability_id": "CVE-2018-15801", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -4419,7 +4419,7 @@ "attack_object_id": "T1562", "attack_object_name": "Impair Defenses", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2019-18581", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4430,7 +4430,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Data Protection Advisor", "capability_id": "CVE-2019-18581", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4441,7 +4441,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2020-5332", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4452,7 +4452,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Spring Security OAuth", "capability_id": "CVE-2019-3778", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4463,7 +4463,7 @@ "attack_object_id": "T1566.002", "attack_object_name": "Spearphishing Link", "references": [], - "capability_description": "", + "capability_description": "Spring Security OAuth", "capability_id": "CVE-2019-3778", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4474,7 +4474,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "iDRAC", "capability_id": "CVE-2018-15774", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4485,7 +4485,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-15780", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4496,7 +4496,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "RSA Archer", "capability_id": "CVE-2018-15780", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -4507,7 +4507,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "BOSH Backup and Restore", "capability_id": "CVE-2019-3786", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4518,7 +4518,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "BOSH Backup and Restore", "capability_id": "CVE-2019-3786", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4529,7 +4529,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "iDRAC", "capability_id": "CVE-2019-3706", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4540,7 +4540,7 @@ "attack_object_id": "T1055.001", "attack_object_name": "Dynamic-link Library Injection", "references": [], - "capability_description": "", + "capability_description": "Dell Digital Delivery", "capability_id": "CVE-2018-11072", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4551,7 +4551,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11073", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4562,7 +4562,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11073", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -4573,7 +4573,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Authentication Manager", "capability_id": "CVE-2018-11073", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4584,7 +4584,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Spring AMQP", "capability_id": "CVE-2018-11087", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4595,7 +4595,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Dell EMC IsilonSD Management Server", "capability_id": "CVE-2019-3708", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4606,7 +4606,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "Dell EMC IsilonSD Management Server", "capability_id": "CVE-2019-3708", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4617,7 +4617,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Dell EMC IsilonSD Management Server", "capability_id": "CVE-2019-3708", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -4628,7 +4628,7 @@ "attack_object_id": "T1548.003", "attack_object_name": "Sudo and Sudo Caching", "references": [], - "capability_description": "", + "capability_description": "OpenManage Network Manager", "capability_id": "CVE-2018-15767", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4639,7 +4639,7 @@ "attack_object_id": "T1600", "attack_object_name": "Weaken Encryption", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE SSL-J", "capability_id": "CVE-2018-11069", "mapping_type": "primary_impact", "capability_group": "2018", @@ -4650,7 +4650,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "RSA BSAFE SSL-J", "capability_id": "CVE-2018-11069", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -4661,7 +4661,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance and Lifecycle", "capability_id": "CVE-2019-3763", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4672,7 +4672,7 @@ "attack_object_id": "T1078 ", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "RSA Identity Governance and Lifecycle", "capability_id": "CVE-2019-3763", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -4683,7 +4683,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Dell Command Update (DCU)", "capability_id": "CVE-2019-3750", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4694,7 +4694,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "django-two-factor-auth", "capability_id": "CVE-2020-15105", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4705,7 +4705,7 @@ "attack_object_id": "T1078 ", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "django-two-factor-auth", "capability_id": "CVE-2020-15105", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4716,7 +4716,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15188", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4727,7 +4727,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15188", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4738,7 +4738,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5250", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4749,7 +4749,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5250", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4760,7 +4760,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Sylius", "capability_id": "CVE-2019-16768", "mapping_type": "primary_impact", "capability_group": "2019", @@ -4771,7 +4771,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Red-DiscordBot", "capability_id": "CVE-2020-15147", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4782,7 +4782,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Red-DiscordBot", "capability_id": "CVE-2020-15147", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4793,7 +4793,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "wagtail", "capability_id": "CVE-2020-15118", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4804,7 +4804,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "wagtail", "capability_id": "CVE-2020-15118", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4815,7 +4815,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5210", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4826,7 +4826,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5210", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4837,7 +4837,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "BookStack", "capability_id": "CVE-2020-11055", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4848,7 +4848,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "BookStack", "capability_id": "CVE-2020-11055", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4859,7 +4859,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "viewvc", "capability_id": "CVE-2020-5283", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4870,7 +4870,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "viewvc", "capability_id": "CVE-2020-5283", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4881,7 +4881,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15211", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4892,7 +4892,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15211", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4903,7 +4903,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "SyliusResourceBundle", "capability_id": "CVE-2020-5220", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4914,7 +4914,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "SyliusResourceBundle", "capability_id": "CVE-2020-5220", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4925,7 +4925,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "http-client", "capability_id": "CVE-2020-11021", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4936,7 +4936,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "http-client", "capability_id": "CVE-2020-11021", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4947,7 +4947,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5269", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4958,7 +4958,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5269", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -4969,7 +4969,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5269", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -4980,7 +4980,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "WordPress", "capability_id": "CVE-2020-11030", "mapping_type": "primary_impact", "capability_group": "2020", @@ -4991,7 +4991,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "WordPress", "capability_id": "CVE-2020-11030", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5002,7 +5002,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "WordPress", "capability_id": "CVE-2020-11030", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5013,7 +5013,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11036", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5024,7 +5024,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11036", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5035,7 +5035,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11036", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5046,7 +5046,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "freewvs", "capability_id": "CVE-2020-15100", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5057,7 +5057,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "freewvs", "capability_id": "CVE-2020-15100", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5068,7 +5068,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "freewvs", "capability_id": "CVE-2020-15100", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5079,7 +5079,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "symfony", "capability_id": "CVE-2020-15094", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5090,7 +5090,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "symfony", "capability_id": "CVE-2020-15094", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5101,7 +5101,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Red-DiscordBot", "capability_id": "CVE-2020-15140", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5112,7 +5112,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Red-DiscordBot", "capability_id": "CVE-2020-15140", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5123,7 +5123,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11087", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5134,7 +5134,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11087", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5145,7 +5145,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "jQuery", "capability_id": "CVE-2020-11023", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5156,7 +5156,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "jQuery", "capability_id": "CVE-2020-11023", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5167,7 +5167,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "jQuery", "capability_id": "CVE-2020-11023", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5178,7 +5178,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "rctf", "capability_id": "CVE-2020-5290", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5189,7 +5189,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "rctf", "capability_id": "CVE-2020-5290", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5200,7 +5200,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Indy Node", "capability_id": "CVE-2020-11090", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5211,7 +5211,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5270", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5222,7 +5222,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5270", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5233,7 +5233,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5270", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5244,7 +5244,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5270", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5255,7 +5255,7 @@ "attack_object_id": "T1566.002", "attack_object_name": "Spearphishing Link", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5270", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5266,7 +5266,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5254", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5277,7 +5277,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5254", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5288,7 +5288,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "electron", "capability_id": "CVE-2020-15096", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5299,7 +5299,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "electron", "capability_id": "CVE-2020-15096", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5310,7 +5310,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Helm", "capability_id": "CVE-2020-11013", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5321,7 +5321,7 @@ "attack_object_id": "T1552 ", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "cli", "capability_id": "CVE-2020-15095", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5332,7 +5332,7 @@ "attack_object_id": "T1036 ", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "fosite", "capability_id": "CVE-2020-15233", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5343,7 +5343,7 @@ "attack_object_id": "T1566.002", "attack_object_name": "Spearphishing Link", "references": [], - "capability_description": "", + "capability_description": "fosite", "capability_id": "CVE-2020-15233", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5354,7 +5354,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "safety", "capability_id": "CVE-2020-5252", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5365,7 +5365,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11019", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5376,7 +5376,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11019", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5387,7 +5387,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11019", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5398,7 +5398,7 @@ "attack_object_id": "T1068 ", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15182", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5409,7 +5409,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15182", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5420,7 +5420,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5264", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5431,7 +5431,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5264", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5442,7 +5442,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5264", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5453,7 +5453,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "httplib2", "capability_id": "CVE-2020-11078", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5464,7 +5464,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Java-WebSocket", "capability_id": "CVE-2020-11050", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5475,7 +5475,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "apollo", "capability_id": "CVE-2020-15170", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5486,7 +5486,7 @@ "attack_object_id": "T1478 ", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "apollo", "capability_id": "CVE-2020-15170", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5497,7 +5497,7 @@ "attack_object_id": "T1005 ", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "october", "capability_id": "CVE-2020-5295", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5508,7 +5508,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "october", "capability_id": "CVE-2020-5295", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5519,7 +5519,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15189", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5530,7 +5530,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15189", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5541,7 +5541,7 @@ "attack_object_id": "T1133 ", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15189", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5552,7 +5552,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "HoRNDIS", "capability_id": "CVE-2020-15137", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5563,7 +5563,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "HoRNDIS", "capability_id": "CVE-2020-15137", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5574,7 +5574,7 @@ "attack_object_id": "T1190 ", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "HoRNDIS", "capability_id": "CVE-2020-15137", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5585,7 +5585,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11035", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5596,7 +5596,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11035", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5607,7 +5607,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11035", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5618,7 +5618,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "GLPI", "capability_id": "CVE-2020-11035", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5629,7 +5629,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "secure_headers", "capability_id": "CVE-2020-5217", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5640,7 +5640,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "secure_headers", "capability_id": "CVE-2020-5217", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5651,7 +5651,7 @@ "attack_object_id": "T1190 ", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Saml2", "capability_id": "CVE-2020-5261", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5662,7 +5662,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Saml2", "capability_id": "CVE-2020-5261", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5673,7 +5673,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "qutebrowser", "capability_id": "CVE-2020-11054", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5684,7 +5684,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "qutebrowser", "capability_id": "CVE-2020-11054", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5695,7 +5695,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5706,7 +5706,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5717,7 +5717,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5728,7 +5728,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5739,7 +5739,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5750,7 +5750,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5761,7 +5761,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5772,7 +5772,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "APNSwift", "capability_id": "CVE-2020-4068", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5783,7 +5783,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "solidus", "capability_id": "CVE-2020-15109", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5794,7 +5794,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "solidus", "capability_id": "CVE-2020-15109", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5805,7 +5805,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "solidus", "capability_id": "CVE-2020-15109", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5816,7 +5816,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "Kaminari", "capability_id": "CVE-2020-11082", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5827,7 +5827,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Kaminari", "capability_id": "CVE-2020-11082", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5838,7 +5838,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Kaminari", "capability_id": "CVE-2020-11082", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5849,7 +5849,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "tough", "capability_id": "CVE-2020-15093", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5860,7 +5860,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "tough", "capability_id": "CVE-2020-15093", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5871,7 +5871,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "tough", "capability_id": "CVE-2020-15093", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5882,7 +5882,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "tough", "capability_id": "CVE-2020-15093", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5893,7 +5893,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "SimpleSAMLphp", "capability_id": "CVE-2020-5225", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5904,7 +5904,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "SimpleSAMLphp", "capability_id": "CVE-2020-5225", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5915,7 +5915,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "SimpleSAMLphp", "capability_id": "CVE-2020-5225", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5926,7 +5926,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "ps_linklist", "capability_id": "CVE-2020-5266", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5937,7 +5937,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "ps_linklist", "capability_id": "CVE-2020-5266", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -5948,7 +5948,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "ps_linklist", "capability_id": "CVE-2020-5266", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -5959,7 +5959,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15208", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5970,7 +5970,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15208", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5981,7 +5981,7 @@ "attack_object_id": "T1059 ", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "primary_impact", "capability_group": "2020", @@ -5992,7 +5992,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6003,7 +6003,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6014,7 +6014,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6025,7 +6025,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6036,7 +6036,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6047,7 +6047,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "tortoise-orm", "capability_id": "CVE-2020-11010", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6058,7 +6058,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "PyInstaller", "capability_id": "CVE-2019-16784", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6069,7 +6069,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "PyInstaller", "capability_id": "CVE-2019-16784", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6080,7 +6080,7 @@ "attack_object_id": "T1059.006", "attack_object_name": "Python", "references": [], - "capability_description": "", + "capability_description": "PyInstaller", "capability_id": "CVE-2019-16784", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -6091,7 +6091,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "SyliusResourceBundle", "capability_id": "CVE-2020-15143", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6102,7 +6102,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "SyliusResourceBundle", "capability_id": "CVE-2020-15143", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6113,7 +6113,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11039", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6124,7 +6124,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11039", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6135,7 +6135,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11039", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6146,7 +6146,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15199", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6157,7 +6157,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "tensorflow", "capability_id": "CVE-2020-15199", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6168,7 +6168,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "cargo", "capability_id": "CVE-2019-16760", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6179,7 +6179,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "cargo", "capability_id": "CVE-2019-16760", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -6190,7 +6190,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "wiki-scratchsig", "capability_id": "CVE-2020-15179", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6201,7 +6201,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "wiki-scratchsig", "capability_id": "CVE-2020-15179", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6212,7 +6212,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5271", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6223,7 +6223,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5271", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6234,7 +6234,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5271", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6245,7 +6245,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "opencast", "capability_id": "CVE-2020-5231", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6256,7 +6256,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "opencast", "capability_id": "CVE-2020-5231", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6267,7 +6267,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-5279", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6278,7 +6278,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "AEgir", "capability_id": "CVE-2020-11059", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6289,7 +6289,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15183", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6300,7 +6300,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "soycms", "capability_id": "CVE-2020-15183", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6311,7 +6311,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11044", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6322,7 +6322,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "next.js", "capability_id": "CVE-2020-5284", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6333,7 +6333,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-15162", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6344,7 +6344,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "PrestaShop", "capability_id": "CVE-2020-15162", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6355,7 +6355,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "zsh-autoswitch-virtualenv", "capability_id": "CVE-2020-11073", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6366,7 +6366,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "zsh-autoswitch-virtualenv", "capability_id": "CVE-2020-11073", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6377,7 +6377,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "actionview", "capability_id": "CVE-2020-5267", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6388,7 +6388,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "actionview", "capability_id": "CVE-2020-5267", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6399,7 +6399,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "LoRaMac-node", "capability_id": "CVE-2020-11068", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6410,7 +6410,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "LoRaMac-node", "capability_id": "CVE-2020-11068", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6421,7 +6421,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "october", "capability_id": "CVE-2020-5297", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6432,7 +6432,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "october", "capability_id": "CVE-2020-5297", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6443,7 +6443,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "matestack-ui-core", "capability_id": "CVE-2020-5241", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6454,7 +6454,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "matestack-ui-core", "capability_id": "CVE-2020-5241", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6465,7 +6465,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5253", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6476,7 +6476,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5253", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6487,7 +6487,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "NetHack", "capability_id": "CVE-2020-5253", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6498,7 +6498,7 @@ "attack_object_id": "T1589", "attack_object_name": "Gather Victim Identity Information", "references": [], - "capability_description": "", + "capability_description": "sulu", "capability_id": "CVE-2020-15132", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6509,7 +6509,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "rack", "capability_id": "CVE-2019-16782", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6520,7 +6520,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "rack", "capability_id": "CVE-2019-16782", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -6531,7 +6531,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "FreeRDP", "capability_id": "CVE-2020-11045", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6542,7 +6542,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "October", "capability_id": "CVE-2020-11083", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6553,7 +6553,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "perun", "capability_id": "CVE-2020-5281", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6564,7 +6564,7 @@ "attack_object_id": "T0814", "attack_object_name": "Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Omron PLC CJ Series", "capability_id": "CVE-2020-6986", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6575,7 +6575,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Omron PLC CJ Series", "capability_id": "CVE-2020-6986", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6586,7 +6586,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "NUUO CMS", "capability_id": "CVE-2018-17934", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -6597,7 +6597,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "NUUO CMS", "capability_id": "CVE-2018-17934", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -6608,7 +6608,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "NUUO CMS", "capability_id": "CVE-2018-17934", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -6619,7 +6619,7 @@ "attack_object_id": "T1202", "attack_object_name": "Indirect Command Execution", "references": [], - "capability_description": "", + "capability_description": "NUUO CMS", "capability_id": "CVE-2018-17934", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -6630,7 +6630,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "FactoryTalk View SE", "capability_id": "CVE-2020-12029", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6641,7 +6641,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "FactoryTalk View SE", "capability_id": "CVE-2020-12029", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -6652,7 +6652,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "FactoryTalk View SE", "capability_id": "CVE-2020-12029", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6663,7 +6663,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "Geutebrück G-Cam/EFD-2250 (part n° 5.02024) firmware and Topline TopFD-2125 (part n° 5.02820) firmware", "capability_id": "CVE-2018-7520", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6674,7 +6674,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "WebAccess", "capability_id": "CVE-2018-7499", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6685,7 +6685,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "WebAccess", "capability_id": "CVE-2018-7499", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6696,7 +6696,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Moxa IKS, EDS", "capability_id": "CVE-2019-6522", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6707,7 +6707,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Moxa IKS, EDS", "capability_id": "CVE-2019-6522", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6718,7 +6718,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "LCDS LAquis SCADA", "capability_id": "CVE-2019-10980", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6729,7 +6729,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "LCDS LAquis SCADA", "capability_id": "CVE-2019-10980", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6740,7 +6740,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6751,7 +6751,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6762,7 +6762,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6773,7 +6773,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6784,7 +6784,7 @@ "attack_object_id": "T0860", "attack_object_name": "Wireless Compromise", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -6795,7 +6795,7 @@ "attack_object_id": "T1477", "attack_object_name": "Exploit via Radio Interfaces", "references": [], - "capability_description": "", + "capability_description": "Medtronic Conexus Radio Frequency Telemetry Protocol", "capability_id": "CVE-2019-6538", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -6806,7 +6806,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-7526", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6817,7 +6817,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess/SCADA", "capability_id": "CVE-2018-5445", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6828,7 +6828,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Philips IntelliSpace Portal", "capability_id": "CVE-2018-5454", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6839,7 +6839,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "V-Server", "capability_id": "CVE-2018-14819", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6850,7 +6850,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Honeywell Maxpro VMS & NVR", "capability_id": "CVE-2020-6960", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6861,7 +6861,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess Node", "capability_id": "CVE-2020-12014", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6872,7 +6872,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier", "capability_id": "CVE-2019-13511", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6883,7 +6883,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier", "capability_id": "CVE-2019-13511", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -6894,7 +6894,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software", "capability_id": "CVE-2020-12038", "mapping_type": "primary_impact", "capability_group": "2020", @@ -6905,7 +6905,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software", "capability_id": "CVE-2020-12038", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -6916,7 +6916,7 @@ "attack_object_id": "T1539", "attack_object_name": "Steal Web Session Cookie", "references": [], - "capability_description": "", + "capability_description": "Moxa IKS, EDS", "capability_id": "CVE-2019-6563", "mapping_type": "primary_impact", "capability_group": "2019", @@ -6927,7 +6927,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Moxa IKS, EDS", "capability_id": "CVE-2019-6563", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -6938,7 +6938,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Moxa IKS, EDS", "capability_id": "CVE-2019-6563", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -6949,7 +6949,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25", "capability_id": "CVE-2018-19007", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6960,7 +6960,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Geutebrück GmbH E2 Camera Series versions prior to 1.12.0.25", "capability_id": "CVE-2018-19007", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -6971,7 +6971,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "LCDS Laquis SCADA", "capability_id": "CVE-2018-18990", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6982,7 +6982,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Medtronic insulin pump", "capability_id": "CVE-2018-14781", "mapping_type": "primary_impact", "capability_group": "2018", @@ -6993,7 +6993,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Medtronic insulin pump", "capability_id": "CVE-2018-14781", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7004,7 +7004,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Universal Robots Robot Controller version CB 3.1, SW Version 3.4.5-100", "capability_id": "CVE-2018-10633", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7015,7 +7015,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "LeviStudioU", "capability_id": "CVE-2018-10610", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7026,7 +7026,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "LeviStudioU", "capability_id": "CVE-2018-10610", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7037,7 +7037,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "LeviStudioU", "capability_id": "CVE-2018-10610", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7048,7 +7048,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "LeviStudioU", "capability_id": "CVE-2018-10610", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7059,7 +7059,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "V-Server", "capability_id": "CVE-2018-14809", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7070,7 +7070,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "V-Server", "capability_id": "CVE-2018-14809", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7081,7 +7081,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "V-Server", "capability_id": "CVE-2018-14809", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7092,7 +7092,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "V-Server", "capability_id": "CVE-2018-14809", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7103,7 +7103,7 @@ "attack_object_id": "T0816", "attack_object_name": "Device Restart/Shutdown", "references": [], - "capability_description": "", + "capability_description": "ABB GATE-E1 and GATE-E2", "capability_id": "CVE-2018-18995", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7114,7 +7114,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "", + "capability_description": "ABB GATE-E1 and GATE-E2", "capability_id": "CVE-2018-18995", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7125,7 +7125,7 @@ "attack_object_id": "T0855", "attack_object_name": "Unauthorized Command Message", "references": [], - "capability_description": "", + "capability_description": "ABB GATE-E1 and GATE-E2", "capability_id": "CVE-2018-18995", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7136,7 +7136,7 @@ "attack_object_id": "T0836", "attack_object_name": "Modify Parameter", "references": [], - "capability_description": "", + "capability_description": "ABB GATE-E1 and GATE-E2", "capability_id": "CVE-2018-18995", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7147,7 +7147,7 @@ "attack_object_id": "T1213", "attack_object_name": "Data from Information Repositories", "references": [], - "capability_description": "", + "capability_description": "ABB GATE-E1 and GATE-E2", "capability_id": "CVE-2018-18995", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7158,7 +7158,7 @@ "attack_object_id": "T0855", "attack_object_name": "Unauthorized Command Message", "references": [], - "capability_description": "", + "capability_description": "WAGO PFC200 Series", "capability_id": "CVE-2018-5459", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7169,7 +7169,7 @@ "attack_object_id": "T0833", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "WAGO PFC200 Series", "capability_id": "CVE-2018-5459", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7180,7 +7180,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "WAGO PFC200 Series", "capability_id": "CVE-2018-5459", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7191,7 +7191,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "WAGO PFC200 Series", "capability_id": "CVE-2018-5459", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7202,7 +7202,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "WAGO PFC200 Series", "capability_id": "CVE-2018-5459", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7213,7 +7213,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.", "capability_id": "CVE-2019-13555", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7224,7 +7224,7 @@ "attack_object_id": "T0826", "attack_object_name": "Loss of Availability", "references": [], - "capability_description": "", + "capability_description": "Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior. MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior.", "capability_id": "CVE-2019-13555", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7235,7 +7235,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "Baxter ExactaMix EM 2400 & EM 1200", "capability_id": "CVE-2020-12008", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7246,7 +7246,7 @@ "attack_object_id": "T0859", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Baxter ExactaMix EM 2400 & EM 1200", "capability_id": "CVE-2020-12008", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -7257,7 +7257,7 @@ "attack_object_id": "T0842", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Baxter ExactaMix EM 2400 & EM 1200", "capability_id": "CVE-2020-12008", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7268,7 +7268,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "Red Lion Controls Crimson (Windows configuration software)", "capability_id": "CVE-2019-10990", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7279,7 +7279,7 @@ "attack_object_id": "T1066", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "Red Lion Controls Crimson (Windows configuration software)", "capability_id": "CVE-2019-10990", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7290,7 +7290,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "e-Alert Unit (non-medical device)", "capability_id": "CVE-2018-8852", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7301,7 +7301,7 @@ "attack_object_id": "T1574.001", "attack_object_name": "DLL Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "Network Configurator for DeviceNet Safety", "capability_id": "CVE-2019-10971", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7312,7 +7312,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "WebAccess", "capability_id": "CVE-2018-10590", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7323,7 +7323,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebAccess", "capability_id": "CVE-2018-10590", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7334,7 +7334,7 @@ "attack_object_id": "T1496", "attack_object_name": "Resource Hijacking", "references": [], - "capability_description": "", + "capability_description": "Philips Clinical Collaboration Platform", "capability_id": "CVE-2020-16200", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7345,7 +7345,7 @@ "attack_object_id": "T0826", "attack_object_name": "Loss of Availability", "references": [], - "capability_description": "", + "capability_description": "Philips Clinical Collaboration Platform", "capability_id": "CVE-2020-16200", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -7356,7 +7356,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "CNCSoft with ScreenEditor", "capability_id": "CVE-2018-10636", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7367,7 +7367,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "CNCSoft with ScreenEditor", "capability_id": "CVE-2018-10636", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7378,7 +7378,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "CNCSoft with ScreenEditor", "capability_id": "CVE-2018-10636", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7389,7 +7389,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Dräger Infinity Delta", "capability_id": "CVE-2018-19010", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7400,7 +7400,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Dräger Infinity Delta", "capability_id": "CVE-2018-19010", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7411,7 +7411,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "OSIsoft PI Web API", "capability_id": "CVE-2018-7500", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7422,7 +7422,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7433,7 +7433,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7444,7 +7444,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7455,7 +7455,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7466,7 +7466,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7477,7 +7477,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7488,7 +7488,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Equinox Control Expert", "capability_id": "CVE-2019-18234", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -7499,7 +7499,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors", "capability_id": "CVE-2020-6964", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7510,7 +7510,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors", "capability_id": "CVE-2020-6964", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7521,7 +7521,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors", "capability_id": "CVE-2020-6964", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -7532,7 +7532,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower", "capability_id": "CVE-2020-6993", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7543,7 +7543,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower", "capability_id": "CVE-2020-6993", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7554,7 +7554,7 @@ "attack_object_id": "T1078.001", "attack_object_name": "Default Accounts", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14510", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7565,7 +7565,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14510", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -7576,7 +7576,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14510", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -7587,7 +7587,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14508", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7598,7 +7598,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14508", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7609,7 +7609,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "GateManager", "capability_id": "CVE-2020-14508", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7620,7 +7620,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Delta Electronics WPLSoft", "capability_id": "CVE-2018-7494", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7631,7 +7631,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Delta Electronics WPLSoft", "capability_id": "CVE-2018-7494", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7642,7 +7642,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "VBASE Editor", "capability_id": "CVE-2020-7004", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7653,7 +7653,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Philips Alice 6 System", "capability_id": "CVE-2018-5451", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7664,7 +7664,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "WebAccess/NMS", "capability_id": "CVE-2020-10603", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7675,7 +7675,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "WebAccess/NMS", "capability_id": "CVE-2020-10603", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7686,7 +7686,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "PI Studio HMI", "capability_id": "CVE-2018-17889", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7697,7 +7697,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "EZ PLC Editor", "capability_id": "CVE-2019-13522", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7708,7 +7708,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "EZ PLC Editor", "capability_id": "CVE-2019-13522", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -7719,7 +7719,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "Baxter ExactaMix EM 2400 & EM 1200", "capability_id": "CVE-2020-12024", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7730,7 +7730,7 @@ "attack_object_id": "T0875", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation", "capability_id": "CVE-2018-17924", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7741,7 +7741,7 @@ "attack_object_id": "T0803", "attack_object_name": "Block Command Message", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation", "capability_id": "CVE-2018-17924", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7752,7 +7752,7 @@ "attack_object_id": "T0804", "attack_object_name": "Block Reporting Message", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation", "capability_id": "CVE-2018-17924", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7763,7 +7763,7 @@ "attack_object_id": "T0855", "attack_object_name": "Unauthorized Command Message", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation", "capability_id": "CVE-2018-17924", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7774,7 +7774,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Ignition 8 Gateway", "capability_id": "CVE-2020-12000", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7785,7 +7785,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Ignition 8 Gateway", "capability_id": "CVE-2020-12000", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7796,7 +7796,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "WebAccess Versions 8.3.2 and prior.", "capability_id": "CVE-2018-17910", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7807,7 +7807,7 @@ "attack_object_id": "T1202", "attack_object_name": "Indirect Command Execution", "references": [], - "capability_description": "", + "capability_description": "WebAccess", "capability_id": "CVE-2018-10589", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7818,7 +7818,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess HMI Designer", "capability_id": "CVE-2018-8835", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7829,7 +7829,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess HMI Designer", "capability_id": "CVE-2018-8835", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7840,7 +7840,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "WebAccess Versions 8.3.2 and prior.", "capability_id": "CVE-2018-17908", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7851,7 +7851,7 @@ "attack_object_id": "T1562", "attack_object_name": "Impair Defenses", "references": [], - "capability_description": "", + "capability_description": "WebAccess Versions 8.3.2 and prior.", "capability_id": "CVE-2018-17908", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -7862,7 +7862,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "STARDOM Controllers FCJ,FCN-100,FCN-RTU, FCN-500", "capability_id": "CVE-2018-17900", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7873,7 +7873,7 @@ "attack_object_id": "T1078 ", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "STARDOM Controllers FCJ,FCN-100,FCN-RTU, FCN-500", "capability_id": "CVE-2018-17900", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7884,7 +7884,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess HMI Designer", "capability_id": "CVE-2020-16211", "mapping_type": "primary_impact", "capability_group": "2020", @@ -7895,7 +7895,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess HMI Designer", "capability_id": "CVE-2020-16211", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -7906,7 +7906,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "InduSoft Web Studio", "capability_id": "CVE-2018-10620", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7917,7 +7917,7 @@ "attack_object_id": "T1575", "attack_object_name": "Native Code", "references": [], - "capability_description": "", + "capability_description": "LAquis SCADA", "capability_id": "CVE-2018-17911", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7928,7 +7928,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "PR100088 Modbus gateway", "capability_id": "CVE-2019-6549", "mapping_type": "primary_impact", "capability_group": "2019", @@ -7939,7 +7939,7 @@ "attack_object_id": "T1078 ", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "PR100088 Modbus gateway", "capability_id": "CVE-2019-6549", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -7950,7 +7950,7 @@ "attack_object_id": "T1562", "attack_object_name": "Impair Defenses", "references": [], - "capability_description": "", + "capability_description": "NUUO CMS", "capability_id": "CVE-2018-17892", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7961,7 +7961,7 @@ "attack_object_id": "T1575", "attack_object_name": "Native Code", "references": [], - "capability_description": "", + "capability_description": "FRENIC LOADER of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace", "capability_id": "CVE-2018-14802", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7972,7 +7972,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18987", "mapping_type": "primary_impact", "capability_group": "2018", @@ -7983,7 +7983,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18987", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -7994,7 +7994,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18987", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8005,7 +8005,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Philips Clinical Collaboration Platform", "capability_id": "CVE-2020-16198", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8016,7 +8016,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Philips Veradius Unity, Pulsera, and Endura Dual WAN Router", "capability_id": "CVE-2019-18263", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8027,7 +8027,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "OSIsoft PI System multiple products and versions", "capability_id": "CVE-2020-10602", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8038,7 +8038,7 @@ "attack_object_id": "T1575", "attack_object_name": "Native Code", "references": [], - "capability_description": "", + "capability_description": "WebAccess/SCADA", "capability_id": "CVE-2019-10987", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8049,7 +8049,7 @@ "attack_object_id": "T1575", "attack_object_name": "Native Code", "references": [], - "capability_description": "", + "capability_description": "Horner Automation Cscape", "capability_id": "CVE-2019-13541", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8060,7 +8060,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", "capability_id": "CVE-2020-0884", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8071,7 +8071,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", "capability_id": "CVE-2020-0884", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -8082,7 +8082,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Skype for Business Server 2019 CU2", "capability_id": "CVE-2020-1025", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8093,7 +8093,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0911", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8104,7 +8104,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0911", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8115,7 +8115,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0911", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8126,7 +8126,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0911", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8137,7 +8137,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1111", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8148,7 +8148,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1111", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8159,7 +8159,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1111", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8170,7 +8170,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1111", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8181,7 +8181,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1111", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8192,7 +8192,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8203,7 +8203,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8214,7 +8214,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8225,7 +8225,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8236,7 +8236,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8247,7 +8247,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8258,7 +8258,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -8269,7 +8269,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "ChakraCore", "capability_id": "CVE-2018-8355", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -8280,7 +8280,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1087", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8291,7 +8291,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8302,7 +8302,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8313,7 +8313,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8324,7 +8324,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8335,7 +8335,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8346,7 +8346,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0671", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8357,7 +8357,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1270", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8368,7 +8368,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1270", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8379,7 +8379,7 @@ "attack_object_id": "T1202", "attack_object_name": "Indirect Command Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1270", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8390,7 +8390,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0898", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8401,7 +8401,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0898", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8412,7 +8412,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8423,7 +8423,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8434,7 +8434,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -8445,7 +8445,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -8456,7 +8456,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -8467,7 +8467,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -8478,7 +8478,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8489,7 +8489,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1118", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8500,7 +8500,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8511,7 +8511,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8522,7 +8522,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8533,7 +8533,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8544,7 +8544,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8555,7 +8555,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Enterprise Server", "capability_id": "CVE-2020-1456", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8566,7 +8566,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1086", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8577,7 +8577,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8588,7 +8588,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8599,7 +8599,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8610,7 +8610,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8621,7 +8621,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8632,7 +8632,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1109", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8643,7 +8643,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2019-0576", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8654,7 +8654,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2019-0576", "mapping_type": "primary_impact", "capability_group": "2019", @@ -8665,7 +8665,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2019-0576", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -8676,7 +8676,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 2004 for 32-bit Systems", "capability_id": "CVE-2020-1347", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8687,7 +8687,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Forefront Endpoint Protection", "capability_id": "CVE-2020-1163", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8698,7 +8698,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1068", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8709,7 +8709,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8720,7 +8720,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8731,7 +8731,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8742,7 +8742,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8753,7 +8753,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8764,7 +8764,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8775,7 +8775,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -8786,7 +8786,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server 2010 Service Pack 2", "capability_id": "CVE-2020-1495", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -8797,7 +8797,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 2004 for x64-based Systems", "capability_id": "CVE-2020-1425", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8808,7 +8808,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 2004 for x64-based Systems", "capability_id": "CVE-2020-1425", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8819,7 +8819,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8830,7 +8830,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8841,7 +8841,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8852,7 +8852,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8863,7 +8863,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8874,7 +8874,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8885,7 +8885,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -8896,7 +8896,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2018-8248", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -8907,7 +8907,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Team Foundation Server 2018", "capability_id": "CVE-2020-0758", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8918,7 +8918,7 @@ "attack_object_id": "T1098", "attack_object_name": "Account Manipulation", "references": [], - "capability_description": "", + "capability_description": "Team Foundation Server 2018", "capability_id": "CVE-2020-0758", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -8929,7 +8929,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1141", "mapping_type": "primary_impact", "capability_group": "2020", @@ -8940,7 +8940,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1141", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -8951,7 +8951,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8962,7 +8962,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "primary_impact", "capability_group": "2018", @@ -8973,7 +8973,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8984,7 +8984,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -8995,7 +8995,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9006,7 +9006,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9017,7 +9017,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9028,7 +9028,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8111", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9039,7 +9039,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9050,7 +9050,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9061,7 +9061,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9072,7 +9072,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9083,7 +9083,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9094,7 +9094,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Microsoft Dynamics 365", "capability_id": "CVE-2018-8607", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9105,7 +9105,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1021", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9116,7 +9116,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9127,7 +9127,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9138,7 +9138,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9149,7 +9149,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9160,7 +9160,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9171,7 +9171,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9182,7 +9182,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -9193,7 +9193,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge (EdgeHTML-based)", "capability_id": "CVE-2020-1569", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -9204,7 +9204,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1903 for 32-bit Systems", "capability_id": "CVE-2019-1423", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9215,7 +9215,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1903 for 32-bit Systems", "capability_id": "CVE-2019-1423", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9226,7 +9226,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9237,7 +9237,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9248,7 +9248,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9259,7 +9259,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9270,7 +9270,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9281,7 +9281,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9292,7 +9292,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "capability_id": "CVE-2020-16874", "mapping_type": "exploitation_technique", "capability_group": "2020", @@ -9303,7 +9303,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1013", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9314,7 +9314,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1013", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9325,7 +9325,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1013", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9336,7 +9336,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9347,7 +9347,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9358,7 +9358,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9369,7 +9369,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9380,7 +9380,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9391,7 +9391,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9402,7 +9402,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9413,7 +9413,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer 11", "capability_id": "CVE-2019-0609", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9424,7 +9424,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1190", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9435,7 +9435,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9446,7 +9446,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9457,7 +9457,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9468,7 +9468,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9479,7 +9479,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9490,7 +9490,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9501,7 +9501,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9512,7 +9512,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-8353", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9523,7 +9523,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9534,7 +9534,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9545,7 +9545,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9556,7 +9556,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9567,7 +9567,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9578,7 +9578,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9589,7 +9589,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9600,7 +9600,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2018-8110", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9611,7 +9611,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9622,7 +9622,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9633,7 +9633,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9644,7 +9644,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9655,7 +9655,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9666,7 +9666,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9677,7 +9677,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft Project", "capability_id": "CVE-2018-8575", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9688,7 +9688,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9699,7 +9699,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9710,7 +9710,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9721,7 +9721,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9732,7 +9732,7 @@ "attack_object_id": "T1478", "attack_object_name": "Install Insecure or Malicious Configuration", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9743,7 +9743,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Foundation", "capability_id": "CVE-2019-1031", "mapping_type": "secondary_impact", "capability_group": "2019", @@ -9754,7 +9754,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2019-1402", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9765,7 +9765,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0955", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9776,7 +9776,7 @@ "attack_object_id": "T1134", "attack_object_name": "Access Token Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1909 for 32-bit Systems", "capability_id": "CVE-2020-0981", "mapping_type": "primary_impact", "capability_group": "2020", @@ -9787,7 +9787,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1909 for 32-bit Systems", "capability_id": "CVE-2020-0981", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9798,7 +9798,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1909 for 32-bit Systems", "capability_id": "CVE-2020-0981", "mapping_type": "secondary_impact", "capability_group": "2020", @@ -9809,7 +9809,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Word", "capability_id": "CVE-2018-8160", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9820,7 +9820,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Word", "capability_id": "CVE-2018-8160", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9831,7 +9831,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Word", "capability_id": "CVE-2018-8160", "mapping_type": "exploitation_technique", "capability_group": "2018", @@ -9842,7 +9842,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1106", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9853,7 +9853,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1106", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9864,7 +9864,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1106", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9875,7 +9875,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1106", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9886,7 +9886,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2019-1035", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9897,7 +9897,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2019-1035", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9908,7 +9908,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2019-1035", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9919,7 +9919,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2019-1035", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9930,7 +9930,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server", "capability_id": "CVE-2018-8431", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9941,7 +9941,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server", "capability_id": "CVE-2018-8431", "mapping_type": "secondary_impact", "capability_group": "2018", @@ -9952,7 +9952,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8489", "mapping_type": "primary_impact", "capability_group": "2018", @@ -9963,7 +9963,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-0926", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9974,7 +9974,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-0926", "mapping_type": "primary_impact", "capability_group": "2019", @@ -9985,7 +9985,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-0926", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -9996,7 +9996,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-0926", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -10007,7 +10007,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1052", "mapping_type": "primary_impact", "capability_group": "2019", @@ -10018,7 +10018,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1052", "mapping_type": "primary_impact", "capability_group": "2019", @@ -10029,7 +10029,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1052", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -10040,7 +10040,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Edge", "capability_id": "CVE-2019-1052", "mapping_type": "exploitation_technique", "capability_group": "2019", @@ -10051,7 +10051,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1803", "capability_id": "CVE-2020-1471", "mapping_type": "primary_impact", "capability_group": "2020", @@ -10062,7 +10062,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1903 for 32-bit Systems", "capability_id": "CVE-2020-0636", "mapping_type": "primary_impact", "capability_group": "2020", @@ -10073,7 +10073,7 @@ "attack_object_id": "T1003", "attack_object_name": "OS Credential Dumping", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1812", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10084,7 +10084,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1812", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10095,7 +10095,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11652", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10106,7 +10106,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11652", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10117,7 +10117,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-16651", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10128,7 +10128,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-16651", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10139,7 +10139,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0984", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10150,7 +10150,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0984", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10161,7 +10161,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0984", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10172,7 +10172,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9670", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10183,7 +10183,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9670", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10194,7 +10194,7 @@ "attack_object_id": "T1036.", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-15869", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10205,7 +10205,7 @@ "attack_object_id": "T1525", "attack_object_name": "Implant Internal Image", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-15869", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10216,7 +10216,7 @@ "attack_object_id": "T1036.005", "attack_object_name": "Match Legitimate Name or Location", "references": [], - "capability_description": "", + "capability_description": "Firefox", "capability_id": "CVE-2020-6808", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10227,7 +10227,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Puppet Enterprise", "capability_id": "CVE-2018-11749", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10238,7 +10238,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "Puppet Enterprise", "capability_id": "CVE-2018-11749", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10249,7 +10249,7 @@ "attack_object_id": "T1046", "attack_object_name": "Network Service Scanning", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6685", "mapping_type": "uncategorized", "capability_group": "2012", @@ -10260,7 +10260,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0099", "mapping_type": "uncategorized", "capability_group": "2016", @@ -10271,7 +10271,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3336", "mapping_type": "uncategorized", "capability_group": "2013", @@ -10282,7 +10282,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "Thunderbird", "capability_id": "CVE-2020-6820", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10293,7 +10293,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Thunderbird", "capability_id": "CVE-2020-6820", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10304,7 +10304,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9978", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10315,7 +10315,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9978", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10326,7 +10326,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2945", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10337,7 +10337,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2945", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10348,7 +10348,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4114", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10359,7 +10359,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4114", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10370,7 +10370,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4114", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10381,7 +10381,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1458", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10392,7 +10392,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1458", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10403,7 +10403,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3888", "mapping_type": "uncategorized", "capability_group": "2010", @@ -10414,7 +10414,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3888", "mapping_type": "uncategorized", "capability_group": "2010", @@ -10425,7 +10425,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-13538", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10436,7 +10436,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-13538", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10447,7 +10447,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6475", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10458,7 +10458,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6475", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10469,7 +10469,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Linux kernel", "capability_id": "CVE-2020-8835", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10480,7 +10480,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Trend Micro OfficeScan, Trend Micro Apex One", "capability_id": "CVE-2020-8467", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10491,7 +10491,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12659", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10502,7 +10502,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "kernel", "capability_id": "CVE-2020-10751", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10513,7 +10513,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1027", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10524,7 +10524,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1215", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10535,7 +10535,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1214", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10546,7 +10546,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0859", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10557,7 +10557,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-9862", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10568,7 +10568,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2018-9488", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10579,7 +10579,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Visual Studio", "capability_id": "CVE-2018-8599", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10590,7 +10590,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA", "capability_id": "CVE-2018-5463", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10601,7 +10601,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Apache Struts", "capability_id": "CVE-2018-11776", "mapping_type": "uncategorized", "capability_group": "2018", @@ -10612,7 +10612,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Domino", "capability_id": "CVE-2017-1274", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10623,7 +10623,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Windows", "capability_id": "CVE-2017-0263", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10634,7 +10634,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5195", "mapping_type": "uncategorized", "capability_group": "2016", @@ -10645,7 +10645,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7910", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10656,7 +10656,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2387", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10667,7 +10667,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2360", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10678,7 +10678,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0016", "mapping_type": "uncategorized", "capability_group": "2015", @@ -10689,7 +10689,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4113", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10700,7 +10700,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1807", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10711,7 +10711,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0322", "mapping_type": "uncategorized", "capability_group": "2014", @@ -10722,7 +10722,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0181", "mapping_type": "uncategorized", "capability_group": "2012", @@ -10733,7 +10733,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2884", "mapping_type": "uncategorized", "capability_group": "2010", @@ -10744,7 +10744,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2743", "mapping_type": "uncategorized", "capability_group": "2010", @@ -10755,7 +10755,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1612", "mapping_type": "uncategorized", "capability_group": "2009", @@ -10766,7 +10766,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "GRANDIT", "capability_id": "CVE-2020-5539", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10777,7 +10777,7 @@ "attack_object_id": " T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "GRANDIT", "capability_id": "CVE-2020-5539", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10788,7 +10788,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "GRANDIT", "capability_id": "CVE-2020-5539", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10799,7 +10799,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2017-13289", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10810,7 +10810,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2017-13289", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10821,7 +10821,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15821", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10832,7 +10832,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15821", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10843,7 +10843,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15821", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10854,7 +10854,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15821", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10865,7 +10865,7 @@ "attack_object_id": "T1149", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15821", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10876,7 +10876,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0707", "mapping_type": "uncategorized", "capability_group": "2013", @@ -10887,7 +10887,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0707", "mapping_type": "uncategorized", "capability_group": "2013", @@ -10898,7 +10898,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0707", "mapping_type": "uncategorized", "capability_group": "2013", @@ -10909,7 +10909,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10817", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10920,7 +10920,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10817", "mapping_type": "uncategorized", "capability_group": "2020", @@ -10931,7 +10931,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2019-5786", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10942,7 +10942,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2019-5786", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10953,7 +10953,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows COM", "capability_id": "CVE-2017-0213", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10964,7 +10964,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows COM", "capability_id": "CVE-2017-0213", "mapping_type": "uncategorized", "capability_group": "2017", @@ -10975,7 +10975,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2019-2215", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10986,7 +10986,7 @@ "attack_object_id": "T1404", "attack_object_name": "Exploit OS Vulnerability", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2019-2215", "mapping_type": "uncategorized", "capability_group": "2019", @@ -10997,7 +10997,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0808", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11008,7 +11008,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0808", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11019,7 +11019,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Linux kernel through 4.12.4", "capability_id": "CVE-2017-7533", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11030,7 +11030,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Linux kernel through 4.12.4", "capability_id": "CVE-2017-7533", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11041,7 +11041,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-8649", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11052,7 +11052,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-8649", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11063,7 +11063,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12652", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11074,7 +11074,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12652", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11085,7 +11085,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6324", "mapping_type": "uncategorized", "capability_group": "2014", @@ -11096,7 +11096,7 @@ "attack_object_id": "T1558.001", "attack_object_name": "Golden Ticket", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6324", "mapping_type": "uncategorized", "capability_group": "2014", @@ -11107,7 +11107,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "JR East Japan train operation information push notification App for Android", "capability_id": "CVE-2019-5954", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11118,7 +11118,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "JR East Japan train operation information push notification App for Android", "capability_id": "CVE-2019-5954", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11129,7 +11129,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-4996", "mapping_type": "uncategorized", "capability_group": "2008", @@ -11140,7 +11140,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-4996", "mapping_type": "uncategorized", "capability_group": "2008", @@ -11151,7 +11151,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-15211", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11162,7 +11162,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-15211", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11173,7 +11173,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1592", "mapping_type": "uncategorized", "capability_group": "2010", @@ -11184,7 +11184,7 @@ "attack_object_id": "T1574.002", "attack_object_name": "DLL Side-Loading", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1592", "mapping_type": "uncategorized", "capability_group": "2010", @@ -11195,7 +11195,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-11368", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11206,7 +11206,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-11368", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11217,7 +11217,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5645", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11228,7 +11228,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5645", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11239,7 +11239,7 @@ "attack_object_id": "T1078.003", "attack_object_name": "Local Accounts", "references": [], - "capability_description": "", + "capability_description": "SUSE Linux Enterprise", "capability_id": "CVE-2011-3172", "mapping_type": "uncategorized", "capability_group": "2011", @@ -11250,7 +11250,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0629", "mapping_type": "uncategorized", "capability_group": "2013", @@ -11261,7 +11261,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0629", "mapping_type": "uncategorized", "capability_group": "2013", @@ -11272,7 +11272,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3298", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11283,7 +11283,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3298", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11294,7 +11294,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "Drupal Core", "capability_id": "CVE-2017-6922", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11305,7 +11305,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Drupal Core", "capability_id": "CVE-2017-6922", "mapping_type": "uncategorized", "capability_group": "2017", @@ -11316,7 +11316,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1769", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11327,7 +11327,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1769", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11338,7 +11338,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "FreeBSD", "capability_id": "CVE-2020-7456", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11349,7 +11349,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "FreeBSD", "capability_id": "CVE-2020-7456", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11360,7 +11360,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12464", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11371,7 +11371,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12464", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11382,7 +11382,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-15393", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11393,7 +11393,7 @@ "attack_object_id": "T1499.001", "attack_object_name": "OS Exhaustion Flood", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-15393", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11404,7 +11404,7 @@ "attack_object_id": "T1091", "attack_object_name": "Replication Through Removable Media", "references": [], - "capability_description": "", + "capability_description": "macOS", "capability_id": "CVE-2020-9804", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11415,7 +11415,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "macOS", "capability_id": "CVE-2020-9804", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11426,7 +11426,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11957", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11437,7 +11437,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-19735", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11448,7 +11448,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "Security Identity Manager", "capability_id": "CVE-2018-1956", "mapping_type": "uncategorized", "capability_group": "2018", @@ -11459,7 +11459,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-12520", "mapping_type": "uncategorized", "capability_group": "2018", @@ -11470,7 +11470,7 @@ "attack_object_id": "T1110", "attack_object_name": "Brute Force", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11219", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11481,7 +11481,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11219", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11492,7 +11492,7 @@ "attack_object_id": "T1110.001", "attack_object_name": "Password Guessing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-18872", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11503,7 +11503,7 @@ "attack_object_id": "T1114.001", "attack_object_name": "Local Email Collection", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2020-9819", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11514,7 +11514,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2020-9819", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11525,7 +11525,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2020-9819", "mapping_type": "uncategorized", "capability_group": "2020", @@ -11536,7 +11536,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7912", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11547,7 +11547,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7912", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11558,7 +11558,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7935", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11569,7 +11569,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7935", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11580,7 +11580,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-9938", "mapping_type": "uncategorized", "capability_group": "2014", @@ -11591,7 +11591,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-9938", "mapping_type": "uncategorized", "capability_group": "2014", @@ -11602,7 +11602,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6367", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11613,7 +11613,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6367", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11624,7 +11624,7 @@ "attack_object_id": "T1480", "attack_object_name": "Execution Guardrails", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6367", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11635,7 +11635,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2772", "mapping_type": "uncategorized", "capability_group": "2010", @@ -11646,7 +11646,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2772", "mapping_type": "uncategorized", "capability_group": "2010", @@ -11657,7 +11657,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-5958", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11668,7 +11668,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-5958", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11679,7 +11679,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5180", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11690,7 +11690,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5180", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11701,7 +11701,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5180", "mapping_type": "uncategorized", "capability_group": "2016", @@ -11712,7 +11712,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11510", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11723,7 +11723,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11510", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11734,7 +11734,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11510", "mapping_type": "uncategorized", "capability_group": "2019", @@ -11745,7 +11745,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Moxa MXview", "capability_id": "CVE-2018-7506", "mapping_type": "uncategorized", "capability_group": "2018", @@ -11756,7 +11756,7 @@ "attack_object_id": "T1552.004", "attack_object_name": "Private Keys", "references": [], - "capability_description": "", + "capability_description": "Moxa MXview", "capability_id": "CVE-2018-7506", "mapping_type": "uncategorized", "capability_group": "2018", @@ -11767,7 +11767,7 @@ "attack_object_id": "T1134.001.", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1701", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11778,7 +11778,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1701", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11789,7 +11789,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-6129", "mapping_type": "uncategorized", "capability_group": "2013", @@ -11800,7 +11800,7 @@ "attack_object_id": "T1087", "attack_object_name": "Account Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-6129", "mapping_type": "uncategorized", "capability_group": "2013", @@ -11811,7 +11811,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-6129", "mapping_type": "uncategorized", "capability_group": "2013", @@ -11822,7 +11822,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-4051", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11833,7 +11833,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-4051", "mapping_type": "uncategorized", "capability_group": "2015", @@ -11844,7 +11844,7 @@ "attack_object_id": "T1185", "attack_object_name": "Man in the Browser", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3056", "mapping_type": "uncategorized", "capability_group": "2011", @@ -11855,7 +11855,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11866,7 +11866,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11877,7 +11877,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11888,7 +11888,7 @@ "attack_object_id": "T1057", "attack_object_name": "Process Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11899,7 +11899,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11910,7 +11910,7 @@ "attack_object_id": " T1480", "attack_object_name": "Execution Guardrails", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-4681", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11921,7 +11921,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11932,7 +11932,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11943,7 +11943,7 @@ "attack_object_id": "T1546", "attack_object_name": "Event Triggered Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11954,7 +11954,7 @@ "attack_object_id": "T1554", "attack_object_name": "Compromise Client Software Binary", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11965,7 +11965,7 @@ "attack_object_id": "T1491", "attack_object_name": "Defacement", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11976,7 +11976,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11987,7 +11987,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0158", "mapping_type": "uncategorized", "capability_group": "2012", @@ -11998,7 +11998,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2020-6418", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12009,7 +12009,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2020-6418", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12020,7 +12020,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "BIG-IP", "capability_id": "CVE-2020-5902", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12031,7 +12031,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "BIG-IP", "capability_id": "CVE-2020-5902", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12042,7 +12042,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2019-7286", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12053,7 +12053,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2019-7286", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12064,7 +12064,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-18935", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12075,7 +12075,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-18935", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12086,7 +12086,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-17026", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12097,7 +12097,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-17026", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12108,7 +12108,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2019-13720", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12119,7 +12119,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2019-13720", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12130,7 +12130,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11886", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12141,7 +12141,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11886", "mapping_type": "uncategorized", "capability_group": "2019", @@ -12152,7 +12152,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Blueimp jQuery-File-Upload", "capability_id": "CVE-2018-9206", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12163,7 +12163,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Blueimp jQuery-File-Upload", "capability_id": "CVE-2018-9206", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12174,7 +12174,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8174", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12185,7 +12185,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8174", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12196,7 +12196,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Windows Server 2008", "capability_id": "CVE-2018-8120", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12207,7 +12207,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows Server 2008", "capability_id": "CVE-2018-8120", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12218,7 +12218,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Equation Editor", "capability_id": "CVE-2018-0798", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12229,7 +12229,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Equation Editor", "capability_id": "CVE-2018-0798", "mapping_type": "uncategorized", "capability_group": "2018", @@ -12240,7 +12240,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-4656", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12251,7 +12251,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-4656", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12262,7 +12262,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-1409", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12273,7 +12273,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-1409", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12284,7 +12284,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2590", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12295,7 +12295,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2590", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12306,7 +12306,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2425", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12317,7 +12317,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2425", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12328,7 +12328,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-2817", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12339,7 +12339,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-2817", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12350,7 +12350,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0324", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12361,7 +12361,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0324", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12372,7 +12372,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0307", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12383,7 +12383,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0307", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12394,7 +12394,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5211", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12405,7 +12405,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5211", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12416,7 +12416,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2471", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12427,7 +12427,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2471", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12438,7 +12438,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1493", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12449,7 +12449,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1493", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12460,7 +12460,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0625", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12471,7 +12471,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0625", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12482,7 +12482,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0422", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12493,7 +12493,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0422", "mapping_type": "uncategorized", "capability_group": "2013", @@ -12504,7 +12504,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3402", "mapping_type": "uncategorized", "capability_group": "2011", @@ -12515,7 +12515,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3402", "mapping_type": "uncategorized", "capability_group": "2011", @@ -12526,7 +12526,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1423", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12537,7 +12537,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1423", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12548,7 +12548,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1165", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12559,7 +12559,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1165", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12570,7 +12570,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1862", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12581,7 +12581,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1862", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12592,7 +12592,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1807", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12603,7 +12603,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1807", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12614,7 +12614,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1151", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12625,7 +12625,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1151", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12636,7 +12636,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1641", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12647,7 +12647,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1641", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12658,7 +12658,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1641", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12669,7 +12669,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11901", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12680,7 +12680,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11901", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12691,7 +12691,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11901", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12702,7 +12702,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7256", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12713,7 +12713,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7256", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12724,7 +12724,7 @@ "attack_object_id": "T1134.001", "attack_object_name": "Token Impersonation/Theft", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7256", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12735,7 +12735,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3714", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12746,7 +12746,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3714", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12757,7 +12757,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3714", "mapping_type": "uncategorized", "capability_group": "2016", @@ -12768,7 +12768,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0071", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12779,7 +12779,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0071", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12790,7 +12790,7 @@ "attack_object_id": "T1204.001", "attack_object_name": "Malicious Link", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0071", "mapping_type": "uncategorized", "capability_group": "2015", @@ -12801,7 +12801,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4123", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12812,7 +12812,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4123", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12823,7 +12823,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4123", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12834,7 +12834,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0266", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12845,7 +12845,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0266", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12856,7 +12856,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0266", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12867,7 +12867,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1885", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12878,7 +12878,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1885", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12889,7 +12889,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1885", "mapping_type": "uncategorized", "capability_group": "2010", @@ -12900,7 +12900,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3459", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12911,7 +12911,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3459", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12922,7 +12922,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3459", "mapping_type": "uncategorized", "capability_group": "2009", @@ -12933,7 +12933,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13125", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12944,7 +12944,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13125", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12955,7 +12955,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13125", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12966,7 +12966,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13125", "mapping_type": "uncategorized", "capability_group": "2020", @@ -12977,7 +12977,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7187", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12988,7 +12988,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7187", "mapping_type": "uncategorized", "capability_group": "2014", @@ -12999,7 +12999,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7187", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13010,7 +13010,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7187", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13021,7 +13021,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3544", "mapping_type": "uncategorized", "capability_group": "2011", @@ -13032,7 +13032,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3544", "mapping_type": "uncategorized", "capability_group": "2011", @@ -13043,7 +13043,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3544", "mapping_type": "uncategorized", "capability_group": "2011", @@ -13054,7 +13054,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0034", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13065,7 +13065,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0034", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13076,7 +13076,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0034", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13087,7 +13087,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7756", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13098,7 +13098,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7756", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13109,7 +13109,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7756", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13120,7 +13120,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2426", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13131,7 +13131,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2426", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13142,7 +13142,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2426", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13153,7 +13153,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Equation Editor", "capability_id": "CVE-2018-0802", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13164,7 +13164,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2424", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13175,7 +13175,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-2539", "mapping_type": "uncategorized", "capability_group": "2012", @@ -13186,7 +13186,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "XML Core Services", "capability_id": "CVE-2017-0022", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13197,7 +13197,7 @@ "attack_object_id": "T1518.001", "attack_object_name": "Security Software Discovery", "references": [], - "capability_description": "", + "capability_description": "XML Core Services", "capability_id": "CVE-2017-0022", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13208,7 +13208,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-6703", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13219,7 +13219,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-16759", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13230,7 +13230,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-15107", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13241,7 +13241,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-1132", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13252,7 +13252,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Quest KACE", "capability_id": "CVE-2019-10973", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13263,7 +13263,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows Server", "capability_id": "CVE-2019-0880", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13274,7 +13274,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8611", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13285,7 +13285,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "core", "capability_id": "CVE-2018-7602", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13296,7 +13296,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1", "capability_id": "CVE-2018-7600", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13307,7 +13307,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2018-2893", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13318,7 +13318,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2018-2628", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13329,7 +13329,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-1000861", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13340,7 +13340,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance", "capability_id": "CVE-2018-0101", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13351,7 +13351,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-9841", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13362,7 +13362,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-8291", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13373,7 +13373,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco IOS and IOS XE Software", "capability_id": "CVE-2017-3881", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13384,7 +13384,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier", "capability_id": "CVE-2017-3066", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13395,7 +13395,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Microsoft Outlook", "capability_id": "CVE-2017-11774", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13406,7 +13406,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Office/WordPad", "capability_id": "CVE-2017-0199", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13417,7 +13417,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows GDI", "capability_id": "CVE-2017-0005", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13428,7 +13428,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Cisco AnyConnect Secure Mobility Client", "capability_id": "CVE-2016-9192", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13439,7 +13439,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-4902", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13450,7 +13450,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0072", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13461,7 +13461,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-8551", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13472,7 +13472,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6287", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13483,7 +13483,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6120", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13494,7 +13494,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-5279", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13505,7 +13505,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1809", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13516,7 +13516,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0050", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13527,7 +13527,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-7372", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13538,7 +13538,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-7102", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13549,7 +13549,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5057", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13560,7 +13560,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1289", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13571,7 +13571,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0641", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13582,7 +13582,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0632", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13593,7 +13593,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0631", "mapping_type": "uncategorized", "capability_group": "2013", @@ -13604,7 +13604,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-2520", "mapping_type": "uncategorized", "capability_group": "2012", @@ -13615,7 +13615,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1723", "mapping_type": "uncategorized", "capability_group": "2012", @@ -13626,7 +13626,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1557", "mapping_type": "uncategorized", "capability_group": "2012", @@ -13637,7 +13637,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-0874", "mapping_type": "uncategorized", "capability_group": "2012", @@ -13648,7 +13648,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-2900", "mapping_type": "uncategorized", "capability_group": "2011", @@ -13659,7 +13659,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-0096", "mapping_type": "uncategorized", "capability_group": "2011", @@ -13670,7 +13670,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3916", "mapping_type": "uncategorized", "capability_group": "2010", @@ -13681,7 +13681,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3653", "mapping_type": "uncategorized", "capability_group": "2010", @@ -13692,7 +13692,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0817", "mapping_type": "uncategorized", "capability_group": "2010", @@ -13703,7 +13703,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-2265", "mapping_type": "uncategorized", "capability_group": "2009", @@ -13714,7 +13714,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1308", "mapping_type": "uncategorized", "capability_group": "2009", @@ -13725,7 +13725,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "HOUSE GATE App for iOS", "capability_id": "CVE-2019-5910", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13736,7 +13736,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "HOUSE GATE App for iOS", "capability_id": "CVE-2019-5910", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13747,7 +13747,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Honeywell Notifier Web Server (NWS)", "capability_id": "CVE-2020-6974", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13758,7 +13758,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Honeywell Notifier Web Server (NWS)", "capability_id": "CVE-2020-6974", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13769,7 +13769,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Honeywell Notifier Web Server (NWS)", "capability_id": "CVE-2020-6974", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13780,7 +13780,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11738", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13791,7 +13791,7 @@ "attack_object_id": "T1055", "attack_object_name": "Process Injection", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11738", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13802,7 +13802,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9380", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13813,7 +13813,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9380", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13824,7 +13824,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10189", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13835,7 +13835,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10189", "mapping_type": "uncategorized", "capability_group": "2020", @@ -13846,7 +13846,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2019-2729", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13857,7 +13857,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2019-2729", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13868,7 +13868,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Tape Library ACSLS", "capability_id": "CVE-2019-2725", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13879,7 +13879,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "Tape Library ACSLS", "capability_id": "CVE-2019-2725", "mapping_type": "uncategorized", "capability_group": "2019", @@ -13890,7 +13890,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "MDS PulseNET and MDS PulseNET Enterprise", "capability_id": "CVE-2018-10611", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13901,7 +13901,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "MDS PulseNET and MDS PulseNET Enterprise", "capability_id": "CVE-2018-10611", "mapping_type": "uncategorized", "capability_group": "2018", @@ -13912,7 +13912,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-18362", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13923,7 +13923,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-18362", "mapping_type": "uncategorized", "capability_group": "2017", @@ -13934,7 +13934,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5062", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13945,7 +13945,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-5062", "mapping_type": "uncategorized", "capability_group": "2016", @@ -13956,7 +13956,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6480", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13967,7 +13967,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6480", "mapping_type": "uncategorized", "capability_group": "2015", @@ -13978,7 +13978,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6293", "mapping_type": "uncategorized", "capability_group": "2014", @@ -13989,7 +13989,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6293", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14000,7 +14000,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6498", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14011,7 +14011,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6498", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14022,7 +14022,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6498", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14033,7 +14033,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0295", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14044,7 +14044,7 @@ "attack_object_id": "T1059.001", "attack_object_name": "PowerShell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0295", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14055,7 +14055,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-9684", "mapping_type": "uncategorized", "capability_group": "2016", @@ -14066,7 +14066,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-9684", "mapping_type": "uncategorized", "capability_group": "2016", @@ -14077,7 +14077,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7186", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14088,7 +14088,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7186", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14099,7 +14099,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6277", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14110,7 +14110,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6277", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14121,7 +14121,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6271", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14132,7 +14132,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6271", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14143,7 +14143,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1795", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14154,7 +14154,7 @@ "attack_object_id": "T1059.004", "attack_object_name": "Unix Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1795", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14165,7 +14165,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9459", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14176,7 +14176,7 @@ "attack_object_id": "T1059.007", "attack_object_name": "JavaScript", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9459", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14187,7 +14187,7 @@ "attack_object_id": "T1539", "attack_object_name": "Steal Web Session Cookie", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9459", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14198,7 +14198,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9459", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14209,7 +14209,7 @@ "attack_object_id": "T1491", "attack_object_name": "Defacement", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-9459", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14220,7 +14220,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-1331", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14231,7 +14231,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-1331", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14242,7 +14242,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0640", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14253,7 +14253,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0640", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14264,7 +14264,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-0640", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14275,7 +14275,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-12637", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14286,7 +14286,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-12637", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14297,7 +14297,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1904", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14308,7 +14308,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1904", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14319,7 +14319,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-11708", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14330,7 +14330,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-11708", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14341,7 +14341,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-11708", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14352,7 +14352,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13126", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14363,7 +14363,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-13126", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14374,7 +14374,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2017-10271", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14385,7 +14385,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2017-10271", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14396,7 +14396,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6909", "mapping_type": "uncategorized", "capability_group": "2016", @@ -14407,7 +14407,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6909", "mapping_type": "uncategorized", "capability_group": "2016", @@ -14418,7 +14418,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6278", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14429,7 +14429,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6278", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14440,7 +14440,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-5326", "mapping_type": "uncategorized", "capability_group": "2010", @@ -14451,7 +14451,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-5326", "mapping_type": "uncategorized", "capability_group": "2010", @@ -14462,7 +14462,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3041", "mapping_type": "uncategorized", "capability_group": "2009", @@ -14473,7 +14473,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3041", "mapping_type": "uncategorized", "capability_group": "2009", @@ -14484,7 +14484,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11897", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14495,7 +14495,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11897", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14506,7 +14506,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11897", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14517,7 +14517,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11896", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14528,7 +14528,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11896", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14539,7 +14539,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11896", "mapping_type": "uncategorized", "capability_group": "2020", @@ -14550,7 +14550,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "OSIsoft PI Vision", "capability_id": "CVE-2018-7496", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14561,7 +14561,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "OSIsoft PI Vision", "capability_id": "CVE-2018-7496", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14572,7 +14572,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-1001000", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14583,7 +14583,7 @@ "attack_object_id": "T1491.002", "attack_object_name": "External Defacement", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-1001000", "mapping_type": "uncategorized", "capability_group": "2017", @@ -14594,7 +14594,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2019-8540", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14605,7 +14605,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2019-8540", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14616,7 +14616,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server", "capability_id": "CVE-2019-0604", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14627,7 +14627,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Microsoft SharePoint Server", "capability_id": "CVE-2019-0604", "mapping_type": "uncategorized", "capability_group": "2019", @@ -14638,7 +14638,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19207", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14649,7 +14649,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19207", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14660,7 +14660,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-3413", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14671,7 +14671,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-3413", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14682,7 +14682,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1675", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14693,7 +14693,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1675", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14704,7 +14704,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-4862", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14715,7 +14715,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-4862", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14726,7 +14726,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2018-2894", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14737,7 +14737,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2018-2894", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14748,7 +14748,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6081", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14759,7 +14759,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6081", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14770,7 +14770,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-4106", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14781,7 +14781,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-4106", "mapping_type": "uncategorized", "capability_group": "2011", @@ -14792,7 +14792,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "ColdFusion", "capability_id": "CVE-2018-15961", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14803,7 +14803,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "ColdFusion", "capability_id": "CVE-2018-15961", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14814,7 +14814,7 @@ "attack_object_id": "T1491", "attack_object_name": "Defacement", "references": [], - "capability_description": "", + "capability_description": "ColdFusion", "capability_id": "CVE-2018-15961", "mapping_type": "uncategorized", "capability_group": "2018", @@ -14825,7 +14825,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-8562", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14836,7 +14836,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-8562", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14847,7 +14847,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-8562", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14858,7 +14858,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-8562", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14869,7 +14869,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3900", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14880,7 +14880,7 @@ "attack_object_id": "T1539", "attack_object_name": "Steal Web Session Cookie", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3900", "mapping_type": "uncategorized", "capability_group": "2013", @@ -14891,7 +14891,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1539", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14902,7 +14902,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1539", "mapping_type": "uncategorized", "capability_group": "2015", @@ -14913,7 +14913,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3765", "mapping_type": "uncategorized", "capability_group": "2010", @@ -14924,7 +14924,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3765", "mapping_type": "uncategorized", "capability_group": "2010", @@ -14935,7 +14935,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7235", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14946,7 +14946,7 @@ "attack_object_id": "T1550", "attack_object_name": "Use Alternate Authentication Material", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7235", "mapping_type": "uncategorized", "capability_group": "2014", @@ -14957,7 +14957,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-3015", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14968,7 +14968,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-3015", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14979,7 +14979,7 @@ "attack_object_id": "T1213", "attack_object_name": "Data from Information Repositories", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-3015", "mapping_type": "uncategorized", "capability_group": "2012", @@ -14990,7 +14990,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1761", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15001,7 +15001,7 @@ "attack_object_id": "T1569", "attack_object_name": "System Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1761", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15012,7 +15012,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "opOpenSocialPlugin", "capability_id": "CVE-2013-4335", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15023,7 +15023,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "opOpenSocialPlugin", "capability_id": "CVE-2013-4335", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15034,7 +15034,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "opOpenSocialPlugin", "capability_id": "CVE-2013-4335", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15045,7 +15045,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "opOpenSocialPlugin", "capability_id": "CVE-2013-4335", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15056,7 +15056,7 @@ "attack_object_id": "T1200", "attack_object_name": "Hardware Additions", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9019", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15067,7 +15067,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-9019", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15078,7 +15078,7 @@ "attack_object_id": "T1202", "attack_object_name": "Indirect Command Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3893", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15089,7 +15089,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3893", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15100,7 +15100,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3893", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15111,7 +15111,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2020-9818", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15122,7 +15122,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Junos OS", "capability_id": "CVE-2020-1631", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15133,7 +15133,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows Server", "capability_id": "CVE-2020-1350", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15144,7 +15144,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0938", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15155,7 +15155,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Thunderbird", "capability_id": "CVE-2019-9791", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15166,7 +15166,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Palo Alto Networks GlobalProtect Portal/Gateway Interface", "capability_id": "CVE-2019-1579", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15177,7 +15177,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "android-gif-drawable", "capability_id": "CVE-2019-11932", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15188,7 +15188,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0903", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15199,7 +15199,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0803", "mapping_type": "uncategorized", "capability_group": "2019", @@ -15210,7 +15210,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Advantech WebAccess HMI Designer", "capability_id": "CVE-2018-8833", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15221,7 +15221,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows Server 2008", "capability_id": "CVE-2018-8589", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15232,7 +15232,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Omron CX-Supervisor", "capability_id": "CVE-2018-7513", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15243,7 +15243,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-20838", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15254,7 +15254,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18956", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15265,7 +15265,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-10376", "mapping_type": "uncategorized", "capability_group": "2018", @@ -15276,7 +15276,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-5613", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15287,7 +15287,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-2404", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15298,7 +15298,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "InPage reader", "capability_id": "CVE-2017-12824", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15309,7 +15309,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-9299", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15320,7 +15320,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-2208", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15331,7 +15331,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-3864", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15342,7 +15342,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7169", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15353,7 +15353,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-5334", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15364,7 +15364,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "obs-service-set_version", "capability_id": "CVE-2014-0593", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15375,7 +15375,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3897", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15386,7 +15386,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3163", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15397,7 +15397,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-2311", "mapping_type": "uncategorized", "capability_group": "2012", @@ -15408,7 +15408,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1856", "mapping_type": "uncategorized", "capability_group": "2012", @@ -15419,7 +15419,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-3192", "mapping_type": "uncategorized", "capability_group": "2011", @@ -15430,7 +15430,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-2005", "mapping_type": "uncategorized", "capability_group": "2011", @@ -15441,7 +15441,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-4398", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15452,7 +15452,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2568", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15463,7 +15463,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2152", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15474,7 +15474,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1297", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15485,7 +15485,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0842", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15496,7 +15496,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0480", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15507,7 +15507,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1800", "mapping_type": "uncategorized", "capability_group": "2009", @@ -15518,7 +15518,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1671", "mapping_type": "uncategorized", "capability_group": "2009", @@ -15529,7 +15529,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0824", "mapping_type": "uncategorized", "capability_group": "2009", @@ -15540,7 +15540,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-2992", "mapping_type": "uncategorized", "capability_group": "2008", @@ -15551,7 +15551,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Apache Struts", "capability_id": "CVE-2017-5638", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15562,7 +15562,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Apache Struts", "capability_id": "CVE-2017-5638", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15573,7 +15573,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1494", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15584,7 +15584,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1494", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15595,7 +15595,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1494", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15606,7 +15606,7 @@ "attack_object_id": "T1497", "attack_object_name": "Virtualization/Sandbox Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1494", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15617,7 +15617,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Thunderbird", "capability_id": "CVE-2020-6819", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15628,7 +15628,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Thunderbird", "capability_id": "CVE-2020-6819", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15639,7 +15639,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10257", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15650,7 +15650,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-10257", "mapping_type": "uncategorized", "capability_group": "2020", @@ -15661,7 +15661,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-15919", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15672,7 +15672,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-15919", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15683,7 +15683,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer", "capability_id": "CVE-2017-0222", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15694,7 +15694,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer", "capability_id": "CVE-2017-0222", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15705,7 +15705,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer", "capability_id": "CVE-2017-0149", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15716,7 +15716,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Internet Explorer", "capability_id": "CVE-2017-0149", "mapping_type": "uncategorized", "capability_group": "2017", @@ -15727,7 +15727,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Firefox", "capability_id": "CVE-2016-9079", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15738,7 +15738,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "Firefox", "capability_id": "CVE-2016-9079", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15749,7 +15749,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7189", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15760,7 +15760,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7189", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15771,7 +15771,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3393", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15782,7 +15782,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3393", "mapping_type": "uncategorized", "capability_group": "2016", @@ -15793,7 +15793,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-5123", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15804,7 +15804,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-5123", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15815,7 +15815,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2502", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15826,7 +15826,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2502", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15837,7 +15837,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2419", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15848,7 +15848,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2419", "mapping_type": "uncategorized", "capability_group": "2015", @@ -15859,7 +15859,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6332", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15870,7 +15870,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6332", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15881,7 +15881,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1815", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15892,7 +15892,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1815", "mapping_type": "uncategorized", "capability_group": "2014", @@ -15903,7 +15903,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2465", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15914,7 +15914,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2465", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15925,7 +15925,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2423", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15936,7 +15936,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-2423", "mapping_type": "uncategorized", "capability_group": "2013", @@ -15947,7 +15947,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-3213", "mapping_type": "uncategorized", "capability_group": "2012", @@ -15958,7 +15958,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-3213", "mapping_type": "uncategorized", "capability_group": "2012", @@ -15969,7 +15969,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3971", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15980,7 +15980,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3971", "mapping_type": "uncategorized", "capability_group": "2010", @@ -15991,7 +15991,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1136", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16002,7 +16002,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-1136", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16013,7 +16013,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1776", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16024,7 +16024,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1776", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16035,7 +16035,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-1776", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16046,7 +16046,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3918", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16057,7 +16057,7 @@ "attack_object_id": "T1189", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3918", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16068,7 +16068,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3918", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16079,7 +16079,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2020-2883", "mapping_type": "uncategorized", "capability_group": "2020", @@ -16090,7 +16090,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "WebLogic Server", "capability_id": "CVE-2020-2883", "mapping_type": "uncategorized", "capability_group": "2020", @@ -16101,7 +16101,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0601", "mapping_type": "uncategorized", "capability_group": "2020", @@ -16112,7 +16112,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-0601", "mapping_type": "uncategorized", "capability_group": "2020", @@ -16123,7 +16123,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "exim", "capability_id": "CVE-2019-10149", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16134,7 +16134,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "exim", "capability_id": "CVE-2019-10149", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16145,7 +16145,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-20062", "mapping_type": "uncategorized", "capability_group": "2018", @@ -16156,7 +16156,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-20062", "mapping_type": "uncategorized", "capability_group": "2018", @@ -16167,7 +16167,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6366", "mapping_type": "uncategorized", "capability_group": "2016", @@ -16178,7 +16178,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6366", "mapping_type": "uncategorized", "capability_group": "2016", @@ -16189,7 +16189,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Confluence Server", "capability_id": "CVE-2019-3396", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16200,7 +16200,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Confluence Server", "capability_id": "CVE-2019-3396", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16211,7 +16211,7 @@ "attack_object_id": "T1083", "attack_object_name": "File and Directory Discovery", "references": [], - "capability_description": "", + "capability_description": "Confluence Server", "capability_id": "CVE-2019-3396", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16222,7 +16222,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "WinRAR", "capability_id": "CVE-2018-20250", "mapping_type": "uncategorized", "capability_group": "2018", @@ -16233,7 +16233,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "WinRAR", "capability_id": "CVE-2018-20250", "mapping_type": "uncategorized", "capability_group": "2018", @@ -16244,7 +16244,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows Shell", "capability_id": "CVE-2017-8464", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16255,7 +16255,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Windows Shell", "capability_id": "CVE-2017-8464", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16266,7 +16266,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-11882", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16277,7 +16277,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-11882", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16288,7 +16288,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-11826", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16299,7 +16299,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-11826", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16310,7 +16310,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-0261", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16321,7 +16321,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-0261", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16332,7 +16332,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6585", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16343,7 +16343,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6585", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16354,7 +16354,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1642", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16365,7 +16365,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1642", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16376,7 +16376,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0096", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16387,7 +16387,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-0096", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16398,7 +16398,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7247", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16409,7 +16409,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-7247", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16420,7 +16420,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6352", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16431,7 +16431,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-6352", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16442,7 +16442,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1331", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16453,7 +16453,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-1331", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16464,7 +16464,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1424", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16475,7 +16475,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-1424", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16486,7 +16486,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0840", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16497,7 +16497,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0840", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16508,7 +16508,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-4324", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16519,7 +16519,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-4324", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16530,7 +16530,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0556", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16541,7 +16541,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0556", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16552,7 +16552,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier", "capability_id": "CVE-2019-13510", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16563,7 +16563,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier", "capability_id": "CVE-2019-13510", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16574,7 +16574,7 @@ "attack_object_id": "T1204.001.", "attack_object_name": "", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7925", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16585,7 +16585,7 @@ "attack_object_id": "T1529", "attack_object_name": "System Shutdown/Reboot", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7925", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16596,7 +16596,7 @@ "attack_object_id": "T1542.001", "attack_object_name": "System Firmware", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7925", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16607,7 +16607,7 @@ "attack_object_id": " T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7925", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16618,7 +16618,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Horner Automation Cscape", "capability_id": "CVE-2019-13541", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16629,7 +16629,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Horner Automation Cscape", "capability_id": "CVE-2019-13541", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16640,7 +16640,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier", "capability_id": "CVE-2019-13527", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16651,7 +16651,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier", "capability_id": "CVE-2019-13527", "mapping_type": "uncategorized", "capability_group": "2019", @@ -16662,7 +16662,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.", "capability_id": "CVE-2017-8570", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16673,7 +16673,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.", "capability_id": "CVE-2017-8570", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16684,7 +16684,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-0262", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16695,7 +16695,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft Office", "capability_id": "CVE-2017-0262", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16706,7 +16706,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7193", "mapping_type": "uncategorized", "capability_group": "2016", @@ -16717,7 +16717,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7193", "mapping_type": "uncategorized", "capability_group": "2016", @@ -16728,7 +16728,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2509", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16739,7 +16739,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2509", "mapping_type": "uncategorized", "capability_group": "2015", @@ -16750,7 +16750,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0810", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16761,7 +16761,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0810", "mapping_type": "uncategorized", "capability_group": "2014", @@ -16772,7 +16772,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3644", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16783,7 +16783,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3644", "mapping_type": "uncategorized", "capability_group": "2013", @@ -16794,7 +16794,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3915", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16805,7 +16805,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3915", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16816,7 +16816,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3333", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16827,7 +16827,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3333", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16838,7 +16838,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2862", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16849,7 +16849,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2862", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16860,7 +16860,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0028", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16871,7 +16871,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0028", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16882,7 +16882,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3129", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16893,7 +16893,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-3129", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16904,7 +16904,7 @@ "attack_object_id": "T1204.002", "attack_object_name": "Malicious File", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0927", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16915,7 +16915,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0927", "mapping_type": "uncategorized", "capability_group": "2009", @@ -16926,7 +16926,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Version 1909 for 32-bit Systems", "capability_id": "CVE-2020-1206", "mapping_type": "uncategorized", "capability_group": "2020", @@ -16937,7 +16937,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "Microsoft Windows", "capability_id": "CVE-2017-8543", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16948,7 +16948,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "Microsoft Windows Server 2003 SP1, SP2 Windows XP - SP3", "capability_id": "CVE-2017-0176", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16959,7 +16959,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-2729", "mapping_type": "uncategorized", "capability_group": "2010", @@ -16970,7 +16970,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-4250", "mapping_type": "uncategorized", "capability_group": "2008", @@ -16981,7 +16981,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14323", "mapping_type": "uncategorized", "capability_group": "2017", @@ -16992,7 +16992,7 @@ "attack_object_id": "T1046", "attack_object_name": "Network Service Scanning", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14323", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17003,7 +17003,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14323", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17014,7 +17014,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17025,7 +17025,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17036,7 +17036,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17047,7 +17047,7 @@ "attack_object_id": "T1005", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17058,7 +17058,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17069,7 +17069,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17080,7 +17080,7 @@ "attack_object_id": "T1133", "attack_object_name": "External Remote Services", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-0751", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17091,7 +17091,7 @@ "attack_object_id": "T1210", "attack_object_name": "Exploitation of Remote Services", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Servers", "capability_id": "CVE-2018-8414", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17102,7 +17102,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Servers", "capability_id": "CVE-2018-8414", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17113,7 +17113,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Windows 10 Servers", "capability_id": "CVE-2018-8414", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17124,7 +17124,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Trend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)", "capability_id": "CVE-2020-8468", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17135,7 +17135,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Chrome", "capability_id": "CVE-2018-6112", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17146,7 +17146,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7755", "mapping_type": "uncategorized", "capability_group": "2015", @@ -17157,7 +17157,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Hatena Bookmark App for iOS", "capability_id": "CVE-2018-0560", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17168,7 +17168,7 @@ "attack_object_id": "T1036", "attack_object_name": "Masquerading", "references": [], - "capability_description": "", + "capability_description": "Hatena Bookmark App for iOS", "capability_id": "CVE-2018-0560", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17179,7 +17179,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Windows 10", "capability_id": "CVE-2018-8337", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17190,7 +17190,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "Windows 10", "capability_id": "CVE-2018-8337", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17201,7 +17201,7 @@ "attack_object_id": "T1485", "attack_object_name": "Data Destruction", "references": [], - "capability_description": "", + "capability_description": "Windows 10", "capability_id": "CVE-2018-8337", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17212,7 +17212,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-20753", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17223,7 +17223,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "Fortinet FortiOS, FortiProxy", "capability_id": "CVE-2018-13379", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17234,7 +17234,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-6415", "mapping_type": "uncategorized", "capability_group": "2016", @@ -17245,7 +17245,7 @@ "attack_object_id": "T1404", "attack_object_name": "Exploit OS Vulnerability", "references": [], - "capability_description": "", + "capability_description": "iOS", "capability_id": "CVE-2019-7287", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17256,7 +17256,7 @@ "attack_object_id": "T1404", "attack_object_name": "Exploit OS Vulnerability", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1805", "mapping_type": "uncategorized", "capability_group": "2015", @@ -17267,7 +17267,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-1805", "mapping_type": "uncategorized", "capability_group": "2015", @@ -17278,7 +17278,7 @@ "attack_object_id": "T1409", "attack_object_name": "Access Stored Application Data", "references": [], - "capability_description": "", + "capability_description": "Kaspersky Lab Kaspersky Internet Security for Android 11.12.4.1622", "capability_id": "CVE-2017-12817", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17289,7 +17289,7 @@ "attack_object_id": "T1456", "attack_object_name": "Drive-by Compromise", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-4655", "mapping_type": "uncategorized", "capability_group": "2016", @@ -17300,7 +17300,7 @@ "attack_object_id": "T1461", "attack_object_name": "Lockscreen Bypass", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2017-0493", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17311,7 +17311,7 @@ "attack_object_id": "T1533", "attack_object_name": "Data from Local System", "references": [], - "capability_description": "", + "capability_description": "Android", "capability_id": "CVE-2017-0493", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17322,7 +17322,7 @@ "attack_object_id": "T1477", "attack_object_name": "Exploit via Radio Interfaces", "references": [], - "capability_description": "", + "capability_description": "WhatsApp for Android", "capability_id": "CVE-2019-3568", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17366,7 +17366,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "Firefox ESR", "capability_id": "CVE-2019-11707", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17377,7 +17377,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14934", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17388,7 +17388,7 @@ "attack_object_id": "T1499", "attack_object_name": "Endpoint Denial of Service", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-2055", "mapping_type": "uncategorized", "capability_group": "2009", @@ -17399,7 +17399,7 @@ "attack_object_id": "T1499.003", "attack_object_name": "Application Exhaustion Flood", "references": [], - "capability_description": "", + "capability_description": "timespan node module", "capability_id": "CVE-2017-16115", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17410,7 +17410,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-8648", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17421,7 +17421,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-14059", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17432,7 +17432,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12888", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17443,7 +17443,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12655", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17454,7 +17454,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11884", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17465,7 +17465,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11668", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17476,7 +17476,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-16302", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17487,7 +17487,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-11869", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17498,7 +17498,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-21091", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17509,7 +17509,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "Cisco Adaptive Security Appliance (ASA) Software", "capability_id": "CVE-2018-15454", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17520,7 +17520,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-14679", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17531,7 +17531,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-9142", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17542,7 +17542,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "MQTT.js", "capability_id": "CVE-2017-10910", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17553,7 +17553,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-10810", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17564,7 +17564,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-1752", "mapping_type": "uncategorized", "capability_group": "2011", @@ -17575,7 +17575,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12653", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17586,7 +17586,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12653", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17597,7 +17597,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11608", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17608,7 +17608,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11608", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17619,7 +17619,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-12769", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17630,7 +17630,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-4854", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17641,7 +17641,7 @@ "attack_object_id": "T1505", "attack_object_name": "Server Software Component", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4148", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17652,7 +17652,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4148", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17663,7 +17663,7 @@ "attack_object_id": "T1136", "attack_object_name": "Create Account", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4148", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17674,7 +17674,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4148", "mapping_type": "uncategorized", "capability_group": "2014", @@ -17685,7 +17685,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3088", "mapping_type": "uncategorized", "capability_group": "2016", @@ -17696,7 +17696,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3088", "mapping_type": "uncategorized", "capability_group": "2016", @@ -17707,7 +17707,7 @@ "attack_object_id": "T1505.003", "attack_object_name": "Web Shell", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5576", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17718,7 +17718,7 @@ "attack_object_id": "T1190", "attack_object_name": "Exploit Public-Facing Application", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5576", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17729,7 +17729,7 @@ "attack_object_id": "T1518", "attack_object_name": "Software Discovery", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-3351", "mapping_type": "uncategorized", "capability_group": "2016", @@ -17740,7 +17740,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11651", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17751,7 +17751,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11651", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17762,7 +17762,7 @@ "attack_object_id": "T1059", "attack_object_name": "Command and Scripting Interpreter", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2020-11651", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17773,7 +17773,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "hydra", "capability_id": "CVE-2020-5300", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17784,7 +17784,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "hydra", "capability_id": "CVE-2020-5300", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17795,7 +17795,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5054", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17806,7 +17806,7 @@ "attack_object_id": "T1212", "attack_object_name": "Exploitation for Credential Access", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5054", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17817,7 +17817,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-7246", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17828,7 +17828,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-7246", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17839,7 +17839,7 @@ "attack_object_id": "T1548", "attack_object_name": "Abuse Elevation Control Mechanism", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14486", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17850,7 +17850,7 @@ "attack_object_id": "T1499.004", "attack_object_name": "Application or System Exploitation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14486", "mapping_type": "uncategorized", "capability_group": "2017", @@ -17861,7 +17861,7 @@ "attack_object_id": "T1548.002", "attack_object_name": "Bypass User Account Control", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5065", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17872,7 +17872,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-5065", "mapping_type": "uncategorized", "capability_group": "2013", @@ -17883,7 +17883,7 @@ "attack_object_id": "T1548.002", "attack_object_name": "Bypass User Account Control", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-0655", "mapping_type": "uncategorized", "capability_group": "2008", @@ -17894,7 +17894,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-0655", "mapping_type": "uncategorized", "capability_group": "2008", @@ -17905,7 +17905,7 @@ "attack_object_id": "T1550.002", "attack_object_name": "Pass the Hash", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-5290", "mapping_type": "uncategorized", "capability_group": "2010", @@ -17916,7 +17916,7 @@ "attack_object_id": "T1552.001", "attack_object_name": "Credentials In Files", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-5290", "mapping_type": "uncategorized", "capability_group": "2010", @@ -17927,7 +17927,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "Qradar Advisor", "capability_id": "CVE-2020-4408", "mapping_type": "uncategorized", "capability_group": "2020", @@ -17938,7 +17938,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "SINEMA Remote Connect Server", "capability_id": "CVE-2019-13922", "mapping_type": "uncategorized", "capability_group": "2019", @@ -17949,7 +17949,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-7259", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17960,7 +17960,7 @@ "attack_object_id": "T1040", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-7259", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17971,7 +17971,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18641", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17982,7 +17982,7 @@ "attack_object_id": "T1528", "attack_object_name": "Steal Application Access Token", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18641", "mapping_type": "uncategorized", "capability_group": "2018", @@ -17993,7 +17993,7 @@ "attack_object_id": "T1552", "attack_object_name": "Unsecured Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14487", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18004,7 +18004,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14487", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18015,7 +18015,7 @@ "attack_object_id": "T1204", "attack_object_name": "User Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14487", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18026,7 +18026,7 @@ "attack_object_id": "T0880", "attack_object_name": "Loss of Safety", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2017-14487", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18037,7 +18037,7 @@ "attack_object_id": "T1553", "attack_object_name": "Subvert Trust Controls", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4077", "mapping_type": "uncategorized", "capability_group": "2014", @@ -18048,7 +18048,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4077", "mapping_type": "uncategorized", "capability_group": "2014", @@ -18059,7 +18059,7 @@ "attack_object_id": "T1553.002", "attack_object_name": "Code Signing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4077", "mapping_type": "uncategorized", "capability_group": "2014", @@ -18070,7 +18070,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "DHC Online Shop App for Android", "capability_id": "CVE-2018-0622", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18081,7 +18081,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-7931", "mapping_type": "uncategorized", "capability_group": "2015", @@ -18092,7 +18092,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-3566", "mapping_type": "uncategorized", "capability_group": "2014", @@ -18103,7 +18103,7 @@ "attack_object_id": "T1557", "attack_object_name": "Man-in-the-Middle", "references": [], - "capability_description": "", + "capability_description": "Mizuho Direct App for Android", "capability_id": "CVE-2018-16179", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18114,7 +18114,7 @@ "attack_object_id": "T1211", "attack_object_name": "Exploitation for Defense Evasion", "references": [], - "capability_description": "", + "capability_description": "Mizuho Direct App for Android", "capability_id": "CVE-2018-16179", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18125,7 +18125,7 @@ "attack_object_id": "T1563", "attack_object_name": "Remote Service Session Hijacking", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2019-12258", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18136,7 +18136,7 @@ "attack_object_id": "T1565.003", "attack_object_name": "Runtime Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-10299", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18147,7 +18147,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1020", "mapping_type": "uncategorized", "capability_group": "2020", @@ -18158,7 +18158,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2020-1020", "mapping_type": "uncategorized", "capability_group": "2020", @@ -18169,7 +18169,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Microsoft .NET Framework", "capability_id": "CVE-2017-8759", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18180,7 +18180,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Microsoft .NET Framework", "capability_id": "CVE-2017-8759", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18191,7 +18191,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "Windows kernel", "capability_id": "CVE-2017-11847", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18202,7 +18202,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Windows kernel", "capability_id": "CVE-2017-11847", "mapping_type": "uncategorized", "capability_group": "2017", @@ -18213,7 +18213,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3906", "mapping_type": "uncategorized", "capability_group": "2013", @@ -18224,7 +18224,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3906", "mapping_type": "uncategorized", "capability_group": "2013", @@ -18235,7 +18235,7 @@ "attack_object_id": "T1566", "attack_object_name": "Phishing", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6467", "mapping_type": "uncategorized", "capability_group": "2012", @@ -18246,7 +18246,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-6467", "mapping_type": "uncategorized", "capability_group": "2012", @@ -18257,7 +18257,7 @@ "attack_object_id": "T1566.001", "attack_object_name": "Spearphishing Attachment", "references": [], - "capability_description": "", + "capability_description": "Drupal Core", "capability_id": "CVE-2019-6340", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18268,7 +18268,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "Drupal Core", "capability_id": "CVE-2019-6340", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18279,7 +18279,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "\"HCL Verse for Android\"", "capability_id": "CVE-2020-4100", "mapping_type": "uncategorized", "capability_group": "2020", @@ -18290,7 +18290,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Microsoft Exchange Server 2013", "capability_id": "CVE-2020-0688", "mapping_type": "uncategorized", "capability_group": "2020", @@ -18301,7 +18301,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Microsoft Exchange Server 2013", "capability_id": "CVE-2020-0688", "mapping_type": "uncategorized", "capability_group": "2020", @@ -18312,7 +18312,7 @@ "attack_object_id": "T1574", "attack_object_name": "Hijack Execution Flow", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0708", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18323,7 +18323,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "Windows", "capability_id": "CVE-2019-0708", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18334,7 +18334,7 @@ "attack_object_id": "T1574.001", "attack_object_name": "DLL Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-10657", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18345,7 +18345,7 @@ "attack_object_id": "T1574.001", "attack_object_name": "DLL Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2009-0238", "mapping_type": "uncategorized", "capability_group": "2009", @@ -18356,7 +18356,7 @@ "attack_object_id": "T1574.008", "attack_object_name": "Path Interception by Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "Pivotal Operations Manager", "capability_id": "CVE-2018-11049", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18367,7 +18367,7 @@ "attack_object_id": "T1574.008", "attack_object_name": "Path Interception by Search Order Hijacking", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-1854", "mapping_type": "uncategorized", "capability_group": "2012", @@ -18378,7 +18378,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Windows Server", "capability_id": "CVE-2019-0797", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18389,7 +18389,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8453", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18400,7 +18400,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "Windows 7", "capability_id": "CVE-2018-8440", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18411,7 +18411,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19320", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18422,7 +18422,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-7255", "mapping_type": "uncategorized", "capability_group": "2016", @@ -18433,7 +18433,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0728", "mapping_type": "uncategorized", "capability_group": "2016", @@ -18444,7 +18444,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0167", "mapping_type": "uncategorized", "capability_group": "2016", @@ -18455,7 +18455,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2016-0165", "mapping_type": "uncategorized", "capability_group": "2016", @@ -18466,7 +18466,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-6175", "mapping_type": "uncategorized", "capability_group": "2015", @@ -18477,7 +18477,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2015-2546", "mapping_type": "uncategorized", "capability_group": "2015", @@ -18488,7 +18488,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2014-4076", "mapping_type": "uncategorized", "capability_group": "2014", @@ -18499,7 +18499,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-6282", "mapping_type": "uncategorized", "capability_group": "2013", @@ -18510,7 +18510,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2013-3660", "mapping_type": "uncategorized", "capability_group": "2013", @@ -18521,7 +18521,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2012-2319", "mapping_type": "uncategorized", "capability_group": "2012", @@ -18532,7 +18532,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2011-1249", "mapping_type": "uncategorized", "capability_group": "2011", @@ -18543,7 +18543,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3081", "mapping_type": "uncategorized", "capability_group": "2010", @@ -18554,7 +18554,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-0232", "mapping_type": "uncategorized", "capability_group": "2010", @@ -18565,7 +18565,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2008-3431", "mapping_type": "uncategorized", "capability_group": "2008", @@ -18576,7 +18576,7 @@ "attack_object_id": "T1608", "attack_object_name": "Stage Capabilities", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3338", "mapping_type": "uncategorized", "capability_group": "2010", @@ -18587,7 +18587,7 @@ "attack_object_id": "T1053.005", "attack_object_name": "Scheduled Task", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2010-3338", "mapping_type": "uncategorized", "capability_group": "2010", @@ -18598,7 +18598,7 @@ "attack_object_id": "T0812", "attack_object_name": "Default Credentials", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-14847", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18609,7 +18609,7 @@ "attack_object_id": "T1078", "attack_object_name": "Valid Accounts", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-14847", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18620,7 +18620,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18665", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18631,7 +18631,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18667", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18642,7 +18642,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-18667", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18653,7 +18653,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-17877", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18664,7 +18664,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-17877", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18675,7 +18675,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19831", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18686,7 +18686,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19831", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18697,7 +18697,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19831", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18708,7 +18708,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19830", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18719,7 +18719,7 @@ "attack_object_id": "T1565", "attack_object_name": "Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19830", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18730,7 +18730,7 @@ "attack_object_id": "T1068", "attack_object_name": "Exploitation for Privilege Escalation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19830", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18741,7 +18741,7 @@ "attack_object_id": "T0828", "attack_object_name": "Loss of Productivity and Revenue", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19833", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18752,7 +18752,7 @@ "attack_object_id": "T1565.001", "attack_object_name": "Stored Data Manipulation", "references": [], - "capability_description": "", + "capability_description": "n/a", "capability_id": "CVE-2018-19833", "mapping_type": "uncategorized", "capability_group": "2018", @@ -18763,7 +18763,7 @@ "attack_object_id": "T0855", "attack_object_name": "Unauthorized Command Message", "references": [], - "capability_description": "", + "capability_description": "Omron PLC CJ and CS Series", "capability_id": "CVE-2019-13533", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18774,7 +18774,7 @@ "attack_object_id": "T0842", "attack_object_name": "Network Sniffing", "references": [], - "capability_description": "", + "capability_description": "Omron PLC CJ and CS Series", "capability_id": "CVE-2019-13533", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18785,7 +18785,7 @@ "attack_object_id": "T0873", "attack_object_name": "Project File Infection", "references": [], - "capability_description": "", + "capability_description": "LCDS LAquis SCADA", "capability_id": "CVE-2019-10980", "mapping_type": "uncategorized", "capability_group": "2019", @@ -18796,7 +18796,7 @@ "attack_object_id": "T1203", "attack_object_name": "Exploitation for Client Execution", "references": [], - "capability_description": "", + "capability_description": "LCDS LAquis SCADA", "capability_id": "CVE-2019-10980", "mapping_type": "uncategorized", "capability_group": "2019", diff --git a/src/mapex_convert/parse_cve_mappings.py b/src/mapex_convert/parse_cve_mappings.py index d3fdade6..c059d14a 100644 --- a/src/mapex_convert/parse_cve_mappings.py +++ b/src/mapex_convert/parse_cve_mappings.py @@ -1,3 +1,7 @@ +import requests +from loguru import logger + + def configure_cve_mappings(df, attack_id_to_name_dict): cve_mapping_types = [ "Primary Impact", @@ -72,6 +76,21 @@ def configure_cve_mappings(df, attack_id_to_name_dict): capability_year = capability_id[ capability_id.index("-") + 1 : row["CVE ID"].rindex("-") ] + capability_description = "" + # get capability product description from cve api + try: + response = requests.get( + f"https://cveawg.mitre.org/api/cve/{capability_id}/", + verify=False, + ).json() + descriptions = response["containers"]["cna"]["affected"] + capability_description = descriptions[0]["product"].strip() + except Exception: + logger.exception( + "Failed to fetch description for {capability_id}", + capability_id, + ) + # if group doesn't exist yet, create it if capability_year not in capability_groups: capability_groups[capability_year] = f"{capability_year} CVEs" @@ -82,7 +101,7 @@ def configure_cve_mappings(df, attack_id_to_name_dict): "attack_object_id": attack_object, "attack_object_name": name, "references": [], - "capability_description": "", + "capability_description": capability_description, "capability_id": row["CVE ID"], "mapping_type": mapping_type_id, "capability_group": capability_year, diff --git a/tests/expected_results/expected_results_json.py b/tests/expected_results/expected_results_json.py index 6312e637..f924fa9a 100644 --- a/tests/expected_results/expected_results_json.py +++ b/tests/expected_results/expected_results_json.py @@ -315,7 +315,6 @@ "references": None, "capability_description": "Cache poisoning. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Cache poisoning", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -326,7 +325,6 @@ "references": None, "capability_description": "Cross-site request forgery. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.CSRF", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -337,7 +335,6 @@ "references": None, "capability_description": "Mail command injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Mail command injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -348,7 +345,6 @@ "references": None, "capability_description": "Null byte injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Null byte injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -359,7 +355,6 @@ "references": None, "capability_description": "OS commanding. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.OS commanding", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -370,7 +365,6 @@ "references": None, "capability_description": "Path traversal. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Path traversal", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -381,7 +375,6 @@ "references": None, "capability_description": "Reverse engineering. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Reverse engineering", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -392,7 +385,6 @@ "references": None, "capability_description": "Remote file inclusion. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.RFI", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -403,7 +395,6 @@ "references": None, "capability_description": "Credential or session prediction. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Session prediction", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -414,7 +405,6 @@ "references": None, "capability_description": "Session replay. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Session replay", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -425,7 +415,6 @@ "references": None, "capability_description": "Special element injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.Special element injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -436,7 +425,6 @@ "references": None, "capability_description": "SQL injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.SQLi", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -447,7 +435,6 @@ "references": None, "capability_description": "SSI injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.SSI injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -458,7 +445,6 @@ "references": None, "capability_description": "URL redirector abuse. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.URL redirector abuse", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -469,7 +455,6 @@ "references": None, "capability_description": "Elevation of privilege by another customer in shared environment. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.User breakout", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -480,7 +465,6 @@ "references": None, "capability_description": "XQuery injection. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.XQuery injection", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -491,7 +475,6 @@ "references": None, "capability_description": "Cross-site scripting. Child of 'Exploit vuln'.", "capability_id": "action.hacking.variety.XSS", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -502,7 +485,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.hacking.variety.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -513,7 +495,6 @@ "references": None, "capability_description": "Graphical desktop sharing (RDP, VNC, PCAnywhere, Citrix)", "capability_id": "action.hacking.vector.Desktop sharing", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -524,7 +505,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.hacking.vector.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -535,7 +515,6 @@ "references": None, "capability_description": "VPN", "capability_id": "action.hacking.vector.VPN", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -546,7 +525,6 @@ "references": None, "capability_description": "Web application", "capability_id": "action.hacking.vector.Web application", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -557,7 +535,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.hacking.vector.Unknown", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -568,7 +545,6 @@ "references": None, "capability_description": "The hacking action resulted in additional security access", "capability_id": "action.hacking.result.Infiltrate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -579,7 +555,6 @@ "references": None, "capability_description": "The hacking action exfiltrated data from the victim", "capability_id": "action.hacking.result.Exfiltrate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -590,7 +565,6 @@ "references": None, "capability_description": "The hacking action resulted in additional security permissions", "capability_id": "action.hacking.result.Elevate", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -601,7 +575,6 @@ "references": None, "capability_description": "The hacking action used security access or permissions already acuired", "capability_id": "action.hacking.result.Lateral movement", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -612,7 +585,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.hacking.result.Deploy payload", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -623,7 +595,6 @@ "references": None, "capability_description": "The result of the hacking action is not listed", "capability_id": "action.hacking.result.Other", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -634,7 +605,6 @@ "references": None, "capability_description": "The result of the hacking action is unknown", "capability_id": "action.hacking.result.Unknown", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -645,7 +615,6 @@ "references": None, "capability_description": "The hacking action did not have a result", "capability_id": "action.hacking.result.NA", - "capability_group": "action.hacking", "status": "non_mappable", }, @@ -656,7 +625,6 @@ "references": None, "capability_description": "Downloader (pull updates or other malware)", "capability_id": "action.malware.variety.Downloader", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -667,7 +635,6 @@ "references": None, "capability_description": "Send spam", "capability_id": "action.malware.variety.Spam", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -678,7 +645,6 @@ "references": None, "capability_description": "SQL injection attack", "capability_id": "action.malware.variety.SQL injection", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -689,7 +655,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.malware.variety.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -700,7 +665,6 @@ "references": None, "capability_description": "Email. Parent to 'Email attachment', 'Email autoexecute', 'Email link', 'Email unknown'", "capability_id": "action.malware.vector.Email", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -711,7 +675,6 @@ "references": None, "capability_description": "Email via automatic execution. Child of 'Email'", "capability_id": "action.malware.vector.Email autoexecute", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -722,7 +685,6 @@ "references": None, "capability_description": "Email but sub-variety (attachment, autoexecute, link, etc) not known. Child of 'Email'", "capability_id": "action.malware.vector.Email unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -733,7 +695,6 @@ "references": None, "capability_description": "Email sub-variety known, but not one of those listed (attachment, link, autoexecute, etc). Child of 'Email'", "capability_id": "action.malware.vector.Email other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -744,7 +705,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.malware.vector.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -755,7 +715,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.malware.vector.Unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -766,7 +725,6 @@ "references": None, "capability_description": "The malware action resulted in additional security access", "capability_id": "action.malware.result.Infiltrate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -777,7 +735,6 @@ "references": None, "capability_description": "The malware action exfiltrated data from the victim", "capability_id": "action.malware.result.Exfiltrate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -788,7 +745,6 @@ "references": None, "capability_description": "The malware action resulted in additional security permissions", "capability_id": "action.malware.result.Elevate", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -799,7 +755,6 @@ "references": None, "capability_description": "The malware action used security access or permissions already acuired", "capability_id": "action.malware.result.Lateral movement", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -810,7 +765,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.malware.result.Deploy payload", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -821,7 +775,6 @@ "references": None, "capability_description": "The result of the malware action is not listed", "capability_id": "action.malware.result.Other", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -832,7 +785,6 @@ "references": None, "capability_description": "The result of the malware action is unknown", "capability_id": "action.malware.result.Unknown", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -843,7 +795,6 @@ "references": None, "capability_description": "The malware action did not have a result", "capability_id": "action.malware.result.NA", - "capability_group": "action.malware", "status": "non_mappable", }, @@ -854,7 +805,6 @@ "references": None, "capability_description": "Handling of data in an unapproved manner", "capability_id": "action.misuse.variety.Data mishandling", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -865,7 +815,6 @@ "references": None, "capability_description": "Inappropriate use of email or IM", "capability_id": "action.misuse.variety.Email misuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -876,7 +825,6 @@ "references": None, "capability_description": "Storage or distribution of illicit content", "capability_id": "action.misuse.variety.Illicit content", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -887,7 +835,6 @@ "references": None, "capability_description": "Abuse of private or entrusted knowledge", "capability_id": "action.misuse.variety.Knowledge abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -898,7 +845,6 @@ "references": None, "capability_description": "Inappropriate use of network or Web access including cloud services", "capability_id": "action.misuse.variety.Net misuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -909,7 +855,6 @@ "references": None, "capability_description": "Abuse of physical access to asset", "capability_id": "action.misuse.variety.Possession abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -920,7 +865,6 @@ "references": None, "capability_description": "Abuse of system access privileges", "capability_id": "action.misuse.variety.Privilege abuse", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -931,7 +875,6 @@ "references": None, "capability_description": "Actor photographs the confidentiality data variety.", "capability_id": "action.misuse.variety.Snap picture", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -942,7 +885,6 @@ "references": None, "capability_description": "Use of unapproved hardware or devices", "capability_id": "action.misuse.variety.Unapproved hardware", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -953,7 +895,6 @@ "references": None, "capability_description": "Use of unapproved software or services", "capability_id": "action.misuse.variety.Unapproved software", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -964,7 +905,6 @@ "references": None, "capability_description": "Unapproved workaround or shortcut", "capability_id": "action.misuse.variety.Unapproved workaround", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -975,7 +915,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.misuse.variety.Other", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -986,7 +925,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.misuse.variety.Unknown", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -997,7 +935,6 @@ "references": None, "capability_description": "Local network access within corporate facility", "capability_id": "action.misuse.vector.LAN access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1008,7 +945,6 @@ "references": None, "capability_description": "Non-corporate facilities or networks", "capability_id": "action.misuse.vector.Non-corporate", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1019,7 +955,6 @@ "references": None, "capability_description": "Physical access within corporate facility", "capability_id": "action.misuse.vector.Physical access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1030,7 +965,6 @@ "references": None, "capability_description": "Remote access connection to corporate network (i.e. VPN)", "capability_id": "action.misuse.vector.Remote access", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1041,7 +975,6 @@ "references": None, "capability_description": "Web application", "capability_id": "action.misuse.vector.Web application", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1052,7 +985,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.misuse.vector.Other", - "capability_group": "action.misuse", "status": "non_mappable", }, @@ -1343,7 +1275,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.social.vector.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1354,7 +1285,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.social.vector.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1365,7 +1295,6 @@ "references": None, "capability_description": "Auditor", "capability_id": "action.social.target.Auditor", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1376,7 +1305,6 @@ "references": None, "capability_description": "Call center staff", "capability_id": "action.social.target.Call center", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1387,7 +1315,6 @@ "references": None, "capability_description": "Cashier, teller or waiter", "capability_id": "action.social.target.Cashier", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1398,7 +1325,6 @@ "references": None, "capability_description": "Customer (B2C)", "capability_id": "action.social.target.Customer", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1409,7 +1335,6 @@ "references": None, "capability_description": "Software developer", "capability_id": "action.social.target.Developer", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1420,7 +1345,6 @@ "references": None, "capability_description": "End-user of the victim's products and/or services. Child of 'End-user or employee'", "capability_id": "action.social.target.End-user", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1431,7 +1355,6 @@ "references": None, "capability_description": "End-user or regular employee not otherwise listed. Parent of 'End-user' or 'Other employee'", "capability_id": "action.social.target.End-user or employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1442,7 +1365,6 @@ "references": None, "capability_description": "Senior staff with legal responsibility such as board members and corporate officers", "capability_id": "action.social.target.Executive", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1453,7 +1375,6 @@ "references": None, "capability_description": "Finance or accounting staff", "capability_id": "action.social.target.Finance", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1464,7 +1385,6 @@ "references": None, "capability_description": "Former employee", "capability_id": "action.social.target.Former employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1475,7 +1395,6 @@ "references": None, "capability_description": "Security guard", "capability_id": "action.social.target.Guard", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1486,7 +1405,6 @@ "references": None, "capability_description": "Helpdesk staff", "capability_id": "action.social.target.Helpdesk", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1497,7 +1415,6 @@ "references": None, "capability_description": "Human resources staff", "capability_id": "action.social.target.Human resources", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1508,7 +1425,6 @@ "references": None, "capability_description": "Maintenance or janitorial staff", "capability_id": "action.social.target.Maintenance", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1519,7 +1435,6 @@ "references": None, "capability_description": "Manager or supervisor", "capability_id": "action.social.target.Manager", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1530,7 +1445,6 @@ "references": None, "capability_description": "Regular employee not otherwise listed. Child of 'End-user or employee'", "capability_id": "action.social.target.Other employee", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1541,7 +1455,6 @@ "references": None, "capability_description": "Partner (B2B)", "capability_id": "action.social.target.Partner", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1552,7 +1465,6 @@ "references": None, "capability_description": "System or network administrator", "capability_id": "action.social.target.System admin", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1563,7 +1475,6 @@ "references": None, "capability_description": "Other", "capability_id": "action.social.target.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1574,7 +1485,6 @@ "references": None, "capability_description": "Unknown", "capability_id": "action.social.target.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1585,7 +1495,6 @@ "references": None, "capability_description": "The social action resulted in additional security access", "capability_id": "action.social.result.Infiltrate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1596,7 +1505,6 @@ "references": None, "capability_description": "The social action exfiltrated data from the victim", "capability_id": "action.social.result.Exfiltrate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1607,7 +1515,6 @@ "references": None, "capability_description": "The social action resulted in additional security permissions", "capability_id": "action.social.result.Elevate", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1618,7 +1525,6 @@ "references": None, "capability_description": "The social action used security access or permissions already acuired", "capability_id": "action.social.result.Lateral movement", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1629,7 +1535,6 @@ "references": None, "capability_description": "e.g. cryptomining, ransomware, etc", "capability_id": "action.social.result.Deploy payload", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1640,7 +1545,6 @@ "references": None, "capability_description": "The result of the social action is not listed", "capability_id": "action.social.result.Other", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1651,7 +1555,6 @@ "references": None, "capability_description": "The result of the social action is unknown", "capability_id": "action.social.result.Unknown", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1662,7 +1565,6 @@ "references": None, "capability_description": "The social action did not have a result", "capability_id": "action.social.result.NA", - "capability_group": "action.social", "status": "non_mappable", }, @@ -1673,7 +1575,6 @@ "references": None, "capability_description": "Initiate fraudulent transaction", "capability_id": "attribute.integrity.variety.Fraudulent transaction", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1684,7 +1585,6 @@ "references": None, "capability_description": "Hardware tampering or physical alteration", "capability_id": "attribute.integrity.variety.Hardware tampering", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1695,7 +1595,6 @@ "references": None, "capability_description": "Software installation or code modification", "capability_id": "attribute.integrity.variety.Software installation", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1706,7 +1605,6 @@ "references": None, "capability_description": "Other", "capability_id": "attribute.integrity.variety.Other", - "capability_group": "attribute.integrity", "status": "non_mappable", }, @@ -1717,7 +1615,6 @@ "references": None, "capability_description": "No type of development was necessary", "capability_id": "value_chain.development.variety.NA", - "capability_group": "value_chain.development", "status": "non_mappable", }, @@ -1728,7 +1625,6 @@ "references": None, "capability_description": "Command and control. Separate from distribution of mawlare or bots, this is how they are maintained", "capability_id": "value_chain.non-distribution services.variety.C2", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1739,7 +1635,6 @@ "references": None, "capability_description": "Services for testing if malware is detected by anti-virus", "capability_id": "value_chain.non-distribution services.variety.Counter AV", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1750,7 +1645,6 @@ "references": None, "capability_description": "DNS services including fast flux", "capability_id": "value_chain.non-distribution services.variety.DNS", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1761,7 +1655,6 @@ "references": None, "capability_description": "Something kept in the custody of a third party until a condition has been fulfilled.", "capability_id": "value_chain.non-distribution services.variety.Escrow", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1772,7 +1665,6 @@ "references": None, "capability_description": "i.e. converting hashes into the text that produce them", "capability_id": "value_chain.non-distribution services.variety.Hashcracking", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1783,7 +1675,6 @@ "references": None, "capability_description": "Use of a marketplace was required as part of this incident.", "capability_id": "value_chain.non-distribution services.variety.Marketplace", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1794,7 +1685,6 @@ "references": None, "capability_description": "A proxy service (either formally or informally hosted) is used by the actor to obscure their source", "capability_id": "value_chain.non-distribution services.variety.Proxy", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1805,7 +1695,6 @@ "references": None, "capability_description": "A VPN service (either formally or informally hosted) is used by the actor to obscure their source", "capability_id": "value_chain.non-distribution services.variety.VPN", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1816,7 +1705,6 @@ "references": None, "capability_description": "No type of non-distribution service was necessary", "capability_id": "value_chain.non-distribution services.variety.NA", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1827,7 +1715,6 @@ "references": None, "capability_description": "Nothing is known about the need for or type of non-distribution service investment other than it was present.", "capability_id": "value_chain.non-distribution services.variety.Unknown", - "capability_group": "value_chain.non-distribution_services", "status": "non_mappable", }, @@ -1838,7 +1725,6 @@ "references": None, "capability_description": "Credentials the system came with", "capability_id": "value_chain.targeting.variety.Default credentials", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1849,7 +1735,6 @@ "references": None, "capability_description": "Knowledge of system misconfigurations used to pick an organization as a target", "capability_id": "value_chain.targeting.variety.Misconfigurations", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1860,7 +1745,6 @@ "references": None, "capability_description": "The actor used access to a partner to target the victim.", "capability_id": "value_chain.targeting.variety.Partner", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1871,7 +1755,6 @@ "references": None, "capability_description": "Knowledge of software vulnerabilities, both at an organization or associated with a specific vendor's product, used to pick them as a target.", "capability_id": "value_chain.targeting.variety.Vulnerabilities", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1882,7 +1765,6 @@ "references": None, "capability_description": "Knowledge of weaknesses other than vulnerability and misconfigurations used to pick an organization as a target", "capability_id": "value_chain.targeting.variety.Weaknesses", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1893,7 +1775,6 @@ "references": None, "capability_description": "No type of targeting was necessary. (This includes targeted.Targeted since the victim was chosen without targeting.", "capability_id": "value_chain.targeting.variety.NA", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1904,7 +1785,6 @@ "references": None, "capability_description": "The variety of targeting was known, but is not listed", "capability_id": "value_chain.targeting.variety.Other", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1915,7 +1795,6 @@ "references": None, "capability_description": "Nothing is known about the need for or type of targeting investment other than it was present.", "capability_id": "value_chain.targeting.variety.Unknown", - "capability_group": "value_chain.targeting", "status": "non_mappable", }, @@ -1926,7 +1805,6 @@ "references": None, "capability_description": "Distributed directly from the actor's computer", "capability_id": "value_chain.distribution.variety.Direct", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1937,7 +1815,6 @@ "references": None, "capability_description": "Distribution by email including anonymous/one time and spam", "capability_id": "value_chain.distribution.variety.Email", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1948,7 +1825,6 @@ "references": None, "capability_description": "malware that loads other malware", "capability_id": "value_chain.distribution.variety.Loader", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1959,7 +1835,6 @@ "references": None, "capability_description": "The actor distributed the attack to the victim through a partner, (i.e. supply chain attack).", "capability_id": "value_chain.distribution.variety.Partner", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1970,7 +1845,6 @@ "references": None, "capability_description": "Distribution over the Plain Old Telephone System (POTS).", "capability_id": "value_chain.distribution.variety.Phone", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1981,7 +1855,6 @@ "references": None, "capability_description": "No type of distribution was necessary", "capability_id": "value_chain.distribution.variety.NA", - "capability_group": "value_chain.distribution", "status": "non_mappable", }, @@ -1992,7 +1865,6 @@ "references": None, "capability_description": "", "capability_id": "attribute.confidentiality.data_disclosure", - "capability_group": "attribute.confidentiality", "status": "non_mappable", }, @@ -2020,7 +1892,7 @@ "attack_object_id": "T1059", "attack_object_name": "Name for T1059", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2030,7 +1902,7 @@ "attack_object_id": "T1190", "attack_object_name": "Name for T1190", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2040,7 +1912,7 @@ "attack_object_id": "T1078", "attack_object_name": "Name for T1078", "references": [], - "capability_description": "", + "capability_description": "Cisco SPA112 2-Port Phone Adapter", "capability_id": "CVE-2019-15243", "capability_group": "2019", "status": "complete", @@ -2050,7 +1922,7 @@ "attack_object_id": "T1068", "attack_object_name": "Name for T1068", "references": [], - "capability_description": "", + "capability_description": "Cisco Data Center Network Manager", "capability_id": "CVE-2019-15976", "capability_group": "2019", "status": "complete",