Settore Hospitalinfo

Timeframe: -14 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Prodotto

Linux Kernel122
IrfanView76
Mozilla Firefox22
Zabbix14
1000 Projects Beauty Parlour Management System14

Contromisure

Official Fix380
Temporary Fix0
Workaround0
Unavailable0
Not Defined106

Sfruttabilità

High6
Functional0
Proof-of-Concept34
Unproven0
Not Defined446

Accesso al vettore

Not Defined0
Physical10
Local36
Adjacent134
Network306

Autenticazione

Not Defined0
High40
Low230
None216

Interazione dell'utente

Not Defined0
Required172
None314

C3BM Index

CVSSv3 Base

≤10
≤22
≤310
≤450
≤5106
≤694
≤7108
≤880
≤928
≤108

CVSSv3 Temp

≤10
≤22
≤312
≤450
≤5108
≤6176
≤746
≤866
≤918
≤108

VulDB

≤10
≤28
≤312
≤466
≤5100
≤680
≤7110
≤894
≤98
≤108

NVD

≤1452
≤20
≤30
≤40
≤56
≤616
≤70
≤812
≤90
≤100

CNA

≤1308
≤22
≤36
≤416
≤518
≤632
≤728
≤830
≤926
≤1020

Fornitore

≤1486
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k70
<2k54
<5k210
<10k38
<25k88
<50k22
<100k4
≥100k0

Exploiter aujourd'hui

<1k284
<2k62
<5k92
<10k42
<25k6
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en882
fr58
de22
ja18
es10

Nazione

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

QNAP QTS20
QNAP QuTS hero20
Mozilla Thunderbird18
Zabbix16
Mozilla Firefox16

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
17-Zip Zstandard Decompression buffer overflow6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000434.04CVE-2024-11477
2code-projects Crud Operation System add.php cross site scripting5.75.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.72CVE-2024-11820
31000 Projects Portfolio Management System MCA forgot_password_process.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.72CVE-2024-11819
4Zabbix API Endpoint escalazione di privilegi5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000001.43CVE-2024-36467
51000 Projects Portfolio Management System MCA register.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.04CVE-2024-11744
6Red Hat Fast Datapath for RHEL/Enterprise Linux API escalazione di privilegi3.93.9$0-$5k$0-$5kNot DefinedNot Defined0.000001.09CVE-2024-52337
7Red Hat Enterprise Linux/OpenShift Container Platform cri-o escalazione di privilegi7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000001.09-CVE-2024-8676
8Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN URL directory traversal6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.83CVE-2024-11667
9Mozilla Thunderbird buffer overflow7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.74CVE-2024-11699
10Zabbix API addRelatedObjects sql injection8.18.1$0-$5k$0-$5kNot DefinedNot Defined0.000000.61+CVE-2024-42327
11Mozilla Firefox Apple GPU Driver buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.70CVE-2024-11691
121000 Projects Beauty Parlour Management System search-appointment.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.70CVE-2024-11649
13Apache Tomcat ServerAuthContext Component Remote Code Execution7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.96CVE-2024-52316
14Zabbix SNMP Trap Log Parser escalazione di privilegi3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.56+CVE-2024-42332
15Mozilla Thunderbird Apple GPU Driver buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.78CVE-2024-11691
16Mozilla Thunderbird SEC_ASN1DecodeItem_Util denial of service4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.65CVE-2024-11706
17Zabbix Media Type Export escalazione di privilegi2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.57+CVE-2024-36464
18Mozilla Firefox library-ms File escalazione di privilegi4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.70CVE-2024-11693
19Mozilla Firefox URL escalazione di privilegi4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.74CVE-2024-11695
20Mozilla Firefox Dropdown escalazione di privilegi4.34.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.74CVE-2024-11692

IOC - Indicator of Compromise (34)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
15.255.115.0/24IcedIDpredictiveAlto
223.129.64.0/24Prophet SpiderpredictiveAlto
323.239.16.0/24NSO GrouppredictiveAlto
443.155.160.0/24ConfickerpredictiveAlto
5XX.XX.XX.X/XXXxxxx XxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxpredictiveAlto
7XX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
8XX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
9XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
10XX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
11XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
12XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
13XX.XXX.XX.X/XXXxxxxxpredictiveAlto
14XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
15XXX.XXX.XX.X/XXXxxxxpredictiveAlto
16XXX.XX.XXX.X/XXXxxxxxxxxpredictiveAlto
17XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
18XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
19XXX.XX.XXX.X/XXXxxxxxxxxxxxpredictiveAlto
20XXX.XX.XX.X/XXXxxxxxx XxxxxxpredictiveAlto
21XXX.XX.XXX.X/XXXxxxxpredictiveAlto
22XXX.XX.XX.X/XXXxxxxxpredictiveAlto
23XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
24XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
25XXX.XXX.XXX.X/XXXxxxxxxxxxpredictiveAlto
26XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
27XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
28XXX.XXX.XXX.X/XXXxxxxxxxpredictiveAlto
29XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
30XXX.XX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
31XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
32XXX.XXX.XXX.X/XXXxxxpredictiveAlto
33XXX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
34XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-24, CWE-35Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-XXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
10TXXXXCWE-XXXXXxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxx Xx X Xxxxxxxx XxxxxxpredictiveAlto
11TXXXXCAPEC-XCWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
12TXXXXCAPEC-XXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveAlto
13TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveAlto
14TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
17TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxxpredictiveAlto
18TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxxxxxpredictiveAlto
19TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
20TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
21TXXXXCAPEC-XXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveAlto
22TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
23TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveAlto
24TXXXX.XXXCAPEC-XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
25TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (75)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/add.phppredictiveMedia
2File/adicionar-cliente.phppredictiveAlto
3File/admin/about-us.phppredictiveAlto
4File/admin/add-customer.phppredictiveAlto
5File/admin/add-services.phppredictiveAlto
6File/admin/edit-services.phppredictiveAlto
7File/admin/forgot-password.phppredictiveAlto
8File/admin/index.phppredictiveAlto
9File/admin/search-appointment.phppredictiveAlto
10File/xxxxx/xxxx-xxxxxxxxxxx.xxxpredictiveAlto
11File/xxx/xxx-xxxxxxx/xxxxx/xxxxxxxxpredictiveAlto
12File/xxxxxx/xxxxxxxxxxxxxxxpredictiveAlto
13File/xxxx_xxx.xxxpredictiveAlto
14File/xxx/xxxxxxxxxxxxpredictiveAlto
15File/xxxxxx-xxxxxxx.xxxpredictiveAlto
16File/xxxxxx-xxxxxxx.xxxpredictiveAlto
17File/xxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveAlto
18File/xxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveAlto
19File/xxxxxxxxxxxx.xxxpredictiveAlto
20File/x/xxxxpredictiveBasso
21File/xxxxx.xxxpredictiveMedia
22File/xxxxx/xxxxxxxxxxx.xxxpredictiveAlto
23File/xxxxxx/xxxxxxxx/xxxxxpredictiveAlto
24File/xxxxxxxxxx/xxxxxxxxxxpredictiveAlto
25File/xxxxxxxx.xxxpredictiveAlto
26File/xxxxxx.xxxpredictiveMedia
27File/xxx/xxxxxx/xxxxx/xxx/xxx_xxxpredictiveAlto
28File/xxxxxx/xxxxxxxxxxpredictiveAlto
29Filexxxxxxx.xpredictiveMedia
30Filexxxxxx/xxxxxxxxxxxx/predictiveAlto
31Filexxxxxxx/xxx/xxxx/xxx-xxxxxx.xpredictiveAlto
32Filexxxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
33Filexxxxxxx/xxxxx/xxx/xxxx/xxxx_xxx.xpredictiveAlto
34Filexxxxxxx/xxx/xxx-xxx-xxxx.xpredictiveAlto
35Filexxxxxxx/xxxxxxx/xxxxx/xxxxxx/xxxxxx_xx.xpredictiveAlto
36Filexxxxx-xxxx.xxpredictiveAlto
37Filexxxxxx/xxxxxxx/xxxxx.xpredictiveAlto
38Filexxx/xxxx/xxx.xpredictiveAlto
39Filexxx/xxxx/xx_xxxxxx.xpredictiveAlto
40Filexxx/xxxxx/xxxxx.xpredictiveAlto
41Filexxxxxxx/xxxxxxxxxx/xxxxxxx.xxpredictiveAlto
42Filexxxxxxx.xxxpredictiveMedia
43Filexxxxx.xxxpredictiveMedia
44Filexxxxxxxxxxxxx.xxxpredictiveAlto
45Filexxxxxxx.xxxpredictiveMedia
46Filexxxxxx.xxxpredictiveMedia
47Libraryxxx/xxxxxxx_xxxxx_xxxxxx.xpredictiveAlto
48Libraryxxx/xxxx_xxxxx.xpredictiveAlto
49Libraryxxx/xxxx/xxxxxxxx/xxxxxxx.xpredictiveAlto
50Libraryxxx/xxxx/xxxxxxxx/xxxxx.xpredictiveAlto
51ArgumentxxxxpredictiveBasso
52ArgumentxxxxxpredictiveBasso
53Argumentxxxxx/xx_xx/xxxxxx/xxxxx/xxxxx/xxxxxxxxpredictiveAlto
54Argumentxxx_xxx/xxxxx_xxxpredictiveAlto
55ArgumentxxpredictiveBasso
56Argumentxx_xxxpredictiveBasso
57ArgumentxxpredictiveBasso
58ArgumentxxxxpredictiveBasso
59Argumentxxxx/xxx/xxxxxxxxxxxxxxpredictiveAlto
60ArgumentxxxxpredictiveBasso
61ArgumentxxxxxxxxpredictiveMedia
62ArgumentxxxxxxxxxpredictiveMedia
63ArgumentxxxxxpredictiveBasso
64Argumentxxxxxx xxxxpredictiveMedia
65ArgumentxxxxxxxxpredictiveMedia
66ArgumentxxxxxxxxxxpredictiveMedia
67ArgumentxxxxxxxpredictiveBasso
68ArgumentxxxxxxxxxxxxxxxxxxpredictiveAlto
69ArgumentxxxxxxpredictiveBasso
70ArgumentxxxpredictiveBasso
71ArgumentxxxxxxxxpredictiveMedia
72ArgumentxxxxxxxxpredictiveMedia
73ArgumentxxxxpredictiveBasso
74ArgumentxxxxxxpredictiveBasso
75Input Value<xxx%xxxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveAlto

This view requires CTI permissions

Just purchase a CTI license today!