Sektor Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Tidslinje

Säljare

Oracle238
Insteon100
Microsoft100
Not Defined48
Juniper30

Produkt

Insteon Hub100
Microsoft Windows78
AMD CPU28
Oracle Communications Cloud Native Core Binding Su ...26
Juniper Junos OS26

Åtgärd

Official Fix592
Temporary Fix0
Workaround0
Unavailable0
Not Defined192

Utnyttjbarhet

High0
Functional2
Proof-of-Concept12
Unproven94
Not Defined676

Åtkomstvektor

Not Defined0
Physical6
Local60
Adjacent102
Network616

Autentisering

Not Defined0
High66
Low378
None340

Användarinteraktion

Not Defined0
Required124
None660

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤448
≤576
≤682
≤7148
≤8186
≤990
≤10144

CVSSv3 Temp

≤10
≤20
≤312
≤458
≤568
≤6110
≤7156
≤8192
≤9134
≤1054

VulDB

≤10
≤20
≤318
≤452
≤580
≤682
≤7146
≤8172
≤9174
≤1060

NVD

≤1628
≤20
≤30
≤40
≤58
≤616
≤716
≤810
≤916
≤1090

CNA

≤1470
≤20
≤30
≤42
≤510
≤614
≤738
≤8114
≤9126
≤1010

Säljare

≤1686
≤20
≤30
≤40
≤54
≤64
≤716
≤852
≤922
≤100

Utnyttja 0-dagars

<1k34
<2k134
<5k142
<10k98
<25k222
<50k46
<100k108
≥100k0

Utnyttja idag

<1k170
<2k214
<5k178
<10k80
<25k140
<50k2
<100k0
≥100k0

Utnyttja marknadsvolymen

IOB - Indicator of Behavior (1000)

Tidslinje

Lang

en850
ja50
de34
fr20
es12

Land

us168
jp66
hu56
it46
de38

Skådespelare

Dealply1
Conti1
TA5051
SideWinder1
Cuba Ransomware1

Aktiviteter

Intressera

Tidslinje

Typ

Chip Software38
Operating System28
Cloud Software22
Firewall Software12
Database Software10

Säljare

MediaTek36
Microsoft24
Not Defined22
Linux12
Nextcloud10

Produkt

MediaTek MT687918
MediaTek MT689518
Microsoft Windows16
MediaTek MT683316
MediaTek MT685316

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemCTIEPSSCVE
1SourceCodester Medical Certificate Generator App manage_record.php sql injektion6.36.1$0-$5k$0-$5kNot DefinedNot Defined2.090.00000CVE-2023-0706
2IP Vault WP Firewall Plugin cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined1.750.00000CVE-2022-47171
3ImageMagick PNG Image informationsgivning4.34.3$0-$5k$0-$5kNot DefinedNot Defined1.480.00000CVE-2022-44268
4GNU C Library Call Graph Monitor gmon.c __monstartup minneskorruption4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix3.80-0.00000CVE-2023-0687
5SourceCodester Medical Certificate Generator App function.php delete_record sql injektion5.55.3$0-$5k$0-$5kNot DefinedNot Defined1.04+0.00000CVE-2023-0707
6ImageMagick PNG Image förnekande av tjänsten4.34.3$0-$5k$0-$5kNot DefinedNot Defined1.010.00000CVE-2022-44267
7OpenBSD OpenSSH compat.c minneskorruption5.65.4$5k-$25k$5k-$25kNot DefinedOfficial Fix2.660.00950CVE-2023-25136
8SUSE Linux Enterprise Server/Manager Server rmt-server-regsharing Service privilegier eskalering8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.91+0.00000CVE-2022-31254
9Microsoft Edge förnekande av tjänsten3.13.0$25k-$100k$5k-$25kNot DefinedOfficial Fix2.350.00000CVE-2023-21720
10Nextcloud Mail privilegier eskalering5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2023-23943
11Zyxel NBG-418N v2 Logs Page cross site scripting5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.740.00000CVE-2022-45441
12Nextcloud Desktop Client QML Label cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2023-23942
13MediaTek CPU Boa minneskorruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2021-31578
14MediaTek CPU Boa privilegier eskalering7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.810.00000CVE-2021-31577
15Linux Kernel V4L2/Vivid Test Code förnekande av tjänsten6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.570.00000CVE-2023-0615
16Calendar Event Management System sql injektion6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.680.00890CVE-2023-0675
17MediaTek CPU Config Manager privilegier eskalering6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.540.00000CVE-2021-31574
18MailEnable Public Folder kataloggenomgång7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.440.00885CVE-2022-42136
19Calendar Event Management System Login Page sql injektion7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.340.00954CVE-2023-0663
20Western Digital My Cloud Firmware Upgrade svag autentisering8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix2.70-0.00000CVE-2021-36226

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeSkådespelareTypFörtroende
145.86.162.0/24SideWinderpredictiveHög
2XX.XXX.XXX.X/XXXxxxxxxpredictiveHög
3XXX.XX.XX.X/XXXxxxxxxxpredictiveHög
4XXX.XX.XXX.X/XXXxxxxpredictiveHög
5XXX.XXX.XXX.X/XXXxxxxpredictiveHög
6XXX.XXX.XXX.X/XXXxxxxpredictiveHög
7XXX.X.XXX.X/XXXxxxxpredictiveHög

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22, CWE-23Pathname TraversalpredictiveHög
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHög
3T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHög
4T1059.007CWE-79Cross Site ScriptingpredictiveHög
5T1068CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHög
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHög
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHög
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHög
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
10TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
11TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHög
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHög
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveHög
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHög
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHög
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHög
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHög
21TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHög
22TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/api/v1/registration/validateEmailpredictiveHög
2File/app/dao/CustomerDAO.phppredictiveHög
3File/CPEpredictiveLåg
4File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveHög
5File/Services/Misc.asmx/SearchTagpredictiveHög
6File/setnetworksettings/IPAddresspredictiveHög
7File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxpredictiveHög
8File/xxxx/xxx/xxxxxxxxxxxpredictiveHög
9Filexxxx.xpredictiveLåg
10Filexxxxxx.xpredictiveMedium
11Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictiveHög
12Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHög
13Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveHög
14Filexx/xxxxx/xxxxxx.xpredictiveHög
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxxxxxxxxxxx.xxxpredictiveHög
17Filexxxx.xpredictiveLåg
18Filexxx_xxx.xpredictiveMedium
19Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHög
20Filexxx/xxxxx.xxxpredictiveHög
21Filexx_xxxxx/xxxxxxxxx.xpredictiveHög
22Filexx_xxxxx/xxxx.xpredictiveHög
23Filexxxxxx_xxxxxx.xxxpredictiveHög
24Filexxx.xxxpredictiveLåg
25Filexxx/xxxx/xxx.xpredictiveHög
26Filexxx/xxxxx/xxx_xxx.xpredictiveHög
27Filexxx/xxxxx/xxx_xxx.xpredictiveHög
28Filexxx/xxxxx/xxx_xxx.xpredictiveHög
29Filexxxxxxx_xxxxxx_xxxxxxx.xxxpredictiveHög
30Filexxxxxx/xxxx.xxpredictiveHög
31Filexxxxx/xxxxxxxx.xpredictiveHög
32Library/xxxx/xxxxx/xxx/xxxxxxx_xxx.xpredictiveHög
33Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHög
34ArgumentxxxpredictiveLåg
35ArgumentxxxxpredictiveLåg
36ArgumentxxpredictiveLåg
37Argumentxxxx_xxxxx_xxxxxxxxxxpredictiveHög
38Argumentxxxx/xxxpredictiveMedium
39Argumentxx_xxxpredictiveLåg
40Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveHög
41ArgumentxxxxxxxpredictiveLåg
42Argumentxxxxx/xxxpredictiveMedium
43ArgumentxxxxxxxpredictiveLåg
44Argumentxxxxxxx_xxxpredictiveMedium
45ArgumentxxxxpredictiveLåg
46ArgumentxxxxxxxxpredictiveMedium
47Argumentxxxxxxxx/xxxxxxxxpredictiveHög
TidigareÖversiktNästa

Do you know our Splunk app?

Download it now for free!