CMA CGM
Company Details
Linkedin ID:
cma-cgm
Website:
Employees number:
29,493
Number of followers:
1,447,515
NAICS:
47
Industry Type:
Homepage:
cma-cgm.com
IP Addresses:
0
Company ID:
CMA_3883102
Scan Status:
In-progress
CMA CGM Company CyberSecurity Posture
cma-cgm.com
The CMA CGM Group is a global player in sea, land, air and logistics solutions, true to its corporate Purpose, "We imagine better ways to serve a world in motion". Present in 177 countries, it employs 160,000 people, of which nearly 6,000 in Marseilles where its head office is located. The world's 3rd largest shipping company, CMA CGM serves more than 420 ports across 5 continents with a fleet of over 650 vessels. In 2024, CMA CGM carried over 23 million TEU (twenty-foot equivalent unit) containers. Its subsidiary CEVA Logistics, one of the world's top five players, operates 1,000 warehouses and handled 15 million shipments in 2024. CMA CGM AIR CARGO, the Group's air freight division, will operate a fleet of 6 cargo aircraft by 2025. CMA Media, France's 3rd largest private media group, includes RMC-BFM and several national and regional press titles (La Tribune Dimanche, La Tribune, La Provence and Corse Matin). Committed to energy transition, the CMA CGM Group is aiming for Net Zero Carbon by 2050. The CMA CGM Foundation provides humanitarian aid in crisis situations, and is committed to education for all and equal opportunities throughout the world. To date, the CMA CGM Foundation has transported 63,000 tons of humanitarian aid to 97 countries and supported over 550 educational projects.
CMA CGM A.I CyberSecurity Scoring
CMA CGM Risk Score (AI oriented)Between 750 and 799
CMA CGM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CMA CGM Global Score (TPRM)XXXX
CMA CGM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CMA CGM Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
CMA CGM (Assumed based on the context of a major container vessel attack in 2017)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In February 2017, a container vessel operated by a leading global shipping company fell victim to a sophisticated cyber attack orchestrated by African pirates. The hackers targeted the ship’s **Navigation Systems** while it was en route from **Cyprus to Djibouti**, aiming to seize full control and redirect it to a location where they could physically hijack the vessel. The attack rendered the ship **unmaneuverable for 10 hours**, forcing the crew to bring in **IT experts** to restore system functionality after repeated failed attempts. The incident compromised the **availability and integrity** of the ship’s critical systems, posing severe risks to **crew safety, cargo security, and operational continuity**. Had the pirates succeeded in fully controlling the vessel, the consequences could have included **financial losses from ransom demands, cargo theft, reputational damage, and potential environmental hazards** if the ship had been diverted to unsafe waters. The attack highlighted vulnerabilities in **maritime cybersecurity**, particularly in legacy navigation and communication systems, which remain prime targets for cyber-criminals exploiting gaps in industrial control systems (ICS) and operational technology (OT).
CMA CGM
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In September 2021, **CMA CGM**, a France-based global shipping and logistics giant, fell victim to a **cyber-attack involving Ragnar Locker ransomware**. The attackers infiltrated the company’s network, **stole and encrypted customer data**, and demanded a ransom. To contain the breach, CMA CGM **disconnected its global network from the internet**, halting all **online booking services, operational requests, and partially disrupting port and vessel operations**. Customers were forced to rely on local offices for bookings and inquiries, causing significant operational delays.After the company **refused to pay the ransom**, the hackers **leaked all stolen data**, exacerbating the impact. The attack not only compromised **sensitive customer information** but also **crippled critical business functions**, leading to financial losses, reputational damage, and logistical chaos across its global supply chain. The incident highlighted vulnerabilities in maritime cybersecurity and the severe consequences of ransomware attacks on large-scale industrial operations.
CMA CGM
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In late September 2020, the French shipping giant **CMA CGM** fell victim to a **Ragnar Locker ransomware attack** orchestrated by the **Ragnar Locker Gang**. The cybercriminals **exfiltrated personal data of clients** and encrypted critical systems, demanding a ransom in exchange for a decryption key. While the **marine and port operations remained functional**, the attack **disrupted online booking services, operational requests, and loading processes**, forcing customers to rely on local offices for assistance. The company **isolated its global network by cutting internet access** to contain the ransomware’s spread. The primary motive was **financial extortion**, though the exact ransom amount was not disclosed publicly. The incident caused **operational slowdowns, reputational damage, and potential long-term trust erosion** among clients, though no evidence suggested a complete halt in core shipping activities. The stolen **customer data** heightened concerns over **privacy breaches and regulatory compliance risks**.
CMA CGM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CMA CGM
Incidents vs Transportation, Logistics, Supply Chain and Storage Industry Average (This Year)
No incidents recorded for CMA CGM in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for CMA CGM in 2025.
Incident Types CMA CGM vs Transportation, Logistics, Supply Chain and Storage Industry Avg (This Year)
No incidents recorded for CMA CGM in 2025.
Incident History — CMA CGM (X = Date, Y = Severity)
CMA CGM cyber incidents detection timeline including parent company and subsidiaries
CMA CGM Company Subsidiaries
The CMA CGM Group is a global player in sea, land, air and logistics solutions, true to its corporate Purpose, "We imagine better ways to serve a world in motion". Present in 177 countries, it employs 160,000 people, of which nearly 6,000 in Marseilles where its head office is located. The world's 3rd largest shipping company, CMA CGM serves more than 420 ports across 5 continents with a fleet of over 650 vessels. In 2024, CMA CGM carried over 23 million TEU (twenty-foot equivalent unit) containers. Its subsidiary CEVA Logistics, one of the world's top five players, operates 1,000 warehouses and handled 15 million shipments in 2024. CMA CGM AIR CARGO, the Group's air freight division, will operate a fleet of 6 cargo aircraft by 2025. CMA Media, France's 3rd largest private media group, includes RMC-BFM and several national and regional press titles (La Tribune Dimanche, La Tribune, La Provence and Corse Matin). Committed to energy transition, the CMA CGM Group is aiming for Net Zero Carbon by 2050. The CMA CGM Foundation provides humanitarian aid in crisis situations, and is committed to education for all and equal opportunities throughout the world. To date, the CMA CGM Foundation has transported 63,000 tons of humanitarian aid to 97 countries and supported over 550 educational projects.
Loading...
CMA CGM Similar Companies
ADNOC Logistics & Services
ADNOC L&S is the region’s largest shipping and integrated logistics company and a global energy maritime logistics leader with a world-class asset base. It is the maritime logistics arm of ADNOC Group, a key enabler to ADNOC’s strategy and a catalyst for Abu Dhabi’s growth and diversification, deliv
C.H. Robinson
C.H. Robinson is the global leader in Lean AI supply chains. For more than a century, companies everywhere have looked to us to reimagine how goods move. Now, as we redefine what’s next for the industry, that same drive fuels our commitment to Building Tomorrow’s Supply Chains, Today™. Trusted by 83
DHL Express
Leading the way in international logistics across an unparalleled network of 220 countries and territories. With decades of experience, we’re your ideal partner for flexible, sustainable shipping to support your growing business and help you expand into new markets. DHL website terms and conditions
Amazon DSP
Amazon Delivery Service Partner Programm Wir suchen praxisorientierte Unternehmer, die mit Leidenschaft großartige Teams aufbauen und entwickeln. Mit niedrigen Anlaufkosten, einer hohen Nachfrage, dem Zugang zu Technologien und dem umfassenden Logistik-Know-how von Amazon ist dies die Gelegenheit, e
Österreichische Post AG
Die Österreichische Post AG ist ein international tätiger Post-, Logistik- und Dienstleistungskonzern mit herausragender Bedeutung für Österreich. Konzernweit erwirtschaftete die Post im Jahr 2024 mit ihren rund 28.000 Mitarbeiter*innen einen Jahresumsatz von über 3,1 Mrd EUR. In Österreich umfasst
Poste Italiane
With our over 160-year history, approximately 120,000 employees and 12,800 post offices, total financial assets of €580 billion and 35 million customers, the Group occupies a unique position in terms of size, recognisability, reach and customer loyalty. Poste Italiane is Italy's largest service inf
Toll Group
At Toll, we do more than just logistics - we move the businesses that move the world. Our 16,000 team members can help solve any logistics, transport, or supply chain challenge – big or small. We have been supporting our customers for more than 130 years. Today, we support more than 20,000 customers
DHL Global Forwarding
The Freight Forwarding experts since 1815. Our passion is to enable international trade. We simplify our customer operations and maximize their opportunities. Let's stay connected. DHL Global Forwarding is part of Deutsche Post DHL Group with more than 31,000 freight forwarding experts in more th
UPS Supply Chain Solutions
UPS Supply Chain Solutions offers a comprehensive portfolio of services to enhance customers' business performance, including logistics and distribution, transportation and freight, consulting, customs brokerage, and international trade services. UPS provides the expertise and the scale to meet the
.png)
CMA CGM CyberSecurity News
November 14, 2025 07:48 AM
PEMA advice on cyber security
The Port Equipment Manufacturers' Association (PEMA) have published the 31st Information Paper on the topic of cybersecurity in container...
August 27, 2025 07:00 AM
Shipping giant CMA CGM Group eyes investment in southern Vietnam
France's CMA CGM Group, the world's third-largest shipping company, is exploring Ho Chi Minh City's seaport development plans with a view to...
August 01, 2025 07:00 AM
News Content Hub - Cyber criminals and bad actors roam on the high seas
Shipping is being targeted with an unprecedented level of cyber attacks, as hackers use AI-enhanced tools to launch phishing schemes,...
July 02, 2025 11:00 AM
Ethics and Compliance
The CMA CGM Group Code of Ethics sets the principles and guidelines that should govern our relations, as employees, with colleagues, commercial partners,...
June 17, 2025 07:00 AM
Singapore and France Sign Enhanced Maritime Partnership to Advance Green and Digital Shipping
Singapore and France have signed an Enhanced Maritime Partnership Agreement aimed at strengthening bilateral collaboration in key areas of the global maritime...
June 04, 2025 07:00 AM
France, Singapore Deepen Maritime Ties with Enhanced Partnership Agreement
France and Singapore have signed an Enhanced Maritime Partnership Agreement, marking a major step forward in bilateral maritime cooperation.
June 03, 2025 07:00 AM
Singapore, France ink maritime partnership agreement
The agreement will cover collaboration in maritime digitalisation, cybersecurity, innovation and training, and builds on an earlier partnership established in...
June 02, 2025 07:00 AM
Singapore And France Partner On Bio-LNG
The agreement covers collaboration in maritime decarbonization, digitalization, cybersecurity, innovation and training, and builds on an earlier partnership.
May 26, 2025 07:00 AM
France, Vietnam sign deals worth $10 billion as Macron visits Hanoi
During Emmanuel Macron's Hanoi visit, France and Vietnam secured $10 billion in agreements across various sectors, aiming to bolster...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CMA CGM CyberSecurity History Information
Official Website of CMA CGM
The official website of CMA CGM is http://www.cma-cgm.com.
CMA CGM’s AI-Generated Cybersecurity Score
According to Rankiteo, CMA CGM’s AI-generated cybersecurity score is 761, reflecting their Fair security posture.
How many security badges does CMA CGM’ have ?
According to Rankiteo, CMA CGM currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does CMA CGM have SOC 2 Type 1 certification ?
According to Rankiteo, CMA CGM is not certified under SOC 2 Type 1.
Does CMA CGM have SOC 2 Type 2 certification ?
According to Rankiteo, CMA CGM does not hold a SOC 2 Type 2 certification.
Does CMA CGM comply with GDPR ?
According to Rankiteo, CMA CGM is not listed as GDPR compliant.
Does CMA CGM have PCI DSS certification ?
According to Rankiteo, CMA CGM does not currently maintain PCI DSS compliance.
Does CMA CGM comply with HIPAA ?
According to Rankiteo, CMA CGM is not compliant with HIPAA regulations.
Does CMA CGM have ISO 27001 certification ?
According to Rankiteo,CMA CGM is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of CMA CGM
CMA CGM operates primarily in the Transportation, Logistics, Supply Chain and Storage industry.
Number of Employees at CMA CGM
CMA CGM employs approximately 29,493 people worldwide.
Subsidiaries Owned by CMA CGM
CMA CGM presently has no subsidiaries across any sectors.
CMA CGM’s LinkedIn Followers
CMA CGM’s official LinkedIn profile has approximately 1,447,515 followers.
NAICS Classification of CMA CGM
CMA CGM is classified under the NAICS code 47, which corresponds to Transportation and Warehousing.
CMA CGM’s Presence on Crunchbase
No, CMA CGM does not have a profile on Crunchbase.
CMA CGM’s Presence on LinkedIn
Yes, CMA CGM maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cma-cgm.
Cybersecurity Incidents Involving CMA CGM
As of December 14, 2025, Rankiteo reports that CMA CGM has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
CMA CGM has an estimated 6,259 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at CMA CGM ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Ransomware.
How does CMA CGM detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with disabled internet connection to prevent ransomware spread, and recovery measures with directed customers to local offices for bookings and queries, and and containment measures with shut down internet access to prevent ransomware spread, and communication strategy with customers directed to local offices for bookings/inquiries, and incident response plan activated with yes (crew attempted recovery; it experts boarded), and third party assistance with it experts (onsite), and containment measures with manual override attempts, containment measures with it expert intervention, and remediation measures with restoration of navigation systems..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on CMA CGM by Ragnar Locker Gang
Description: In September 2020, the French shipping company CMA CGM was targeted by the Ragnar Locker ransomware gang. The attackers stole personal client data and demanded a ransom for a decryption key. The company disabled its internet connection to contain the attack, disrupting online booking services while keeping marine and port operations functional. The attack aimed at financial gain, though the exact ransom amount was not disclosed.
Date Detected: 2020-09-25
Date Publicly Disclosed: 2020-09-27
Type: ransomware
Threat Actor: Ragnar Locker Gang
Motivation: financial gain
Title: CMA CGM Ransomware Attack (September 2021)
Description: In September 2021, France-based CMA CGM experienced a cyber-attack on their network involving hacking and ransomware. The hackers used Ragnar Locker ransomware to steal and encrypt customer data. The company shut down internet access to prevent further spread, disrupting online booking services, operational requests, and partially impacting ports and vessels. After refusing to pay the ransom, all stolen data was leaked.
Date Detected: 2021-09
Type: cyber-attack
Attack Vector: ransomware (Ragnar Locker)
Motivation: financial gaindata theft
Title: Cyber Attack on Container Vessel by African Pirates (2017)
Description: In February 2017, a container vessel en route from Cyprus to Djibouti was targeted by a hacking attack carried out by African pirates. The attackers aimed to gain full control of the vessel's Navigation Systems to redirect the ship to an area where they could physically seize it. The hack rendered the ship unable to maneuver, and the attackers maintained control for 10 hours. The crew attempted to regain control but required onboard IT experts to restore the Navigation Systems after hours of intervention. The incident compromised the availability and integrity of the vessel's systems under the CIA triad.
Date Detected: February 2017
Date Resolved: February 2017 (within 10 hours of detection)
Type: cyber-physical attack
Attack Vector: remote hackingnavigation system compromise
Threat Actor: African pirates (cyber-enabled)
Motivation: financial gain (piracy)physical seizure of vesselransom
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware CMA642092025
Data Compromised: Personal data of clients
Systems Affected: online booking servicesoperational request systems
Downtime: partial (online services suspended, local offices used for bookings)
Operational Impact: loading processes hampered, but marine and port activities remained operational
Identity Theft Risk: likely (personal data stolen)
Incident : cyber-attack CMA330092125
Data Compromised: Customer data
Systems Affected: online booking servicesoperational request systemsports (partial)vessels (partial)
Downtime: True
Operational Impact: disruption of booking servicespartial disruption of ports and vesselscustomers redirected to local offices
Incident : cyber-physical attack CMA840092125
Systems Affected: Navigation Systems
Downtime: 10 hours
Operational Impact: loss of vessel maneuverabilitytemporary loss of control to attackersrequirement for emergency IT intervention
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Data, , Customer Data and .
Which entities were affected by each incident ?
Incident : ransomware CMA642092025
Entity Name: CMA CGM
Entity Type: corporation
Industry: shipping/logistics
Location: France (global operations)
Size: large
Incident : cyber-attack CMA330092125
Entity Name: CMA CGM
Entity Type: company
Industry: shipping, logistics, maritime
Location: France (global operations)
Customers Affected: True
Incident : cyber-physical attack CMA840092125
Entity Type: container vessel (maritime shipping)
Industry: maritime/logistics
Location: Cyprus (departure)Djibouti (destination)unknown (attack location)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : ransomware CMA642092025
Incident Response Plan Activated: True
Containment Measures: disabled internet connection to prevent ransomware spread
Recovery Measures: directed customers to local offices for bookings and queries
Incident : cyber-attack CMA330092125
Incident Response Plan Activated: True
Containment Measures: shut down internet access to prevent ransomware spread
Communication Strategy: customers directed to local offices for bookings/inquiries
Incident : cyber-physical attack CMA840092125
Incident Response Plan Activated: Yes (crew attempted recovery; IT experts boarded)
Third Party Assistance: It Experts (Onsite).
Containment Measures: manual override attemptsIT expert intervention
Remediation Measures: restoration of Navigation Systems
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes (crew attempted recovery; IT experts boarded).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through IT experts (onsite), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware CMA642092025
Type of Data Compromised: Personal data
Sensitivity of Data: high (personal client data)
Data Encryption: True
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: restoration of Navigation Systems, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by disabled internet connection to prevent ransomware spread, , shut down internet access to prevent ransomware spread, , manual override attempts, it expert intervention and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware CMA642092025
Ransom Demanded: True
Ransomware Strain: Ragnar Locker
Data Encryption: True
Data Exfiltration: True
Incident : cyber-attack CMA330092125
Ransom Demanded: True
Ransomware Strain: Ragnar Locker
Data Encryption: True
Data Exfiltration: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through directed customers to local offices for bookings and queries, .
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Port Technology International TeamDate Accessed: 2021.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : cyber-physical attack CMA840092125
Investigation Status: Resolved (systems restored; no further public details)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customers Directed To Local Offices For Bookings/Inquiries.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : ransomware CMA642092025
Customer Advisories: customers directed to local offices for bookings and queries
Incident : cyber-attack CMA330092125
Customer Advisories: customers advised to contact local offices for bookings/inquiries
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Customers Directed To Local Offices For Bookings And Queries, , Customers Advised To Contact Local Offices For Bookings/Inquiries and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : cyber-physical attack CMA840092125
High Value Targets: Navigation Systems,
Data Sold on Dark Web: Navigation Systems,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : cyber-physical attack CMA840092125
Root Causes: Vulnerabilities In Navigation Systems, Lack Of Cyber-Physical Security Measures,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as It Experts (Onsite), .
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was True.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Ragnar Locker Gang and African pirates (cyber-enabled).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-09-25.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09-27.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on February 2017 (within 10 hours of detection).
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal data of clients, , customer data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was online booking servicesoperational request systems and online booking servicesoperational request systemsports (partial)vessels (partial) and Navigation Systems.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was it experts (onsite), .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were disabled internet connection to prevent ransomware spread, shut down internet access to prevent ransomware spread and manual override attemptsIT expert intervention.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were personal data of clients and customer data.
Ransomware Information
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Port Technology International Team.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Resolved (systems restored; no further public details).
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an customers directed to local offices for bookings and queries and customers advised to contact local offices for bookings/inquiries.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=cma-cgm' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
