Query Details

Most Exploited Vulnerabilities2022

Query

CVE	Vendor	Product	Type
CVE-2018-13379	Fortinet	FortiOS and FortiProxy	SSL VPN credential exposure
CVE-2021-34473 (Proxy Shell)	Microsoft	Exchange Server	RCE
CVE-2021-31207 (Proxy Shell)	Microsoft	Exchange Server	Security Feature Bypass
CVE-2021-34523 (Proxy Shell)	Microsoft	Exchange Server	Elevation of Privilege
CVE-2021-40539	Zoho	ADSelfService Plus	RCE/Auth Bypass
CVE-2021-26084	Atlassian	Confluence Server/Data Center	Arbitrary code execution
CVE-2021- 44228 (Log4Shell)	Apache	Log4j2	RCE
CVE-2022-22954	VMware	Workspace ONE	RCE
CVE-2022-22960	VMware	Workspace ONE	Improper Privilege Management
CVE-2022-1388	F5 Networks	BIG-IP	Missing Authentication
CVE-2022-30190	Microsoft	Multiple Products	RCE
CVE-2022-26134	Atlassian	Confluence Server/Data Center	RCE

About this query

Explanation

This query is designed to identify devices that are vulnerable to some of the most exploited security vulnerabilities in 2022. Here's a simple breakdown of what the query does:

  1. Define a List of Vulnerabilities: It starts by creating a list of Common Vulnerabilities and Exposures (CVEs) that were most exploited in 2022. These include vulnerabilities in products from companies like Microsoft, Fortinet, Zoho, Atlassian, Apache, VMware, and F5 Networks.

  2. Filter Devices: The query then checks which devices in the network have these vulnerabilities. It looks for devices that have any of the listed CVEs.

  3. Add Contextual Information: For each vulnerable device, the query retrieves additional information about the vulnerability, such as a description, by joining with another dataset that contains detailed information about each CVE.

  4. Output Results: Finally, it outputs a list of devices, their operating systems, the specific CVE they are vulnerable to, and a description of the vulnerability. This information can be used to prioritize patching efforts to secure the network.

The query is part of a cybersecurity effort to prevent breaches by identifying and addressing known vulnerabilities that attackers have frequently exploited.

Details

Bert-Jan Pals profile picture

Bert-Jan Pals

Released: January 18, 2026

Tables

DeviceTvmSoftwareVulnerabilitiesDeviceTvmSoftwareVulnerabilitiesKBDeviceEvents

Keywords

Devices

Operators

letdynamicinwherejoinkindinnerproject

Actions

GitHub