القطاع Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Oracle252
Insteon80
Microsoft80
Not Defined38
AMD32

منتج

Insteon Hub80
Microsoft Windows68
AMD CPU32
Oracle Communications Cloud Native Core Binding Su ...30
Apple macOS26

معالجة

Official Fix594
Temporary Fix0
Workaround0
Unavailable0
Not Defined190

قابلية الاستغلال

High0
Functional2
Proof-of-Concept20
Unproven74
Not Defined688

متجه الوصول

Not Defined0
Physical8
Local56
Adjacent108
Network612

توثيق

Not Defined0
High64
Low360
None360

تفاعل المستخدم

Not Defined0
Required146
None638

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤432
≤5112
≤6104
≤7142
≤8180
≤978
≤10126

CVSSv3 Temp

≤10
≤20
≤312
≤446
≤5106
≤6124
≤7144
≤8188
≤9112
≤1052

VulDB

≤10
≤20
≤314
≤446
≤5114
≤6104
≤7130
≤8174
≤9148
≤1054

NVD

≤1624
≤20
≤30
≤42
≤512
≤616
≤714
≤826
≤98
≤1082

CNA

≤1498
≤20
≤30
≤48
≤58
≤632
≤740
≤890
≤9104
≤104

المجهز

≤1706
≤20
≤30
≤42
≤52
≤610
≤712
≤834
≤918
≤100

إكسبلويت ذات هجوم فوري

<1k40
<2k140
<5k116
<10k106
<25k246
<50k42
<100k94
≥100k0

إكسبلويت اليوم

<1k180
<2k188
<5k216
<10k74
<25k126
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en854
ja52
de24
fr22
es16

البلد

us196
it60
jp60
hu60
fr36

الفاعلين

SideWinder1
Cuba Ransomware1
Rocke1
Gh0stRAT1
Dealply1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Operating System38
Chip Software38
Database Software12
Cloud Software12
Software Library10

المجهز

MediaTek36
Microsoft26
Not Defined24
Linux14
Oracle8

منتج

Microsoft Windows22
MediaTek MT683320
MediaTek MT685320
MediaTek MT687320
MediaTek MT687720

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1SourceCodester Medical Certificate Generator App manage_record.php حقن إس كيو إل6.36.1$0-$5k$0-$5kNot DefinedNot Defined2.090.00000CVE-2023-0706
2IP Vault WP Firewall Plugin سكربتات مشتركة2.42.4$0-$5k$0-$5kNot DefinedNot Defined1.750.00000CVE-2022-47171
3ImageMagick PNG Image الكشف عن المعلومات4.34.3$0-$5k$0-$5kNot DefinedNot Defined1.480.00000CVE-2022-44268
4GNU C Library Call Graph Monitor gmon.c __monstartup تلف الذاكرة4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix3.80-0.00000CVE-2023-0687
5SourceCodester Medical Certificate Generator App function.php delete_record حقن إس كيو إل5.55.3$0-$5k$0-$5kNot DefinedNot Defined1.04+0.00000CVE-2023-0707
6ImageMagick PNG Image الحرمان من الخدمة4.34.3$0-$5k$0-$5kNot DefinedNot Defined1.010.00000CVE-2022-44267
7OpenBSD OpenSSH compat.c تلف الذاكرة5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix2.660.00950CVE-2023-25136
8SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service تجاوز الصلاحيات8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.91+0.00000CVE-2022-31254
9Microsoft Edge الحرمان من الخدمة3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix2.350.00000CVE-2023-21720
10Nextcloud Mail تجاوز الصلاحيات5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2023-23943
11Zyxel NBG-418N v2 Logs Page سكربتات مشتركة5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2022-45441
12Nextcloud Desktop Client QML Label سكربتات مشتركة4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2023-23942
13MediaTek CPU Boa تلف الذاكرة7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2021-31578
14MediaTek CPU Boa تجاوز الصلاحيات7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2021-31577
15Linux Kernel V4L2/Vivid Test Code الحرمان من الخدمة6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.570.00000CVE-2023-0615
16Calendar Event Management System حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.680.00890CVE-2023-0675
17MediaTek CPU Config Manager تجاوز الصلاحيات6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.540.00000CVE-2021-31574
18MailEnable Public Folder اجتياز الدليل7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.440.00885CVE-2022-42136
19Calendar Event Management System Login Page حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.340.00954CVE-2023-0663
20Western Digital My Cloud Firmware Upgrade توثيق ضعيف8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.70-0.00000CVE-2021-36226

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
145.86.162.0/24SideWinderpredictiveعالي
2XX.XXX.XXX.X/XXXxxxxxxpredictiveعالي
3XXX.XX.XX.X/XXXxxxxxxxpredictiveعالي
4XXX.XX.XXX.X/XXXxxxxpredictiveعالي
5XXX.XXX.XXX.X/XXXxxxxpredictiveعالي
6XXX.XXX.XXX.X/XXXxxxxpredictiveعالي
7XXX.X.XXX.X/XXXxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1059CWE-88, CWE-94Cross Site Scriptingpredictiveعالي
4T1059.007CWE-79Cross Site Scriptingpredictiveعالي
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary Privilegespredictiveعالي
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx Xxxxpredictiveعالي
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
11TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
12TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx Xxxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveعالي
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxpredictiveعالي
22TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/api/v1/registration/validateEmailpredictiveعالي
2File/app/dao/CustomerDAO.phppredictiveعالي
3File/CPEpredictiveواطئ
4File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveعالي
5File/Services/Misc.asmx/SearchTagpredictiveعالي
6File/setnetworksettings/IPAddresspredictiveعالي
7File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxpredictiveعالي
8File/xxxx/xxx/xxxxxxxxxxxpredictiveعالي
9Filexxxx.xpredictiveواطئ
10Filexxxxxx.xpredictiveمتوسط
11Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveعالي
12Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveعالي
13Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveعالي
14Filexx/xxxxx/xxxxxx.xpredictiveعالي
15Filexxxxxxxx.xxxpredictiveمتوسط
16Filexxxxxxxxxxxx.xxxpredictiveعالي
17Filexxxx.xpredictiveواطئ
18Filexxx_xxx.xpredictiveمتوسط
19Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveعالي
20Filexxx/xxxxx.xxxpredictiveعالي
21Filexx_xxxxx/xxxxxxxxx.xpredictiveعالي
22Filexx_xxxxx/xxxx.xpredictiveعالي
23Filexxxxxx_xxxxxx.xxxpredictiveعالي
24Filexxx.xxxpredictiveواطئ
25Filexxx/xxxx/xxx.xpredictiveعالي
26Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
27Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
28Filexxx/xxxxx/xxx_xxx.xpredictiveعالي
29Filexxxxxxx_xxxxxx_xxxxxxx.xxxpredictiveعالي
30Filexxxxxx/xxxx.xxpredictiveعالي
31Filexxxxx/xxxxxxxx.xpredictiveعالي
32Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveعالي
33Libraryxxxxxxx/xxxxxxxx.xxxpredictiveعالي
34Argumentxxxpredictiveواطئ
35Argumentxxxxpredictiveواطئ
36Argumentxxpredictiveواطئ
37Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveعالي
38Argumentxxxx/xxxpredictiveمتوسط
39Argumentxx_xxxpredictiveواطئ
40Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveعالي
41Argumentxxxxxxxpredictiveواطئ
42Argumentxxxxx/xxxpredictiveمتوسط
43Argumentxxxxxxxpredictiveواطئ
44Argumentxxxxxxx_xxxpredictiveمتوسط
45Argumentxxxxpredictiveواطئ
46Argumentxxxxxxxxpredictiveمتوسط
47Argumentxxxxxxxx/xxxxxxxxpredictiveعالي
التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!