NMC
Company Details
Linkedin ID:
nissan-motor-corporation
Website:
Employees number:
45,615
Number of followers:
1,725,892
NAICS:
3361
Industry Type:
Homepage:
nissan-web.net
IP Addresses:
0
Company ID:
NIS_4947411
Scan Status:
In-progress
Nissan Motor Corporation Company CyberSecurity Posture
nissan-web.net
Nissan Motor Corporation is a global car manufacturer that sells a full line of vehicles under the Nissan and INFINITI brands. Nissan’s global headquarters in Yokohama, Japan, manages operations in four regions: Japan-ASEAN, China, Americas, and AMIEO (Africa, Middle East, India, Europe & Oceania). For more information about our products, services and commitment to sustainable mobility, visit nissan-global.com. You can also follow us on Facebook, Instagram, Twitter and LinkedIn and see all our latest videos on YouTube.
Nissan Motor Corporation A.I CyberSecurity Scoring
NMC Risk Score (AI oriented)Between 650 and 699
NMC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
NMC Global Score (TPRM)XXXX
NMC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
NMC Company CyberSecurity News & History
Past Incidents
5
Attack Types
3
Nissan North America, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On May 15, 2024, the Vermont Office of the Attorney General reported a data breach involving Nissan North America. The breach was discovered on November 7, 2023, following a targeted cyberattack. The incident potentially involved the personal information of employees, although the specific types of compromised data were not provided. The number of affected individuals is known to be 17 in Rhode Island and 3 in Vermont.
Nissan Motor Corporation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Customers of Nissan Canada suffered a data breach incident after a third-party partner exposed customer information. The security incident suffered by its software development affected 1.13 million customers. The compromised information includes the customer's name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount, and monthly payment. The manufacturer offers its affected clients a one-year membership of identity protection services through Experian.
Nissan Motor Corporation
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: Nissan was targeted by the hacktivist group Anonymous in a distributed denial of service (DDoS) attack in January 2016. It took its website offline and temporarily suspended service on it to prevent further risks. The attack was apparently initiated by Anonymous in “#OpWhales” campaign to spread awareness about the killing of dolphins in the cove in Taiji and not for any customer or consumer data.
Nissan Motor Corporation
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Customers of Nissan North America suffered a data breach incident after a third-party partner exposed customer information. The security incident suffered by its software development affected 17,998 customers. The leaked data included consists of clients’ full names, dates of birth, and NMAC account numbers (Nissan finance account). The manufacturer offers its affected clients a one-year membership of identity protection services through Experian.
Nissan Motor Corporation
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: A cyberattack that allowed hackers access to personal data was the subject of an investigation by Nissan and affected its systems in Australia and New Zealand. The business notified clients of its Nissan Oceania division of a possible data breach and cautioned them about the possibility of scams in the following days, although no specifics of the incident have been made public. The notice states that in order to assess the extent of the cyberattack, the business has sent out its worldwide incident response team. Nissan is alerting customers to potential frauds that could target them and the risk for account theft.
NMC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for NMC
Incidents vs Motor Vehicle Manufacturing Industry Average (This Year)
No incidents recorded for Nissan Motor Corporation in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Nissan Motor Corporation in 2025.
Incident Types NMC vs Motor Vehicle Manufacturing Industry Avg (This Year)
No incidents recorded for Nissan Motor Corporation in 2025.
Incident History — NMC (X = Date, Y = Severity)
NMC cyber incidents detection timeline including parent company and subsidiaries
NMC Company Subsidiaries
Nissan Motor Corporation is a global car manufacturer that sells a full line of vehicles under the Nissan and INFINITI brands. Nissan’s global headquarters in Yokohama, Japan, manages operations in four regions: Japan-ASEAN, China, Americas, and AMIEO (Africa, Middle East, India, Europe & Oceania). For more information about our products, services and commitment to sustainable mobility, visit nissan-global.com. You can also follow us on Facebook, Instagram, Twitter and LinkedIn and see all our latest videos on YouTube.
Loading...
NMC Similar Companies
Tata Motors
At the forefront of shaping mobility for over eight decades, driven by a legacy of innovation and an unwavering commitment to excellence. We fuse next-generation technologies with operational precision and continuous value creation — across every vehicle and process. But what truly sets us apart is
Marcopolo S.A.
A Marcopolo S.A é uma empresa brasileira fundada em 1949 que participa ativamente no desenvolvimento de soluções para a mobilidade nos principais mercados mundiais. Atualmente com 11 unidades fabris no exterior, é composta por empresas dedicadas à fabricação de ônibus, micro-ônibus e peças, soluções
We see a future where everyone can live and move without limitations. That’s why we are developing technologies, systems and concepts that make vehicles safer and cleaner, while serving our communities, the planet and, above all, people. Forward. For all. Our common shares trade on the Toronto Sto
Bridgestone Americas, Inc. (BSAM), headquartered in Nashville, Tennessee, and Bridgestone Europe, Middle East and Africa (BSEMEA), headquartered in Brussels, Belgium, operate collectively as a “Bridgestone West” strategic region. This region services the strategic business needs of teams across the
Honda Cars India Ltd
Honda Cars India Ltd. (HCIL), a leading manufacturer of premium cars in India, was established in December 1995 with a commitment to provide Honda’s passenger car models and technologies, to the Indian customers. HCIL’s corporate office is based in Greater Noida, UP and its state-of-the-art manufact
OPmobility
OPmobility is a world leader in sustainable mobility and a technology partner to mobility players worldwide. Driven by innovation since its creation in 1946, the Group is today composed of five complementary business groups that enable it to offer its customers a wide range of solutions: intelligent
The Volvo Group is one of the world’s leading manufacturers of trucks, buses, construction equipment and marine and industrial engines. The Group also provides complete solutions for financing and service. The Volvo Group, with its headquarters in Gothenburg, employs about 100,000 people, has produc
DENSO
DENSO is one of the world's largest automotive suppliers with a 75-year history of providing advanced automotive systems and technology to automakers worldwide. While our products are featured on nearly every vehicle make and model on the road today, we're also looking to innovate beyond automotive
Stellantis
Our storied and iconic brands embody the passion of their visionary founders and today’s customers in their innovative products and services: they include Abarth, Alfa Romeo, Chrysler, Citroën, Dodge, DS Automobiles, Fiat, Jeep®, Lancia, Maserati, Opel, Peugeot, Ram, Vauxhall and mobility brands Fre
.png)
NMC CyberSecurity News
December 04, 2025 10:15 AM
Nissan accelerates software-defined vehicle development and strengthens AI development environment
Global automotive manufacturer reduces vehicle software test execution time by 75 percent while enabling unified development environment for...
November 07, 2025 08:00 AM
Major Cyber Attacks Targeting the Automotive Industry 2025
The automotive industry isn't just battling supply chain headaches and the race to electrification. It's also facing a relentless wave of...
November 06, 2025 08:00 AM
Nissan returns to operating profit in second quarter, maintains forecast
Nissan Motor swung back to an operating profit in the second quarter, reporting its best quarterly result in more than a year on Thursday...
October 29, 2025 07:00 AM
Protected supply chains keep cyber attacks at bay
Andrei Quinn-Barabanov discusses ways to mitigate cyber threats in automotive supply chains, from simple internal steps to useful external...
October 08, 2025 07:00 AM
Nearly all automakers report Q3 sales gains
The exceptions include Volkswagen, which saw sales fall, and Audi, which remained flat.
August 27, 2025 07:00 AM
The Week in Breach News: August 25, 2025
This week: Nissan hit by Qilin ransomware group, development data is snatched from Nissan and Kaseya Labs takes a deep dive into the...
August 22, 2025 07:00 AM
Qilin Ransomware Hits Nissan: 4TB of Vehicle Designs Stolen
In the high-stakes world of automotive innovation, where proprietary designs can make or break market dominance, Nissan Motor Co. finds...
August 22, 2025 07:00 AM
Nissan unveils all-new Roox Kei car in Japan
Nissan Motor Company unveiled its all-new Roox wagon-type kei car (mini-car) in Japan, featuring a new exterior body style.
August 21, 2025 07:00 AM
Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI
Qilin ransomware claims a 4TB data breach at Nissan CBI, leaking car design files, financial data, 3D models, and VR design images as proof.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
NMC CyberSecurity History Information
Official Website of Nissan Motor Corporation
The official website of Nissan Motor Corporation is http://www.nissan-global.com.
Nissan Motor Corporation’s AI-Generated Cybersecurity Score
According to Rankiteo, Nissan Motor Corporation’s AI-generated cybersecurity score is 666, reflecting their Weak security posture.
How many security badges does Nissan Motor Corporation’ have ?
According to Rankiteo, Nissan Motor Corporation currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Nissan Motor Corporation have SOC 2 Type 1 certification ?
According to Rankiteo, Nissan Motor Corporation is not certified under SOC 2 Type 1.
Does Nissan Motor Corporation have SOC 2 Type 2 certification ?
According to Rankiteo, Nissan Motor Corporation does not hold a SOC 2 Type 2 certification.
Does Nissan Motor Corporation comply with GDPR ?
According to Rankiteo, Nissan Motor Corporation is not listed as GDPR compliant.
Does Nissan Motor Corporation have PCI DSS certification ?
According to Rankiteo, Nissan Motor Corporation does not currently maintain PCI DSS compliance.
Does Nissan Motor Corporation comply with HIPAA ?
According to Rankiteo, Nissan Motor Corporation is not compliant with HIPAA regulations.
Does Nissan Motor Corporation have ISO 27001 certification ?
According to Rankiteo,Nissan Motor Corporation is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Nissan Motor Corporation
Nissan Motor Corporation operates primarily in the Motor Vehicle Manufacturing industry.
Number of Employees at Nissan Motor Corporation
Nissan Motor Corporation employs approximately 45,615 people worldwide.
Subsidiaries Owned by Nissan Motor Corporation
Nissan Motor Corporation presently has no subsidiaries across any sectors.
Nissan Motor Corporation’s LinkedIn Followers
Nissan Motor Corporation’s official LinkedIn profile has approximately 1,725,892 followers.
NAICS Classification of Nissan Motor Corporation
Nissan Motor Corporation is classified under the NAICS code 3361, which corresponds to Motor Vehicle Manufacturing.
Nissan Motor Corporation’s Presence on Crunchbase
Yes, Nissan Motor Corporation has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/nissan-motor.
Nissan Motor Corporation’s Presence on LinkedIn
Yes, Nissan Motor Corporation maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nissan-motor-corporation.
Cybersecurity Incidents Involving Nissan Motor Corporation
As of December 14, 2025, Rankiteo reports that Nissan Motor Corporation has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Nissan Motor Corporation has an estimated 12,673 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Nissan Motor Corporation ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach, Cyber Attack and Data Leak.
How does Nissan Motor Corporation detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with took website offline, containment measures with temporarily suspended service, and third party assistance with experian, and third party assistance with experian, and incident response plan activated with yes, and communication strategy with customer notification and warnings about potential frauds..
Incident Details
Can you provide details on each incident ?
Title: DDoS Attack on Nissan by Anonymous
Description: Nissan was targeted by the hacktivist group Anonymous in a distributed denial of service (DDoS) attack in January 2016. It took its website offline and temporarily suspended service on it to prevent further risks. The attack was apparently initiated by Anonymous in “#OpWhales” campaign to spread awareness about the killing of dolphins in the cove in Taiji and not for any customer or consumer data.
Date Detected: January 2016
Type: DDoS Attack
Attack Vector: Distributed Denial of Service (DDoS)
Threat Actor: Anonymous
Motivation: Spread awareness about the killing of dolphins in Taiji
Title: Nissan North America Data Breach
Description: Customers of Nissan North America suffered a data breach incident after a third-party partner exposed customer information. The security incident suffered by its software development affected 17,998 customers. The leaked data included clients’ full names, dates of birth, and NMAC account numbers (Nissan finance account). The manufacturer offers its affected clients a one-year membership of identity protection services through Experian.
Type: Data Breach
Title: Nissan Canada Data Breach
Description: Customers of Nissan Canada suffered a data breach incident after a third-party partner exposed customer information. The security incident suffered by its software development affected 1.13 million customers. The compromised information includes the customer's name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount, and monthly payment. The manufacturer offers its affected clients a one-year membership of identity protection services through Experian.
Type: Data Breach
Attack Vector: Third-Party Partner
Title: Nissan Data Breach
Description: A cyberattack that allowed hackers access to personal data was the subject of an investigation by Nissan and affected its systems in Australia and New Zealand. The business notified clients of its Nissan Oceania division of a possible data breach and cautioned them about the possibility of scams in the following days, although no specifics of the incident have been made public. The notice states that in order to assess the extent of the cyberattack, the business has sent out its global incident response team. Nissan is alerting customers to potential frauds that could target them and the risk for account theft.
Type: Data Breach
Title: Nissan North America Data Breach
Description: A data breach involving Nissan North America was reported by the Vermont Office of the Attorney General, potentially involving personal information of employees.
Date Detected: 2023-11-07
Date Publicly Disclosed: 2024-05-15
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : DDoS Attack NIS14398522
Data Compromised: None
Systems Affected: Website
Downtime: Temporary
Incident : Data Breach NIS212718123
Data Compromised: Full names, Dates of birth, Nmac account numbers
Incident : Data Breach NIS95727223
Data Compromised: Customer's name, Address, Vehicle make and model, Vehicle identification number (vin), Credit score, Loan amount, Monthly payment
Identity Theft Risk: True
Payment Information Risk: True
Incident : Data Breach NIS23424224
Data Compromised: Personal data
Systems Affected: Systems in Australia and New Zealand
Identity Theft Risk: ['High']
Incident : Data Breach NIS652072525
Data Compromised: Personal information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Full Names, Dates Of Birth, Nmac Account Numbers, , Customer'S Name, Address, Vehicle Make And Model, Vehicle Identification Number (Vin), Credit Score, Loan Amount, Monthly Payment, , Personal Data, , Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach NIS212718123
Entity Name: Nissan North America
Entity Type: Company
Industry: Automotive
Customers Affected: 17998
Incident : Data Breach NIS95727223
Entity Name: Nissan Canada
Entity Type: Automobile Manufacturer
Industry: Automotive
Location: Canada
Customers Affected: 1.13 million
Incident : Data Breach NIS23424224
Entity Name: Nissan
Entity Type: Corporation
Industry: Automotive
Location: AustraliaNew Zealand
Incident : Data Breach NIS652072525
Entity Name: Nissan North America
Entity Type: Corporation
Industry: Automotive
Response to the Incidents
What measures were taken in response to each incident ?
Incident : DDoS Attack NIS14398522
Containment Measures: Took website offlineTemporarily suspended service
Incident : Data Breach NIS212718123
Third Party Assistance: Experian.
Incident : Data Breach NIS95727223
Third Party Assistance: Experian
Incident : Data Breach NIS23424224
Incident Response Plan Activated: Yes
Communication Strategy: Customer notification and warnings about potential frauds
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Experian, , Experian.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach NIS212718123
Type of Data Compromised: Full names, Dates of birth, Nmac account numbers
Number of Records Exposed: 17998
Personally Identifiable Information: Full namesDates of birth
Incident : Data Breach NIS95727223
Type of Data Compromised: Customer's name, Address, Vehicle make and model, Vehicle identification number (vin), Credit score, Loan amount, Monthly payment
Number of Records Exposed: 1.13 million
Sensitivity of Data: High
Incident : Data Breach NIS23424224
Type of Data Compromised: Personal data
Personally Identifiable Information: Yes
Incident : Data Breach NIS652072525
Type of Data Compromised: Personal information
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by took website offline, temporarily suspended service and .
References
Where can I find more information about each incident ?
Incident : Data Breach NIS652072525
Source: Vermont Office of the Attorney General
Date Accessed: 2024-05-15
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Office of the Attorney GeneralDate Accessed: 2024-05-15.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach NIS23424224
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customer notification and warnings about potential frauds.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach NIS23424224
Customer Advisories: Potential frauds and account theft risk
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Potential Frauds And Account Theft Risk and .
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Experian, , Experian.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Anonymous.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on January 2016.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-05-15.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were None, Full names, Dates of birth, NMAC account numbers, , customer's name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount, monthly payment, , Personal Data, , Personal Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Website and Systems in Australia and New Zealand.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was experian, , Experian.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Took website offlineTemporarily suspended service.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were loan amount, Dates of birth, Full names, monthly payment, None, NMAC account numbers, address, Personal Data, customer's name, vehicle make and model, vehicle identification number (VIN), Personal Information and credit score.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.1M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Vermont Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Potential frauds and account theft risk.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=nissan-motor-corporation' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
