American Airlines
Company Details
Linkedin ID:
american-airlines
Website:
Employees number:
57,213
Number of followers:
1,198,922
NAICS:
481
Industry Type:
Homepage:
aa.com
IP Addresses:
0
Company ID:
AME_2540413
Scan Status:
In-progress
American Airlines Company CyberSecurity Posture
aa.com
Embark on an adventure with a commitment to service, excellence and humanity. Our team is what powers our airline. We are proudly dedicated to our purpose of caring for people on life’s journey, including connecting our customers to the people and places they love or providing our team members development and leadership opportunities to acquire new skills and explore their potential. With more than 1,300 aircraft in our mainline and regional fleets combined and an extensive route network that touches six continents, we’ve got a place for you to start — or continue — your career. Whether you’re stationed at one of our hundreds of airports, working out of our state-of-the-art headquarters in Fort Worth, Texas, or serving customers over the phone from your home office, there are endless opportunities for you to grow and lead at American.
American Airlines A.I CyberSecurity Scoring
American Airlines Risk Score (AI oriented)Between 600 and 649
American Airlines
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
American Airlines Global Score (TPRM)XXXX
American Airlines
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
American Airlines Company CyberSecurity News & History
Past Incidents
5
Attack Types
1
American Airlines, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: American Airlines reported a data breach involving its third-party vendor, pilotcredentials.com, on June 23, 2023. The breach occurred on or around April 30, 2023, and potentially exposed personal information of applicants, including names and Social Security numbers. Approximately 1,000 individuals were affected.
American Airlines
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: American Airlines suffered from a data breach incident, an unauthorized actor gained access to the personal information of customers and employees through a phishing campaign. The exposed information includes address, phone number, driver's license number, passport number, and certain medical information. They engaged a third-party cybersecurity forensic firm for the investigation and implemented additional technical safeguards to prevent a similar incident from occurring in the future.
American Airlines, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that American Airlines experienced unauthorized access to its online AAdvantage accounts, with the incident occurring on or about December 30, 2014. The breach potentially exposed personal information, including names, email addresses, phone numbers, and the last four digits of credit/debit cards, affecting an unspecified number of individuals. The breach was reported on January 15, 2015.
American Airlines, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General reported on September 16, 2022, a data breach affecting American Airlines from July 3 to July 7, 2022, due to external system hacking. This breach involved personal data, including driver's license numbers, and affected a total of 1,708 individuals.
American Airlines
Breach
Rankiteo Explanation
Attack that could injure or kill people
Description: A preliminary report from the National Transportation Safety Board found indications maintenance errors could be at fault for an American Airlines plane that caught fire after making an emergency landing at Denver International Airport in March. Investigators discovered some parts were loose and appeared to be installed incorrectly, with one allowing fuel to leak from the fitting. The fire was put out in less than a minute by ground crews in Denver. Twelve people were taken to a hospital with minor injuries following the fire.
American Airlines Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for American Airlines
Incidents vs Airlines and Aviation Industry Average (This Year)
American Airlines has 127.27% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
American Airlines has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types American Airlines vs Airlines and Aviation Industry Avg (This Year)
American Airlines reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — American Airlines (X = Date, Y = Severity)
American Airlines cyber incidents detection timeline including parent company and subsidiaries
American Airlines Company Subsidiaries
Embark on an adventure with a commitment to service, excellence and humanity. Our team is what powers our airline. We are proudly dedicated to our purpose of caring for people on life’s journey, including connecting our customers to the people and places they love or providing our team members development and leadership opportunities to acquire new skills and explore their potential. With more than 1,300 aircraft in our mainline and regional fleets combined and an extensive route network that touches six continents, we’ve got a place for you to start — or continue — your career. Whether you’re stationed at one of our hundreds of airports, working out of our state-of-the-art headquarters in Fort Worth, Texas, or serving customers over the phone from your home office, there are endless opportunities for you to grow and lead at American.
Loading...
American Airlines Similar Companies
Etihad
Marhaba! Welcome to Etihad Airways. We are proud to be the national airline of the UAE, flying to 100+ destinations via Abu Dhabi. At Etihad, we don't stop at the border of what's possible, we go beyond it. Proudly inspired by our Emirati identity, we are dedicated to delivering extraordinary trave
SAUDI AIRLINES
At Saudia Group, we're on a mission to inspire people to go beyond borders. Our purpose is rooted in unlocking human potential and connecting the world in ways never thought possible. We are committed to reshaping the aviation ecosystem in our region and beyond, by embracing innovation and a custome
Grupo Aeromexico, S.A.B. de C.V. is a holding company whose subsidiaries are engaged in commercial aviation and the promotion of passenger loyalty programs in Mexico. Aeromexico, Mexico’s global airline, operates more than 600 daily flights and has its main hub in Terminal 2 of the Mexico City Inter
Ryanair - Europe's Favourite Airline
Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Ryanair DAC, Lauda, Buzz and Ryanair UK. Carrying 160m+ guests p.a. on over 3,000 daily flights to/from 225 airports. Plan to carry 225m+ guests p.a. by 2026. Unfortunately, we are unable to answer customer service que
JetBlue
When JetBlue first took flight in February 2000, our founding goal was to bring humanity back to air travel, and over two decades later, we still put our customers, crewmembers and communities at the center of everything we do. Before we even had aircraft to fly, our founders selected five values
Canada's largest airline, the country’s flag carrier and a founding member of Star Alliance, the world's most comprehensive air transportation network celebrating its 25thanniversary in 2022, Air Canada provides scheduled passenger service directly to 51 airports in Canada, 51 in the United States a
AirAsia
It all starts here. 23 years ago, a dream took flight - shaping and forever changing the travel industry in Asia. The idea was simple: Make flying affordable for everyone. We made that dream happen. We started an airline in 2001. Today, we’ve evolved to become something much bigger. We’re now a wo
The Lufthansa Group is an aviation company with operations worldwide. It plays a leading role in its European home market. With 109,509 employees, the Lufthansa Group generated revenue of EUR 32.770m in the financial year 2022. The Passenger Airlines segment includes, on the one hand, the network a
British Airways
As a global airline and the UK’s flag carrier, British Airways has been flying its customers to where they need to be for more than 100 years. The airline connects Britain with the world and the world with Britain, operating one of the most extensive international scheduled airline route networks to
.png)
American Airlines CyberSecurity News
October 22, 2025 07:00 AM
Security Leaders Discuss Cyberattack on American Airlines Subsidiary
Envoy Air, subsidiary of American Airlines, experienced a cyberattack. A spokesperson for the organization told Reuters that the company has...
October 21, 2025 07:00 AM
American Airlines Subsidiary Suffers Data Breach
Envoy Air, part of American Airlines, has confirmed that it was targeted by the CIop ransomware group. Written by. Gus Mallett.
October 20, 2025 07:00 AM
American Airlines Subsidiary Envoy Air Hit by Oracle Hack
American Airlines subsidiary Envoy Air has confirmed being impacted by the recent Oracle's E-Business Suite (EBS) hack.
October 20, 2025 07:00 AM
American Airlines Subsidiary Breached Via Oracle Zero-Day Exploit
Envoy Air, the largest regional carrier for American Airlines, has confirmed a data breach tied to a cyberattack campaign exploiting...
October 19, 2025 07:00 AM
American Airlines’ Largest Regional Subsidiary Suffers Data Breach
Envoy Air confirms Oracle E-Business Suite data breach linked to Clop ransomware exploiting a 2025 zero-day vulnerability.
October 19, 2025 07:00 AM
Envoy Air Joins Qantas, Aeroflot, Vietnam Airlines in Facing Worst Cybersecurity Breach, This is the Biggest Threat to Aviation Sector This Year
Envoy Air joins Qantas, Aeroflot, and Vietnam Airlines in facing the worst cybersecurity breach of 2025. This massive cyberattack has shaken...
October 19, 2025 06:00 AM
Envoy Subsidiary of American Airlines Hit by Oracle Cyberattack
Envoy, a subsidiary of American Airlines, falls victim to a major Oracle cyberattack. Discover the impact and what this means for travelers...
October 18, 2025 07:00 AM
American Airlines Subsidiary Envoy Compromised in Oracle Hacking Campaign
Envoy Air, a wholly owned subsidiary of American Airlines, has confirmed it fell victim to a hacking campaign exploiting vulnerabilities in...
October 17, 2025 07:00 AM
Envoy Air targeted in Oracle-linked hacking campaign
Envoy Air, American Airlines' largest regional carrier, suffered a hack in recent days as part of the wave of extortion attempts from...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
American Airlines CyberSecurity History Information
Official Website of American Airlines
The official website of American Airlines is http://jobs.aa.com.
American Airlines’s AI-Generated Cybersecurity Score
According to Rankiteo, American Airlines’s AI-generated cybersecurity score is 639, reflecting their Poor security posture.
How many security badges does American Airlines’ have ?
According to Rankiteo, American Airlines currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does American Airlines have SOC 2 Type 1 certification ?
According to Rankiteo, American Airlines is not certified under SOC 2 Type 1.
Does American Airlines have SOC 2 Type 2 certification ?
According to Rankiteo, American Airlines does not hold a SOC 2 Type 2 certification.
Does American Airlines comply with GDPR ?
According to Rankiteo, American Airlines is not listed as GDPR compliant.
Does American Airlines have PCI DSS certification ?
According to Rankiteo, American Airlines does not currently maintain PCI DSS compliance.
Does American Airlines comply with HIPAA ?
According to Rankiteo, American Airlines is not compliant with HIPAA regulations.
Does American Airlines have ISO 27001 certification ?
According to Rankiteo,American Airlines is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of American Airlines
American Airlines operates primarily in the Airlines and Aviation industry.
Number of Employees at American Airlines
American Airlines employs approximately 57,213 people worldwide.
Subsidiaries Owned by American Airlines
American Airlines presently has no subsidiaries across any sectors.
American Airlines’s LinkedIn Followers
American Airlines’s official LinkedIn profile has approximately 1,198,922 followers.
NAICS Classification of American Airlines
American Airlines is classified under the NAICS code 481, which corresponds to Air Transportation.
American Airlines’s Presence on Crunchbase
No, American Airlines does not have a profile on Crunchbase.
American Airlines’s Presence on LinkedIn
Yes, American Airlines maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/american-airlines.
Cybersecurity Incidents Involving American Airlines
As of November 27, 2025, Rankiteo reports that American Airlines has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
American Airlines has an estimated 3,298 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at American Airlines ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does American Airlines detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with engaged a third-party cybersecurity forensic firm, and remediation measures with implemented additional technical safeguards, and containment measures with fire put out by ground crews in less than a minute..
Incident Details
Can you provide details on each incident ?
Title: American Airlines Data Breach
Description: American Airlines suffered from a data breach incident, an unauthorized actor gained access to the personal information of customers and employees through a phishing campaign.
Type: Data Breach
Attack Vector: Phishing
Threat Actor: Unauthorized actor
Title: American Airlines Plane Fire Incident
Description: A preliminary report from the National Transportation Safety Board found indications maintenance errors could be at fault for an American Airlines plane that caught fire after making an emergency landing at Denver International Airport in March.
Date Detected: March 2025
Type: Physical Incident
Vulnerability Exploited: Maintenance errors
Title: American Airlines Data Breach
Description: American Airlines reported a data breach involving its third-party vendor, pilotcredentials.com, on June 23, 2023. The breach occurred on or around April 30, 2023, and potentially exposed personal information of applicants, including names and Social Security numbers. Approximately 1,000 individuals were affected.
Date Detected: 2023-06-23
Date Publicly Disclosed: 2023-06-23
Type: Data Breach
Title: American Airlines Data Breach
Description: The Maine Office of the Attorney General reported on September 16, 2022, a data breach affecting American Airlines from July 3 to July 7, 2022, due to external system hacking. This breach involved personal data, including driver's license numbers, and affected a total of 1,708 individuals.
Date Detected: 2022-07-03
Date Publicly Disclosed: 2022-09-16
Type: Data Breach
Attack Vector: External System Hacking
Title: American Airlines AAdvantage Accounts Breach
Description: Unauthorized access to American Airlines' online AAdvantage accounts potentially exposed personal information, including names, email addresses, phone numbers, and the last four digits of credit/debit cards.
Date Detected: 2014-12-30
Date Publicly Disclosed: 2015-01-15
Type: Data Breach
Attack Vector: Unauthorized Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach AME104022922
Data Compromised: Address, Phone number, Driver's license number, Passport number, Certain medical information
Incident : Physical Incident AME404060825
Systems Affected: Airplane engine and escape slide
Operational Impact: Emergency landing, passenger evacuation
Incident : Data Breach AME516072625
Data Compromised: Names, Social security numbers
Incident : Data Breach AME836072825
Data Compromised: Driver's license numbers
Incident : Data Breach AME1015072825
Data Compromised: Names, Email addresses, Phone numbers, Last four digits of credit/debit cards
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information Of Customers And Employees, , Names, Social Security Numbers, , Personal Data, Names, Email Addresses, Phone Numbers, Last Four Digits Of Credit/Debit Cards and .
Which entities were affected by each incident ?
Incident : Data Breach AME104022922
Entity Name: American Airlines
Entity Type: Company
Industry: Airline
Incident : Physical Incident AME404060825
Entity Name: American Airlines
Entity Type: Airline
Industry: Aviation
Location: Denver International Airport
Customers Affected: 172
Incident : Data Breach AME516072625
Entity Name: American Airlines
Entity Type: Airline
Industry: Aviation
Customers Affected: 1000
Incident : Data Breach AME836072825
Entity Name: American Airlines
Entity Type: Company
Industry: Aviation
Customers Affected: 1708
Incident : Data Breach AME1015072825
Entity Name: American Airlines
Entity Type: Corporation
Industry: Aviation
Location: United States
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach AME104022922
Third Party Assistance: Engaged a third-party cybersecurity forensic firm
Remediation Measures: Implemented additional technical safeguards
Incident : Physical Incident AME404060825
Containment Measures: Fire put out by ground crews in less than a minute
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Engaged a third-party cybersecurity forensic firm.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach AME104022922
Type of Data Compromised: Personal information of customers and employees
Sensitivity of Data: High
Personally Identifiable Information: AddressPhone numberDriver's license numberPassport number
Incident : Data Breach AME516072625
Type of Data Compromised: Names, Social security numbers
Number of Records Exposed: 1000
Sensitivity of Data: High
Incident : Data Breach AME836072825
Type of Data Compromised: Personal Data
Number of Records Exposed: 1708
Sensitivity of Data: High
Personally Identifiable Information: Driver's License Numbers
Incident : Data Breach AME1015072825
Type of Data Compromised: Names, Email addresses, Phone numbers, Last four digits of credit/debit cards
Personally Identifiable Information: NamesEmail AddressesPhone Numbers
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented additional technical safeguards.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by fire put out by ground crews in less than a minute.
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Physical Incident AME404060825
Lessons Learned: Investigation into maintenance errors and escape slide malfunction
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Investigation into maintenance errors and escape slide malfunction.
References
Where can I find more information about each incident ?
Incident : Physical Incident AME404060825
Source: CBS News
Incident : Data Breach AME836072825
Source: Maine Office of the Attorney General
Date Accessed: 2022-09-16
Incident : Data Breach AME1015072825
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: CBS News, and Source: Maine Office of the Attorney GeneralDate Accessed: 2022-09-16, and Source: California Office of the Attorney General.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Physical Incident AME404060825
Investigation Status: Under investigation by NTSB
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Physical Incident AME404060825
Root Causes: Maintenance errors leading to fuel leak and fire
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Engaged a third-party cybersecurity forensic firm.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized actor.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on March 2025.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2015-01-15.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Address, Phone number, Driver's license number, Passport number, Certain medical information, , names, Social Security numbers, , Driver's License Numbers, , Names, Email Addresses, Phone Numbers, Last four digits of credit/debit cards and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Engaged a third-party cybersecurity forensic firm.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Fire put out by ground crews in less than a minute.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone Numbers, Email Addresses, Social Security numbers, Driver's License Numbers, Passport number, Last four digits of credit/debit cards, Driver's license number, Phone number, Certain medical information, Address, names and Names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 278.0.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Investigation into maintenance errors and escape slide malfunction.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Maine Office of the Attorney General, CBS News and California Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Under investigation by NTSB.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=american-airlines' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
