部门 Hospital

Timeframe: -28 days

Default Categories (70): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Big Data Software, Billing Software, Calendar Software, Chip Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Health Information Software, Hospitality Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Medical Device Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Supplier Relationship Management Software, Supply Chain Management Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Warehouse Management System Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

时间轴

供应商

Linux190
Microsoft66
Foxit64
Apple62
Not Defined30

产品

Linux Kernel190
Foxit PDF Reader64
Apple macOS54
Microsoft Windows42
Qualcomm Snapdragon22

修正

Official Fix562
Temporary Fix0
Workaround4
Unavailable0
Not Defined102

易受攻击性

High2
Functional0
Proof-of-Concept22
Unproven50
Not Defined594

访问向量

Not Defined0
Physical6
Local128
Adjacent238
Network296

身份验证

Not Defined0
High46
Low360
None262

用户交互

Not Defined0
Required184
None484

C3BM Index

CVSSv3 Base

≤10
≤20
≤320
≤454
≤5120
≤6200
≤7134
≤890
≤938
≤1012

CVSSv3 Temp

≤10
≤20
≤322
≤458
≤5120
≤6286
≤784
≤872
≤914
≤1012

VulDB

≤10
≤22
≤320
≤468
≤5122
≤6190
≤7134
≤890
≤932
≤1010

NVD

≤1668
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1518
≤20
≤30
≤44
≤522
≤612
≤722
≤846
≤928
≤1016

供应商

≤1614
≤20
≤30
≤40
≤50
≤68
≤76
≤824
≤916
≤100

零日攻击

<1k26
<2k198
<5k56
<10k210
<25k110
<50k44
<100k24
≥100k0

本日攻击

<1k280
<2k160
<5k132
<10k44
<25k50
<50k2
<100k0
≥100k0

攻击市场容量

IOB - Indicator of Behavior (1000)

时间轴

语言

en756
zh64
de48
fr34
ja20

国家/地区

us162
cn150
de54
fr24
gb22

演员

Cobalt Strike4
Mirai2
AsyncRAT1
Viper RAT1
Sliver1

活动

利益

时间轴

类型

Operating System68
Router Operating System22
Document Reader Software20
Web Browser20
Cloud Software12

供应商

Linux38
Apple26
Foxit18
Not Defined18
Microsoft18

产品

Linux Kernel38
Apple macOS24
Foxit PDF Reader18
Cisco IOS XE10
Microsoft Windows6

漏洞

#漏洞BaseTemp0day今天修正CTIEPSSCVE
1Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError 跨网站脚本3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00000CVE-2017-20191
2Integrate Google Drive Plugin Setting 权限升级7.37.1$0-$5k$0-$5kNot DefinedNot Defined1.130.00043CVE-2024-2086
3code-projects Online Book System cart.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-3003
4code-projects Online Book System description.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-3002
5code-projects Online Book System Product.php 跨网站脚本3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-3004
6code-projects Online Book System Product.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.390.00045CVE-2024-3001
7Linux Kernel push-switch flush_work 内存损坏8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.100.00043CVE-2023-52629
8code-projects Online Book System index.php SQL注入7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.340.00045CVE-2024-3000
9D-Link DIR-3040us A1 FTP Server 内存损坏7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined0.460.00045CVE-2024-27619
10All In One WP Security & Firewall Plugin 跨网站请求伪造4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.350.00043CVE-2024-30468
11xzs-mysql 弱身份验证3.73.6$5k-$25k$5k-$25kNot DefinedNot Defined0.690.00043CVE-2024-29401
12ThimPress WP Hotel Booking Plugin 权限升级6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.150.00043CVE-2024-30508
13Nextcloud NextcloudPi Web-Panel 权限升级9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.300.00043CVE-2024-30247
14Huashi Private Cloud CDN Live Streaming Acceleration Server ipping.php Privilege Escalation6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.200.00043CVE-2024-31032
15Backup Bolt Plugin 信息公开5.35.1$0-$5k$0-$5kNot DefinedNot Defined0.640.00043CVE-2023-7236
16Linux Kernel __tracing_map_insert 权限升级4.64.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.540.00044CVE-2024-26645
17code-projects Mobile Shop Login Page Details.php SQL注入7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00045CVE-2024-2927
18zephyrproject-rtos Zephyr BLE 内存损坏6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.530.00043CVE-2024-3077
19Apple macOS App 权限升级5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.270.00044CVE-2023-42947
20Apple macOS App 信息公开3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00044CVE-2023-42936

IOC - Indicator of Compromise (27)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP range参与者类型可信度
12.57.122.0/24Miraipredictive
23.75.178.0/24Cobalt Strikepredictive
35.42.65.0/24Zusypredictive
4X.XXX.XX.X/XXXxxxxx Xxxxxxpredictive
5X.XXX.XX.X/XXXxxxxx Xxxxxxpredictive
6X.XXX.XXX.X/XXXxxxxxxxxpredictive
7X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
8X.XXX.XXX.X/XXXxxxxxxxxpredictive
9X.XXX.XXX.X/XXXxxxxpredictive
10X.XXX.XXX.X/XXXxxxxxpredictive
11X.XXX.XXX.X/XXXxxxxpredictive
12X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
13X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
14X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
15X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
16X.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
17XX.XXX.XXX.X/XXXxxxxxxxpredictive
18XX.XXX.XXX.X/XXXxxxxxxpredictive
19XX.XX.XXX.X/XXXxxxxpredictive
20XXX.XX.XXX.X/XXXxxxxpredictive
21XXX.XX.XXX.X/XXXxxxxxxxpredictive
22XXX.XX.XX.X/XXXxxxx Xxxpredictive
23XXX.XXX.XXX.X/XXXxxxxx Xxxxxxpredictive
24XXX.XX.XX.X/XXXxxxxxx Xxxxxxpredictive
25XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictive
26XXX.XX.XXX.X/XXXxxxxx Xxxpredictive
27XXX.XXX.XXX.X/XXXxxxxxx Xxxxxxxpredictive

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22, CWE-23Path Traversalpredictive
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CWE-94Argument Injectionpredictive
4T1059.007CWE-79Cross Site Scriptingpredictive
5T1068CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary Privilegespredictive
6TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
8TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictive
9TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
10TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
12TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictive
13TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
14TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
15TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
17TXXXX.XXXCWE-XXXXxxxxxxxpredictive
18TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
19TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
21TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (78)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/cart.phppredictive
2File/cgi-bin/gui.cgipredictive
3File/description.phppredictive
4File/Employer/DeleteJob.php?JobId=1predictive
5File/index.phppredictive
6File/login.phppredictive
7File/Product.phppredictive
8File/secret_coder.sqlpredictive
9File/setup.cgipredictive
10FileadminFormvalidation.phppredictive
11Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictive
12Filexxxx/xxx/xxx/xxx/xxxxxx.xpredictive
13Filexxxxxxx.xxxpredictive
14Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictive
15Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictive
16Filexx/xxxxx/xxxxxxxxxxx.xpredictive
17Filexx/xxxxx/xxxx-xxx.xpredictive
18Filexx/xxxx/xxxxxxx_xxxxxx.xpredictive
19Filexx/xxx/xxx_xxxx.xpredictive
20Filexx/xxx/xxx_xxxxx.xpredictive
21Filexx/xxx/xxx_xxxx.xpredictive
22Filexxx_xxx_xxxx.xpredictive
23Filexxxxxxx/xxxxx/xxxx.xpredictive
24Filexxxxxx/xxx/xxxxxxx.xpredictive
25Filexxxxxx.xpredictive
26Filexxxxx.xxxpredictive
27Filexxxxx.xxxpredictive
28Filexxxxxxx/xxxxxx.xxxpredictive
29Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictive
30Filexx/xxxx_xxxxx.xpredictive
31Filexxx/xxxx/xxx.xpredictive
32Filexxx/xxxx/xxxxxx.xpredictive
33Filexxx/xxxx/xxxxx.xpredictive
34Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictive
35Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictive
36Filexxx/xxxxxxxxxxx/xxxx.xpredictive
37Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
38Filexxxxx.xxxpredictive
39Filexxx.xxxxxxpredictive
40Filexxxxxx.xxxpredictive
41Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
42Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictive
43Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictive
44Libraryxxxxxxx/xxxxx/xxx.xpredictive
45Libraryxxxxxxx/xxxxx/xxxx.xpredictive
46Libraryxxxxxxx/xxx/xxxx_xxx.xpredictive
47Libraryxxxx_xx.xxpredictive
48Libraryxxx/xxx_xxxx.xpredictive
49Libraryxxx/xxxx_xxxxx.xpredictive
50Libraryxxx/xxxxxxxx.xpredictive
51Libraryxxx/xxxpredictive
52Libraryxxx/xxxxxxxx.xpredictive
53Libraryxxxxx.xxxpredictive
54Argumentxxxxxxxxx/xxxxxx/xxxxxx xx/xxxxxx xxépredictive
55Argumentxxxxxxxxpredictive
56Argumentxxxxxpredictive
57Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictive
58Argumentxxxxxx_xxxxpredictive
59Argumentx_xxxxpredictive
60Argumentxxpredictive
61Argumentxxpredictive
62Argumentxxxxxxxpredictive
63Argumentxxxx_xxxxpredictive
64Argumentxxxxpredictive
65Argumentxxxxx[]predictive
66Argumentxxxxxxpredictive
67Argumentxxx_xxxxxxpredictive
68Argumentxx_xxxxx_xxxxxxxpredictive
69Argumentxxxx_xxxxxx_xxxxxpredictive
70Argumentxxxxxxxpredictive
71Argumentxxxxxxxx/xxxxxxpredictive
72Argumentxxxxxpredictive
73Argumentxxxxxxpredictive
74Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictive
75Argumentxxx/xxxxxxpredictive
76Argumentxxxxxxxxpredictive
77Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
78Argumentxxxxxpredictive
上一步一览下一步

Do you know our Splunk app?

Download it now for free!