Sektor Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Oś czasu

Sprzedawca

Not Defined66
Microsoft48
MediaTek34
Google30
Linux26

Produkt

Microsoft Windows34
Google Chrome30
MediaTek MT689530
MediaTek MT698330
Linux Kernel26

Przeciwdziałanie

Official Fix316
Temporary Fix0
Workaround0
Unavailable0
Not Defined94

Wykorzystywanie

High2
Functional0
Proof-of-Concept20
Unproven42
Not Defined346

Wektor dostępu

Not Defined0
Physical2
Local116
Adjacent56
Network236

Uwierzytelnianie

Not Defined0
High68
Low178
None164

Interakcja z użytkownikiem

Not Defined0
Required126
None284

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤434
≤576
≤676
≤7100
≤862
≤936
≤1010

CVSSv3 Temp

≤10
≤20
≤316
≤462
≤554
≤6134
≤754
≤874
≤910
≤106

VulDB

≤10
≤20
≤326
≤442
≤570
≤666
≤7112
≤856
≤928
≤1010

NVD

≤1410
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1266
≤20
≤34
≤46
≤520
≤620
≤726
≤842
≤914
≤1012

Sprzedawca

≤1364
≤20
≤30
≤40
≤50
≤64
≤72
≤818
≤916
≤106

Exploit 0-day

<1k64
<2k120
<5k38
<10k66
<25k48
<50k50
<100k24
≥100k0

Wykorzystaj dzisiaj

<1k178
<2k64
<5k58
<10k40
<25k70
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

IOB - Indicator of Behavior (1000)

Oś czasu

Język

en674
ja90
de44
ru40
ko34

Kraj

it108
us98
jp96
de70
ru60

Aktorzy

Tofsee3
Dealply1
Mirai1
Raccoon Stealer1
Ursnif1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Operating System36
Web Browser30
Chip Software18
Firewall Software14
Router Operating System12

Sprzedawca

Microsoft26
Google24
Linux24
Not Defined12
MediaTek8

Produkt

Google Chrome24
Linux Kernel24
Microsoft Windows12
MediaTek MT68958
MediaTek MT69838

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Fortinet FortiOS CLI Command directory traversal6.76.7$0-$5k$0-$5kNot DefinedNot Defined5.040.00043CVE-2022-41328
2D-Link DIR820LA1 privilege escalation8.07.7$5k-$25k$5k-$25kNot DefinedNot Defined1.760.00000CVE-2023-25279
3Fortinet FortiOS/FortiProxy Administrative Interface Remote Code Execution9.89.4$25k-$100k$5k-$25kNot DefinedOfficial Fix2.510.00000CVE-2023-25610
4SAP NetWeaver Application Server for Java Cache Management Service privilege escalation5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix1.610.00000CVE-2023-26460
5Apache HTTP Server mod_proxy privilege escalation5.04.8$5k-$25k$5k-$25kNot DefinedOfficial Fix1.790.00043CVE-2023-25690
6SAP NetWeaver Application Server for ABAP and ABAP Platform Error denial of service5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.160.00000CVE-2023-25618
7SAP NetWeaver Application Server for ABAP and ABAP Platform denial of service5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix1.130.00000CVE-2023-27270
8SAP NetWeaver Application Server Java for Classload Service weak authentication5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix1.070.00000CVE-2023-24526
9SAP NetWeaver Application Server for ABAP and ABAP Platform directory traversal7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.610.00000CVE-2023-27269
10Veeam Backup & Replication Service Port 9401 Veeam.Backup.Service.exe weak authentication4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.980.00043CVE-2023-27532
11Docker Desktop ECI Restriction Local Privilege Escalation7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.850.00000CVE-2023-0629
12Docker Desktop desktop URL privilege escalation5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.910.00000CVE-2023-0628
13SourceCodester Electronic Medical Records System Cookie administrator.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.780.00063CVE-2023-1151
14DrayTek Vigor 2960 mainfunction.cgi sub_1225C privilege escalation6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.690.00139CVE-2023-1162
15SourceCodester Health Center Patient Record Management System fecalysis_form.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.660.00052CVE-2023-1156
16SourceCodester Health Center Patient Record Management System login.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.660.00045CVE-2023-1253
17DrayTek Vigor 2960 mainfunction.cgi sub_1DA58 directory traversal4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.600.00078CVE-2023-1163
18SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.630.00060CVE-2023-1180
19Apache HTTP Server mod_proxy_uwsgi privilege escalation6.36.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.520.00043CVE-2023-27522
20SourceCodester Health Center Patient Record Management System birthing_print.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.540.00045CVE-2023-1254

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAktorRodzajPewność siebie
12.58.56.0/24Raccoon StealerpredictiveWysoki
2XX.XXX.XXX.X/XXXxxxxxxpredictiveWysoki
3XX.XX.XXX.X/XXXxxxxxpredictiveWysoki
4XXX.XX.X.X/XXXxxxxxpredictiveWysoki
5XXX.XX.XX.X/XXXxxxxxpredictiveWysoki
6XXX.XX.XX.X/XXXxxxxxpredictiveWysoki
7XXX.XXX.XXX.X/XXXxxxxxpredictiveWysoki
8XXX.XXX.XX.X/XXXxxxxpredictiveWysoki

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22, CWE-23Pathname TraversalpredictiveWysoki
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveWysoki
3T1055CWE-74InjectionpredictiveWysoki
4T1059CWE-94Cross Site ScriptingpredictiveWysoki
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveWysoki
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveWysoki
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
12TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveWysoki
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveWysoki
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
17TXXXXCWE-XXXXxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx XxxxxpredictiveWysoki
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveWysoki
19TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveWysoki
20TXXXX.XXXCWE-XXXXxx Xx Xxxx XxxxpredictiveWysoki
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveWysoki

IOA - Indicator of Attack (91)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/ajax/update_certificatepredictiveWysoki
2File/cgi-bin/mainfunction.cgipredictiveWysoki
3File/debugpredictiveNiski
4File/ResourceServicepredictiveWysoki
5File/web/api/app/Controller/HostController.phppredictiveWysoki
6File/web/index.phppredictiveWysoki
7File/zm/index.phppredictiveWysoki
8Fileadd.phppredictiveNiski
9Fileadmin/fecalysis_form.phppredictiveWysoki
10Fileadministrator.phppredictiveWysoki
11Filebirthing_print.phppredictiveWysoki
12Filexxxx.xpredictiveNiski
13Filexxxx.xpredictiveNiski
14Filexxxxxxxxxx/xxxx/xxxxxxxxxxxxxx.xxxpredictiveWysoki
15Filexxxxxxx/xxxxxxxxx/xxx_xxx.xpredictiveWysoki
16Filexxxxxxx/xxxx/xxx-xxx-xxxxxx.xpredictiveWysoki
17Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxxxx.xpredictiveWysoki
18Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxxx_xxxxxx.xpredictiveWysoki
19Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxxxx/xx_xxxxxx.xpredictiveWysoki
20Filexxxxxxx/xxx/xxxxx/xxxx.xpredictiveWysoki
21Filexxxxxxx/xxxx/xxx/xxx-xxxxxxxx.xpredictiveWysoki
22Filexxxxxxx/xxx/xxxx/xxxx_xxxx.xpredictiveWysoki
23Filexxxxxxx/xxx/xxx.xpredictiveWysoki
24Filexxxxxxx/xxx/xxxx/xxxx-xxxx.xpredictiveWysoki
25Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveWysoki
26Filexx/xx-xxxxxxxxx.xpredictiveWysoki
27Filexx/xxxx/xxxxxx.xpredictiveWysoki
28Filexx/xxxxx/xxxxxx.xpredictiveWysoki
29Filexx/xxxxx/xxx.xpredictiveWysoki
30Filexxx/xxxx.xxpredictiveMedium
31Filexxxxxxxxxx_xxxxx.xxxpredictiveWysoki
32Filexxxxxxxxxxx.xxpredictiveWysoki
33Filexxxxxx/xxxxxx/xxxxxxxxxx.xpredictiveWysoki
34Filexxxxxx/xxxxx/xx.xpredictiveWysoki
35Filexxx.xxxpredictiveNiski
36Filexxx-xxx/xxxxx.xpredictiveWysoki
37Filexxxxx.xxxpredictiveMedium
38Filexxxxxxxxxxxx.xxxpredictiveWysoki
39Filexx/xxxxxx-xxxxx.xpredictiveWysoki
40Filexxx/xxxx/xx_xxxx.xpredictiveWysoki
41Filexxxx-xxxx.xxpredictiveMedium
42Filexxx_xxxxx.xpredictiveMedium
43Filexxxxx/xxxx/xxxx/xxxx.xpredictiveWysoki
44Filexxxxx/xxxxxx.xpredictiveWysoki
45Filexxxxxx_xxxx.xxxpredictiveWysoki
46Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveWysoki
47Filexxx/xxxx/xxxxx.xxxpredictiveWysoki
48Filexxxxxx.xxxpredictiveMedium
49Filexxxx/xxxx.xxpredictiveMedium
50Library/xxx/xxxxxx/xxx/xxxxxx_xxxxxxxxxx.xxxpredictiveWysoki
51Libraryx.xxxpredictiveNiski
52Libraryxxxxxx.xxxpredictiveMedium
53Libraryxxxxxx.xxxpredictiveMedium
54Libraryxxxx.xxxpredictiveMedium
55Argumentxxxxx_xxxxxx_xxxxpredictiveWysoki
56Argumentxxxxx_xxpredictiveMedium
57ArgumentxxxxxxxxpredictiveMedium
58ArgumentxxxxxxxpredictiveNiski
59ArgumentxxxxxxxxxxxxpredictiveMedium
60Argumentxxxx_xxxxx_xxx_xxxxx_xxxxxxxxpredictiveWysoki
61Argumentxxx_xxx_xxxxx_xxx_xx_xxxxxpredictiveWysoki
62Argumentxxxx_xxxx_xxxxxx_xxx_xxx_xxxxxxxpredictiveWysoki
63Argumentxxxx/xxxxxxpredictiveMedium
64ArgumentxxxxxxxxpredictiveMedium
65Argumentxxxxxx[xxxxx][xxxxx][x][xxxx]predictiveWysoki
66Argumentxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxx/xxxxxxxxxxx/xxxxxx xxxxxxxx/xxxxxx xxxxxxpredictiveWysoki
67Argumentxxxxxxx__xxxpredictiveMedium
68Argumentxxx_xxpredictiveNiski
69ArgumentxxxxxxxxpredictiveMedium
70Argumentxxxxxx_xxxxpredictiveMedium
71Argumentxxx_xxpredictiveNiski
72ArgumentxxxxxxxxpredictiveMedium
73ArgumentxxxxxxxxxxxpredictiveMedium
74ArgumentxxxxxxxxxxxxxxpredictiveWysoki
75Argumentxxxx_xxx_xxxx_xxxxpredictiveWysoki
76Argumentxxxxxx_xxx_xxxx_xxxxpredictiveWysoki
77Argumentxx_xxxx_xxxxxx_xx_xxxxpredictiveWysoki
78ArgumentxxxxxxpredictiveNiski
79ArgumentxxxxxpredictiveNiski
80ArgumentxxxxxxxxpredictiveMedium
81Argumentxxxxxxxxx_xxxpredictiveWysoki
82Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveWysoki
83Argumentxxxxxx_xxxxxxxxpredictiveWysoki
84ArgumentxxxpredictiveNiski
85ArgumentxxxxxxpredictiveNiski
86ArgumentxxxxxxxxpredictiveMedium
87ArgumentxxxxxxxxpredictiveMedium
88Argumentxxxx_xxpredictiveNiski
89ArgumentxxxxpredictiveNiski
90Input Value"><xxxxxx>xxxxxx(x)</xxxxxx>predictiveWysoki
91Input Value/../xxx/xxxxxxxxpredictiveWysoki
PoprzedniPrzeglądKolejny

Might our Artificial Intelligence support you?

Check our Alexa App!