القطاع Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Linux316
Microsoft138
Foxit46
Mozilla34
Not Defined26

منتج

Linux Kernel316
Microsoft Windows88
Foxit PDF Reader46
Microsoft SQL Server36
Microsoft OLE DB Driver32

معالجة

Official Fix710
Temporary Fix0
Workaround0
Unavailable0
Not Defined130

قابلية الاستغلال

High4
Functional2
Proof-of-Concept24
Unproven126
Not Defined684

متجه الوصول

Not Defined0
Physical6
Local102
Adjacent376
Network356

توثيق

Not Defined0
High68
Low486
None286

تفاعل المستخدم

Not Defined0
Required188
None652

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤458
≤5168
≤6258
≤7146
≤8114
≤960
≤108

CVSSv3 Temp

≤10
≤20
≤328
≤472
≤5160
≤6340
≤7120
≤8104
≤98
≤108

VulDB

≤10
≤20
≤334
≤480
≤5162
≤6248
≤7138
≤8114
≤956
≤108

NVD

≤1840
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1674
≤20
≤32
≤40
≤514
≤622
≤738
≤866
≤916
≤108

المجهز

≤1708
≤20
≤30
≤40
≤50
≤610
≤728
≤846
≤948
≤100

إكسبلويت ذات هجوم فوري

<1k42
<2k162
<5k24
<10k370
<25k118
<50k106
<100k18
≥100k0

إكسبلويت اليوم

<1k286
<2k198
<5k168
<10k78
<25k110
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en900
zh24
ja22
de20
es8

البلد

us198
gb40
de26
cn26
jp20

الفاعلين

Mirai7
Cobalt Strike6
Sandworm5
Prophet Spider2
B1txor202

النشاطات

الاهتمام

التسلسل الزمني

النوع

Router Operating System28
Operating System26
Web Browser8
Web Server8
Cloud Software4

المجهز

Juniper28
Microsoft18
Linux12
cym11028
Google6

منتج

Juniper Junos OS26
Juniper Junos OS Evolved14
Microsoft Windows12
Linux Kernel12
cym1102 nginxWebUI8

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةEPSSCTICVE
1Palo Alto Networks PAN-OS GlobalProtect تجاوز الصلاحيات8.98.7$0-$5k$0-$5kHighOfficial Fix0.0273410.00CVE-2024-3400
2cym1102 nginxWebUI upload تجاوز الصلاحيات4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000006.36CVE-2024-3736
3cym1102 nginxWebUI saveCmd handlePath توثيق ضعيف7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.43CVE-2024-3738
4cym1102 nginxWebUI reload exec تجاوز الصلاحيات6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.21CVE-2024-3740
5cym1102 nginxWebUI upload تجاوز الصلاحيات6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000004.93CVE-2024-3739
6cym1102 nginxWebUI addOver findCountByQuery اجتياز الدليل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000004.28CVE-2024-3737
7Xiamen Four-Faith RMP Router Management Platform حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.14CVE-2024-3688
8PHPGurukul Small CRM Registration Page حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.86CVE-2024-3691
9iboss Secure Web Gateway Login Portal login سكربتات مشتركة4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000452.43CVE-2024-3378
10PHPGurukul Small CRM Change Password حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.08CVE-2024-3690
11Linux Kernel amdkfd kzalloc تلف الذاكرة5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000001.57-CVE-2024-26817
12Microsoft Windows DNS Server تلف الذاكرة7.26.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.000430.29CVE-2024-26223
13Microsoft Windows Routing/Remote Access Service تلف الذاكرة8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.000430.07CVE-2024-26179
14Juniper cRPD/Juniper Cloud Native Router SSH تشفير ضعيف8.17.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.14CVE-2024-30407
15code-projects Online Book System Product.php سكربتات مشتركة3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.22CVE-2024-3004
16Juniper Junos OS IPv6 Firewall Filter ثغرات غير معروفة5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.14CVE-2024-30410
17Xen BTC SRSO Mitigation Privilege Escalation5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.22CVE-2024-31142
18Xen x86 HVM Hypercall الحرمان من الخدمة5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.07CVE-2023-46842
19Apache HTTP Server تجاوز الصلاحيات5.35.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000430.21CVE-2023-38709
20Google Chrome V8 الكشف عن المعلومات4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.21CVE-2024-3159

IOC - Indicator of Compromise (40)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
15.255.115.0/24IcedIDpredictiveعالي
223.154.177.0/24B1txor20predictiveعالي
331.42.185.0/24Saint Botpredictiveعالي
445.134.225.0/24Miraipredictiveعالي
5XX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictiveعالي
6XX.XXX.XX.X/XXXxxxxx Xxxxxxpredictiveعالي
7XX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
8XX.XXX.XX.X/XXXxxxxpredictiveعالي
9XX.XXX.XX.X/XXXxxxxpredictiveعالي
10XX.XX.XXX.X/XXXxxxxxxxxxpredictiveعالي
11XX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictiveعالي
12XX.XXX.XX.X/XXXxxxpredictiveعالي
13XX.XX.XX.X/XXXxxxxxpredictiveعالي
14XX.XXX.XX.X/XXXxxxxxxxpredictiveعالي
15XXX.XX.XX.X/XXXxxxxxx Xxxxx Xxxxxpredictiveعالي
16XXX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
17XXX.XX.XXX.X/XXXxxxxpredictiveعالي
18XXX.XX.XXX.X/XXXxxxxxxxpredictiveعالي
19XXX.XX.XX.X/XXXxxxx Xxxpredictiveعالي
20XXX.XXX.X.X/XXXxxxxx Xxxxxxpredictiveعالي
21XXX.XXX.XX.X/XXXxxxxx Xxxxxxpredictiveعالي
22XXX.XXX.XX.X/XXXxxxxpredictiveعالي
23XXX.XX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
24XXX.XXX.XX.X/XXXxxxxpredictiveعالي
25XXX.XXX.XX.X/XXXxxxxxpredictiveعالي
26XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveعالي
27XXX.XX.XXX.X/XXXxxxxpredictiveعالي
28XXX.XXX.XX.X/XXXxxxxxxxpredictiveعالي
29XXX.XX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي
30XXX.XX.XX.X/XXXxxxxpredictiveعالي
31XXX.XX.XXX.X/XXXxxxxxxxxxxpredictiveعالي
32XXX.XXX.XX.X/XXXxxxxxxxpredictiveعالي
33XXX.XXX.XXX.X/XXXxxxpredictiveعالي
34XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictiveعالي
35XXX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
36XXX.XX.XXX.X/XXXxxxxxpredictiveعالي
37XXX.XX.XX.X/XXXxxxxxxxxx Xxxxxxxpredictiveعالي
38XXX.XX.XX.X/XXXxxxxpredictiveعالي
39XXX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
40XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23, CWE-35Path Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
4T1059CWE-94, CWE-1321Argument Injectionpredictiveعالي
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
8TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
10TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
12TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
20TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
21TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
22TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictiveعالي
23TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي
24TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (118)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/admin/login.phppredictiveعالي
2File/adminPage/conf/reloadpredictiveعالي
3File/adminPage/conf/saveCmdpredictiveعالي
4File/adminPage/main/uploadpredictiveعالي
5File/adminPage/www/addOverpredictiveعالي
6File/cart.phppredictiveمتوسط
7File/description.phppredictiveعالي
8File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveعالي
9File/etc/passwdpredictiveمتوسط
10File/index.phppredictiveمتوسط
11File/loginpredictiveواطئ
12File/Product.phppredictiveمتوسط
13File/sys/kernel/notespredictiveعالي
14Fileactivate_jet_details_form_handler.phppredictiveعالي
15Fileadd-vehicle.phppredictiveعالي
16Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveعالي
17Filexxxxx/xxxxx/xxxxxxxxxxxx.xxxpredictiveعالي
18Filexxxxx/xxxxx/xxxxx.xxxpredictiveعالي
19Filexxxxx/xxxxxxxx/xxxxx.xxxpredictiveعالي
20Filexxxxx/xxxxx.xxxpredictiveعالي
21Filexxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveعالي
22Filexxxxxxx.xxxpredictiveمتوسط
23Filexxxxxxxxxxxxx.xxxpredictiveعالي
24Filexxxxxxxxxxx.xxxpredictiveعالي
25Filexxxxxxxxxxx.xxxpredictiveعالي
26Filexxxxxxxxx.xpredictiveمتوسط
27Filexxxxxxxxxxx.xxxpredictiveعالي
28Filexxxxxxxx.xxxpredictiveمتوسط
29Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveعالي
30Filexxxxx/xxx-xxxxxx.xpredictiveعالي
31Filexxxxx/xxx-xx-xxx.xpredictiveعالي
32Filexxx_xxx.xxxxpredictiveمتوسط
33Filexxxx_xxxxxxx.xxpredictiveعالي
34Filexxxxxxx/xxxxx/xxxxxxxx.xxxpredictiveعالي
35Filexxxxxxxxxxxxxx.xxxpredictiveعالي
36Filexxxxxxxxx.xxxpredictiveعالي
37Filexxxxxxx.xxxpredictiveمتوسط
38Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveعالي
39Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictiveعالي
40Filexx/xxxxx/xxxx-xx.xpredictiveعالي
41Filexx/xxxxx/xxxxxxxxxxx.xpredictiveعالي
42Filexx/xxxxx/xxxx-xxx.xpredictiveعالي
43Filexx/xxxx/xxxx.xpredictiveعالي
44Filexxxxxpredictiveواطئ
45Filexxxxx_xxxxxxpredictiveمتوسط
46Filexx/xxx/xxx_xx_xxx.xpredictiveعالي
47Filexxxxxxx/xxxxx/xxxxxx.xpredictiveعالي
48Filexxxxx.xpredictiveواطئ
49Filexxxxxx/xxx/xxxxxxx.xpredictiveعالي
50Filexxxxxx/xxx/xxxxx.xpredictiveعالي
51Filexxxxxx/xxx/xxxx.x:predictiveعالي
52Filexxxxxxx/xxxxxx.xxxpredictiveعالي
53Filexx/xxxx_xxxxx.xpredictiveعالي
54Filexx/xxxxxxxx.xpredictiveعالي
55Filexxx/xxxx/xxx.xpredictiveعالي
56Filexxx/xxxx/xxxxxx.xpredictiveعالي
57Filexxx/xxx/xxx_xxxxxx.xpredictiveعالي
58Filexxx/xxxxxxxxxxx/xxxx.xpredictiveعالي
59Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveعالي
60Filexxxxxxxxx.xxxpredictiveعالي
61Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveعالي
62Filexxxx_xxxxxx.xxpredictiveعالي
63Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveعالي
64Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveعالي
65Libraryxxxx.xxxpredictiveمتوسط
66Libraryxxxxxxx/xxxxx/xxxx.xpredictiveعالي
67Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveعالي
68Libraryxxx/xxx_xxxx.xpredictiveعالي
69Libraryxxx/xxxxxxxxxxxx.xpredictiveعالي
70Libraryxxx/xxxx_xxxxx.xpredictiveعالي
71Libraryxxx/xxx_xxxx.xpredictiveعالي
72Libraryxxx/xxxpredictiveواطئ
73Libraryxxx/xxxxxxxxxxx.xpredictiveعالي
74Libraryxxxxxxxx.xxxpredictiveمتوسط
75Libraryxxxx.xpredictiveواطئ
76Argumentxxxxxxpredictiveواطئ
77Argumentxxxxpredictiveواطئ
78Argumentxxxxxxxxxxxxxxxxpredictiveعالي
79Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveعالي
80Argumentxx-xxxxxxpredictiveمتوسط
81Argumentxxxxxxxxpredictiveمتوسط
82Argumentxxxxxxxxpredictiveمتوسط
83Argumentxx_xxxx_xxxpredictiveمتوسط
84Argumentxxxpredictiveواطئ
85Argumentxxxxxxx_xxxxpredictiveمتوسط
86Argumentxxxxpredictiveواطئ
87Argumentxxxxxx_xxxxpredictiveمتوسط
88Argumentxxxxxxxpredictiveواطئ
89Argumentx_xxxxpredictiveواطئ
90Argumentxxxxpredictiveواطئ
91Argumentxxpredictiveواطئ
92Argumentxxpredictiveواطئ
93Argumentxxxxxpredictiveواطئ
94Argumentxxx_xxpredictiveواطئ
95Argumentxxxxx_xxxpredictiveمتوسط
96Argumentxxxxxxxpredictiveواطئ
97Argumentxxxxxxxxpredictiveمتوسط
98Argumentxxxxxxxxxpredictiveمتوسط
99Argumentxxx_xxxxxxpredictiveمتوسط
100Argumentxxxxxxpredictiveواطئ
101Argumentxxxxxxxxpredictiveمتوسط
102Argumentxxx_xxxxxxpredictiveمتوسط
103Argumentxx_xxxxx_xxxxxxxpredictiveعالي
104Argumentxxx_xxxxpredictiveمتوسط
105Argumentxxxx_xxxxxx_xxxxxpredictiveعالي
106Argumentxxxxxxxpredictiveواطئ
107Argumentxxxxxxxpredictiveواطئ
108Argumentxxxxxxxx/xxxxxxpredictiveعالي
109Argumentxxxxxxxxxxxpredictiveمتوسط
110Argumentxxxx_xxxxxxx_xxxxpredictiveعالي
111Argumentxxxxpredictiveواطئ
112Argumentxxxx/xxxxxxxxpredictiveعالي
113Argumentxxxxxx xxxxxpredictiveمتوسط
114Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveعالي
115Argumentxxxx_xxxxxpredictiveمتوسط
116Argumentxxxx_xxxxpredictiveمتوسط
117Argumentxxxxxpredictiveواطئ
118Argumentx-xxxxxxxxx-xxxpredictiveعالي
التالي نظرة عامة السابق

Do you know our Splunk app?

Download it now for free!