Comparison Overview

Carelon Research

VS

Imperial College London

Carelon Research

123 Justison Street, Wilmington, DE, 19801, US
Last Update: 2025-03-04 (UTC)
Between 800 and 900
http://www.carelonresearch.com

Strong

Carelon Research is the trusted partner for healthcare research. As a subsidiary of Elevance Health, one of the nationโ€™s largest health insurers, we work with life sciences companies, government agencies, and academic research leaders to solve healthcare challenges with a powerful combination of expertise, data, and relationships. As we uncover and apply insights to drugs, devices, and programs, together we make healthcare work for patients.

NAICS: 5417
NAICS Definition: Scientific Research and Development Services
Employees: 0
Subsidiaries: 22
12-month incidents
0
Known data breaches
5
Attack type number
3

Imperial College London

South Kensington Campus, London, undefined, SW7 2AZ, GB
Last Update: 2025-05-05 (UTC)

Strong

Between 800 and 900
http://www.imperial.ac.uk/

Consistently rated in the top 10 universities in the world, Imperial College London is the only university in the UK to focus exclusively on science, medicine, engineering and business. At Imperial we bring together people, disciplines, industries and sectors to further our understanding of the natural world, solve major engineering problems, lead the data revolution and improve health and well-being.

NAICS: 5417
NAICS Definition: Scientific Research and Development Services
Employees: 16,700
Subsidiaries: 29
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/healthcore-inc..jpeg
Carelon Research
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/imperial-college-london.jpeg
Imperial College London
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Carelon Research
100%
Compliance Rate
0/4 Standards Verified
Imperial College London
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for Carelon Research in 2025.

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for Imperial College London in 2025.

Incident History โ€” Carelon Research (X = Date, Y = Severity)

Carelon Research cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Imperial College London (X = Date, Y = Severity)

Imperial College London cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/healthcore-inc..jpeg
Carelon Research
Incidents

Date Detected: 10/2022
Type:Breach
Blog: Blog

Date Detected: 10/2021
Type:Breach
Attack Vector: Theft
Blog: Blog

Date Detected: 8/2021
Type:Breach
Attack Vector: Physical Break-In (Vendor Office)
Blog: Blog
https://images.rankiteo.com/companyimages/imperial-college-london.jpeg
Imperial College London
Incidents

No Incident

FAQ

Both Carelon Research company and Imperial College London company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Carelon Research company has historically faced a number of disclosed cyber incidents, whereas Imperial College London company has not reported any.

In the current year, Imperial College London company and Carelon Research company have not reported any cyber incidents.

Carelon Research company has confirmed experiencing a ransomware attack, while Imperial College London company has not reported such incidents publicly.

Carelon Research company has disclosed at least one data breach, while the other Imperial College London company has not reported such incidents publicly.

Carelon Research company has reported targeted cyberattacks, while Imperial College London company has not reported such incidents publicly.

Neither Carelon Research company nor Imperial College London company has reported experiencing or disclosing vulnerabilities publicly.

Imperial College London company has more subsidiaries worldwide compared to Carelon Research company.

Imperial College London company employs more people globally than Carelon Research company, reflecting its scale as a Research Services.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File Handler. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-19
Updated
Date
2025-10-19
Risk Information
cvss2
Base: 3.5
Severity: HIGH
AV:L/AC:H/Au:S/C:P/I:P/A:P
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 2.0
Severity: HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-19
Updated
Date
2025-10-19
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
cvss3
Base: 3.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in toeverything AFFiNE up to 0.24.1. This vulnerability affects unknown code of the component Avatar Upload Image Endpoint. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-19
Updated
Date
2025-10-19
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
cvss3
Base: 3.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: 52204b4a106b2fb02d16eee06a88a1f2697f9b35. It is recommended to apply a patch to fix this issue.

Published
Date
2025-10-19
Updated
Date
2025-10-19
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-19
Updated
Date
2025-10-19
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References