Rapid7, Inc.

RPD

US7534221046

Software

Market Closed - Nasdaq Other stock markets 04:00:00 2024-04-24 pm EDT			5-day change	1st Jan Change
46.49 ^USD	+0.69%		+5.23%	-18.58%

Apr. 10	Rapid7 Insider Sold Shares Worth $1,006,336, According to a Recent SEC Filing	MT
Mar. 14	Add a little SaaS to your life

Rapid7 : Patch Tuesday - April 2022

April 12, 2022 at 02:52 pm EDT

Last updated at Tue, 12 Apr 2022 18:48:11 GMT

From Defender to Windows, Office to Azure, this month's Patch Tuesday has a large swath of Microsoft's portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.

One of these has been observed being exploited in the wild: CVE-2022-24521, reported to Microsoft by the National Security Agency, affects the Common Log File System Driver in all supported versions of Windows and allows attackers to gain additional privileges on a system they already have local access to. Another local privilege escalation (LPE), CVE-2022-26904 affecting the Windows User Profile Service, had been publicly disclosed but not reported as already being exploited - it's harder for attackers to leverage as it relies on winning a race condition, which can be tricky to reliably achieve.

LPEs don't always get the same attention that remote code execution (RCE) vulnerabilities do, but they can be a great help to attackers after they gain an initial foothold. These two categories dominate this month's vulnerabilities, with 55 LPEs and 47 RCEs getting patched. 10 of the RCEs are considered "Critical," affecting Windows Hyper-V (CVE-2022-22008, CVE-2022-23257, CVE-2022-24537); Windows SMB Client (CVE-2022-24500, CVE-2022-24541); Windows Network File System (CVE-2022-24491 and CVE-2022-24497); LDAP (CVE-2022-26919); Microsoft Dynamics (CVE-2022-23259); and the Windows RPC Runtime (CVE-2022-26809).

On the Office side of the house, Skype for Business Server was patched for spoofing (CVE-2022-26910) and information disclosure (CVE-2022-26911) vulnerabilities. Two RCEs affecting Excel (CVE-2022-24473 and CVE-2022-26901) were fixed, as well as a spoofing vulnerability in SharePoint Server (CVE-2022-24472).

With so many vulnerabilities to manage, it can be difficult to prioritize. Thankfully, most of this month's CVEs can be addressed by patching the core OS. Administrators should first focus on updating any public-facing servers before moving on to internal servers and then client systems. The SMB Client vulnerabilities can also be mitigated by blocking port 445/tcp at the network perimeter - victims need to be enticed to connect to a malicious SMB server, and this would help against Internet-based attackers. Of course, this won't help much if the malicious system was set up within the perimeter.

For any readers who enjoy deeper dives into vulnerabilities and exploits, Rapid7's Jake Baines has a technical writeup of CVE-2022-24527, an LPE he discovered in the Connected Cache component of Microsoft Endpoint Manager that got fixed today. Check it out!

Summary charts Summary tables Azure Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-26898	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26896	Azure Site Recovery Information Disclosure Vulnerability	No	No	4.9	Yes
CVE-2022-26897	Azure Site Recovery Information Disclosure Vulnerability	No	No	4.9	Yes
CVE-2022-26907	Azure SDK for .NET Information Disclosure Vulnerability	No	No	5.3	Yes

Browser Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24523	Microsoft Edge (Chromium-based) Spoofing Vulnerability	No	No	4.3	Yes
CVE-2022-24475	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26891	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26894	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26895	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26900	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26908	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26909	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-26912	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	8.3	Yes
CVE-2022-1232	Chromium: CVE-2022-1232 Type Confusion in V8	No	No	N/A	Yes
CVE-2022-1146	Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing	No	No	N/A	Yes
CVE-2022-1145	Chromium: CVE-2022-1145 Use after free in Extensions	No	No	N/A	Yes
CVE-2022-1143	Chromium: CVE-2022-1143 Heap buffer overflow in WebUI	No	No	N/A	Yes
CVE-2022-1139	Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API	No	No	N/A	Yes
CVE-2022-1138	Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor	No	No	N/A	Yes
CVE-2022-1137	Chromium: CVE-2022-1137 Inappropriate implementation in Extensions	No	No	N/A	Yes
CVE-2022-1136	Chromium: CVE-2022-1136 Use after free in Tab Strip	No	No	N/A	Yes
CVE-2022-1135	Chromium: CVE-2022-1135 Use after free in Shopping Cart	No	No	N/A	Yes
CVE-2022-1134	Chromium: CVE-2022-1134 Type Confusion in V8	No	No	N/A	Yes
CVE-2022-1133	Chromium: CVE-2022-1133 Use after free in WebRTC	No	No	N/A	Yes
CVE-2022-1131	Chromium: CVE-2022-1131 Use after free in Cast UI	No	No	N/A	Yes
CVE-2022-1130	Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP	No	No	N/A	Yes
CVE-2022-1129	Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode	No	No	N/A	Yes
CVE-2022-1128	Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API	No	No	N/A	Yes
CVE-2022-1127	Chromium: CVE-2022-1127 Use after free in QR Code Generator	No	No	N/A	Yes
CVE-2022-1125	Chromium: CVE-2022-1125 Use after free in Portals	No	No	N/A	Yes

Developer Tools Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-26924	YARP Denial of Service Vulnerability	No	No	7.5	Yes
CVE-2022-24513	Visual Studio Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26921	Visual Studio Code Elevation of Privilege Vulnerability	No	No	7.3	No
CVE-2022-24765	GitHub: Uncontrolled search for the Git directory in Git for Windows	No	No	N/A	Yes
CVE-2022-24767	GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account	No	No	N/A	Yes
CVE-2022-26832	.NET Framework Denial of Service Vulnerability	No	No	7.5	No

Microsoft Dynamics Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-23259	Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability	No	No	8.8	Yes

Microsoft Office Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-26910	Skype for Business and Lync Spoofing Vulnerability	No	No	5.3	Yes
CVE-2022-26911	Skype for Business Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2022-24472	Microsoft SharePoint Server Spoofing Vulnerability	No	No	8	Yes
CVE-2022-24473	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-26901	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes

SQL Server Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-23292	Microsoft Power BI Spoofing Vulnerability	No	No	5.9	Yes

System Center Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24548	Microsoft Defender Denial of Service Vulnerability	No	No	5.5	Yes

Windows Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24543	Windows Upgrade Assistant Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24550	Windows Telephony Server Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26786	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26789	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26791	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26793	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26795	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24491	Windows Network File System Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2022-24497	Windows Network File System Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2022-24487	Windows Local Security Authority (LSA) Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-24483	Windows Kernel Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2022-24545	Windows Kerberos Remote Code Execution Vulnerability	No	No	8.1	Yes
CVE-2022-24486	Windows Kerberos Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24490	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability	No	No	8.1	Yes
CVE-2022-24539	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability	No	No	8.1	Yes
CVE-2022-26783	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2022-26785	Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2022-23257	Windows Hyper-V Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-22008	Windows Hyper-V Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24537	Windows Hyper-V Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-22009	Windows Hyper-V Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-23268	Windows Hyper-V Denial of Service Vulnerability	No	No	6.5	Yes
CVE-2022-26920	Windows Graphics Component Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2022-26808	Windows File Explorer Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24495	Windows Direct Show - Remote Code Execution Vulnerability	No	No	7	Yes
CVE-2022-24547	Windows Digital Media Receiver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24488	Windows Desktop Bridge Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24546	Windows DWM Core Library Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26811	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26823	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26824	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26825	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26826	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26814	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26817	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26818	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26816	Windows DNS Server Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2022-24538	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability	No	No	6.5	No
CVE-2022-26784	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability	No	No	6.5	No
CVE-2022-24484	Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability	No	No	5.5	No
CVE-2022-26828	Windows Bluetooth Driver Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24549	Windows AppX Package Manager Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24482	Windows ALPC Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-26914	Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26788	PowerShell Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24496	Local Security Authority (LSA) Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24532	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-26830	DiskUsage.exe Remote Code Execution Vulnerability	No	No	7.5	Yes
CVE-2022-24479	Connected User Experiences and Telemetry Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24489	Cluster Client Failover (CCF) Elevation of Privilege Vulnerability	No	No	7.8	No

Windows ESU Vulnerabilities

CVE	Title	Exploited?	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24498	Windows iSCSI Target Service Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2022-26807	Windows Work Folder Service Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24474	Windows Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24542	Windows Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26904	Windows User Profile Service Elevation of Privilege Vulnerability	No	Yes	7	Yes
CVE-2022-24541	Windows Server Service Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-26915	Windows Secure Channel Denial of Service Vulnerability	No	No	7.5	No
CVE-2022-24500	Windows SMB Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-26787	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26790	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26792	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26794	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26796	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26797	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26798	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26801	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26802	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26803	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26919	Windows LDAP Remote Code Execution Vulnerability	No	No	8.1	Yes
CVE-2022-26831	Windows LDAP Denial of Service Vulnerability	No	No	7.5	No
CVE-2022-24544	Windows Kerberos Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24530	Windows Installer Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24499	Windows Installer Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26903	Windows Graphics Component Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-26810	Windows File Server Resource Management Service Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-26827	Windows File Server Resource Management Service Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-26916	Windows Fax Compose Form Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-26917	Windows Fax Compose Form Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-26918	Windows Fax Compose Form Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24527	Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2022-26812	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26813	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24536	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26815	Windows DNS Server Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-26819	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26820	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26821	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26822	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-26829	Windows DNS Server Remote Code Execution Vulnerability	No	No	6.6	Yes
CVE-2022-24521	Windows Common Log File System Driver Elevation of Privilege Vulnerability	Yes	No	7.8	No
CVE-2022-24481	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24494	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24540	Windows ALPC Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-21983	Win32 Stream Enumeration Remote Code Execution Vulnerability	No	No	7.5	Yes
CVE-2022-24534	Win32 Stream Enumeration Remote Code Execution Vulnerability	No	No	7.5	Yes
CVE-2022-24485	Win32 File Enumeration Remote Code Execution Vulnerability	No	No	7.5	Yes
CVE-2022-26809	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2022-24528	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-24492	Remote Procedure Call Runtime Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-24533	Remote Desktop Protocol Remote Code Execution Vulnerability	No	No	8	Yes
CVE-2022-24493	Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability	No	No	5.5	Yes

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Attachments

Original Link
Original Document
Permalink

Disclaimer

Rapid7 Inc. published this content on 12 April 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 12 April 2022 18:51:08 UTC.

Latest news about Rapid7, Inc.

Rapid7 Insider Sold Shares Worth $1,006,336, According to a Recent SEC Filing	Apr. 10	MT
Add a little SaaS to your life	Mar. 14
Transcript : Rapid7, Inc. Presents at Morgan Stanley?s Technology, Media & Telecom Conference 2024, Mar-05-2024 03:35 PM	Mar. 05
Rapid7 Insider Sold Shares Worth $878,388, According to a Recent SEC Filing	Mar. 04	MT
Rapid7's Q4 Non-GAAP Earnings, Revenue Increase	Feb. 08	MT
Transcript : Rapid7, Inc., Q4 2023 Earnings Call, Feb 07, 2024	Feb. 07
(RPD) RAPID7 Forecasts Q1 Revenue Range $203M - $205M	Feb. 07	MT
(RPD) RAPID7 Expects Fiscal Year 2024 Revenue Range $848M - $856M	Feb. 07	MT
(RPD) RAPID7 Forecasts Q1 EPS Range $0.52 - $0.55	Feb. 07	MT
(RPD) RAPID7 Expects Fiscal Year 2024 EPS Range $2.10 - $2.21	Feb. 07	MT
Earnings Flash (RPD) RAPID7 Reports Q4 Revenue $205.3M, vs. Street Est of $201.4M	Feb. 07	MT
Earnings Flash (RPD) RAPID7 Posts Q4 EPS $0.72, vs. Street Est of $0.48	Feb. 07	MT
Rapid7, Inc. Reports Earnings Results for the Fourth Quarter and Full Year Ended December 31, 2023	Feb. 07	CI
Rapid7, Inc. Provides Earnings Guidance for the First Quarter and Full Year of 2024	Feb. 07	CI
Rapid7, Inc. Adds New Managed Digital Risk Protection to Leading MDR Service for 360-Degree Detection and Response	Feb. 06	CI
North American Morning Briefing : Microsoft Kicks -2-	Jan. 30	DJ
UBS Upgrades Rapid7 to Buy From Neutral, Raises Price Target to $70 From $53	Jan. 29	MT
North American Morning Briefing : Focus Fixed on -2-	Jan. 11	DJ
Rapid7, Inc. Appoints Scott Murphy as Senior Vice President, Chief Accounting Officer, Effective on March 4, 2024	Jan. 09	CI
Citigroup Upgrades Rapid7 to Buy From Neutral, Raises Price Target to $65 From $54	Jan. 09	MT
Rapid7 Insider Sold Shares Worth $912,592, According to a Recent SEC Filing	Jan. 05	MT
JPMorgan Adjusts Price Target on Rapid7 to $61 From $52, Maintains Neutral Rating	Dec. 11	MT
Rapid7 Insider Sold Shares Worth $2,024,007, According to a Recent SEC Filing	Nov. 22	MT
Morgan Stanley Adjusts Price Target on Rapid7 to $55 From $52, Maintains Equalweight Rating	Nov. 07	MT
North American Morning Briefing : Stocks Look to -2-	Nov. 06	DJ

Chart Rapid7, Inc.

Duration

Period

More charts

Company Profile

Rapid7, Inc. is engaged in advancing security with visibility, analytics, and automation delivered through its Insight Platform. Its Insight Platform solutions include incident detection and response, cloud security, vulnerability risk management, application security, threat intelligence and security orchestration and automation response. It offers its Insight Platform solutions as software-as-a-service products, on a subscription basis. It provides cloud products across the main pillars of Security Operations (SecOps), which include InsightIDR, InsightCloudSec, InsightVM, InsightAppSec and InsightConnect. Its other products include Threat Intelligence, Nexpose, AppSpider and Metasploit. Its professional service offerings include Penetration Testing, Cybersecurity Maturity Assessments, Security and Incident Response Program Development Services, Internet of things (IoT) and Internet Embedded Device testing, as well as Threat Modeling, TableTop Exercises and Incident Response services.

Sector

Software

Calendar

2024-05-07 - Q1 2024 Earnings Release

Related indices

Russell 2000

More about the company

Income Statement Evolution

More financial data

Analysis / Opinion

INTERVIEW - Jaya Baloo, Rapid7: Cybersecurity budgets are shrinking, which is a cause for concern

October 06, 2023 at 04:13 pm EDT

More Strategies

Ratings for Rapid7, Inc.

Trading Rating

Investor Rating

ESG Refinitiv

C+

More Ratings

Analysts' Consensus

Sell

Buy

Mean consensus

OUTPERFORM

Number of Analysts

Last Close Price

46.49 USD

Average target price

59.95 USD

Spread / Average Target

+28.94%

Consensus

EPS Revisions

Estimates Revisions

Quarterly earnings - Rate of surprise

Company calendar

Sector Other Software

	1st Jan change	Capi.
RAPID7, INC.	-18.58%	2.87B
MICROSOFT CORPORATION	+8.78%	3,028B
SYNOPSYS INC.	+2.45%	80.47B
CADENCE DESIGN SYSTEMS, INC.	+1.94%	76.81B
DASSAULT SYSTÈMES SE	-11.97%	54.2B
ATLASSIAN CORPORATION	-16.33%	51.74B
PALANTIR TECHNOLOGIES INC.	+25.74%	47.88B
THE TRADE DESK, INC.	+16.44%	39.62B
SEA LIMITED	+56.22%	35.14B
TAKE-TWO INTERACTIVE SOFTWARE, INC.	-11.26%	24.18B

Other Software

Rapid7, Inc.

Equities

RPD

US7534221046

Software

Rapid7 : Patch Tuesday - April 2022

EPS Revisions