Michigan Medicine
Company Details
Linkedin ID:
michigan-medicine
Website:
Employees number:
14,206
Number of followers:
106,875
NAICS:
62
Industry Type:
Homepage:
uofmhealth.org
IP Addresses:
149
Company ID:
MIC_1147334
Scan Status:
Completed
Michigan Medicine Company CyberSecurity Posture
uofmhealth.org
Michigan Medicine, based in Ann Arbor, Michigan, is part of one of the world’s leading universities. Michigan Medicine is a premier, highly ranked academic medical center and award-winning health care system with state-of-the-art facilities. Our vision is to create the future of health care through scientific discovery, innovations in education, and the most effective and compassionate care. We want to be the leader in health care, health care reform, and biomedical innovation. Michigan Medicine includes the U-M Hospitals and Health Centers; the U-M Medical School and its Faculty Group Practice; one of the nation's largest biomedical research communities; and education programs that train thousands of future health professionals and scientists each year. We were formerly known as the University of Michigan Medical Center; today that term applies generally to the collection of buildings on our main medical campus in Ann Arbor. We have a close partnership with the U-M School of Nursing and other health sciences schools at U-M. Through the Michigan Health Corporation, we are able to form partnerships outside of our University.
Michigan Medicine A.I CyberSecurity Scoring
Michigan Medicine Risk Score (AI oriented)Between 700 and 749
Michigan Medicine
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Michigan Medicine Global Score (TPRM)XXXX
Michigan Medicine
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Michigan Medicine Company CyberSecurity News & History
Past Incidents
5
Attack Types
3
Michigan Medicine
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The patient information of Michigan Medicine was leaked in a data security incident after an employee email account was compromised. A newly-hired employee accessed patients' electronic medical records of about 2,920 patients without any business need. The compromised information included demographic and clinical information such as diagnosis, treatment, and test results. The employee's excess was immediately cut off and further investigation revealed that no information was misused and the employee checked the records out of curiosity.
Michigan Medicine
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On November 10, 2022, the Vermont Office of the Attorney General reported a data breach involving Michigan Medicine that occurred from August 15 to August 23, 2022, due to a phishing attack targeting its employees. The breach potentially exposed identifiable patient information, including names, medical record numbers, addresses, dates of birth, and health insurance information; however, the specific number of individuals affected is unknown.
Michigan Medicine
Cyber Attack
Rankiteo Explanation
Attack without any consequences
Description: Michigan Medicine was targeted in a cyber attack after that experienced intermittent problems with its public websites as a result on a third-party vendor they used to host some of their sites. They worked with the third-party to mitigate it and expect to have sites fully functional as soon as possible. Public websites hosted by a third-party provider are the only websites that have been targeted. All patient information is secure and not included on any of the compromised sites. Michigan Medicine took steps immediately to investigate the matter and implemented additional safeguards to reduce risk to our patients.
Michigan Medicine
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: Michigan Medicine was targeted in a cyber attack that lured employees to a webpage that got them to enter their login information. Four Michigan Medicine employees entered login information and accepted multifactor authentication prompts which gave attackers to access their email accounts and resulted in a breach. The incident compromised the patients' names, addresses, birth dates, treatment information, medical record numbers, and health insurance information of about 33,850 patients. Michigan Medicine took steps immediately to investigate the matter and implemented additional safeguards to reduce risk to our patients.
Michigan Medicine
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Michigan Medicine notified approximately 5,500 patients about a phishing email campaign that have exposed some of their health information. During the campaign, emails containing a malicious link were sent to over 3,200 Michigan Medicine employees. This email was opened by three employees, giving the attacker access to their email accounts. The compromised information includes names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health insurance information. As soon as Michigan Medicine learned that the email accounts were compromised, they were disabled so no further access could take place until the passwords were changed.
Michigan Medicine Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Michigan Medicine
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Michigan Medicine in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Michigan Medicine in 2025.
Incident Types Michigan Medicine vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Michigan Medicine in 2025.
Incident History — Michigan Medicine (X = Date, Y = Severity)
Michigan Medicine cyber incidents detection timeline including parent company and subsidiaries
Michigan Medicine Company Subsidiaries
Michigan Medicine, based in Ann Arbor, Michigan, is part of one of the world’s leading universities. Michigan Medicine is a premier, highly ranked academic medical center and award-winning health care system with state-of-the-art facilities. Our vision is to create the future of health care through scientific discovery, innovations in education, and the most effective and compassionate care. We want to be the leader in health care, health care reform, and biomedical innovation. Michigan Medicine includes the U-M Hospitals and Health Centers; the U-M Medical School and its Faculty Group Practice; one of the nation's largest biomedical research communities; and education programs that train thousands of future health professionals and scientists each year. We were formerly known as the University of Michigan Medical Center; today that term applies generally to the collection of buildings on our main medical campus in Ann Arbor. We have a close partnership with the U-M School of Nursing and other health sciences schools at U-M. Through the Michigan Health Corporation, we are able to form partnerships outside of our University.
Loading...
Michigan Medicine Similar Companies
Mount Sinai Health System
The Mount Sinai Health System is an integrated health system committed to providing distinguished care, conducting transformative research, and advancing biomedical education. Structured around seven hospital campuses and a single medical school, the Health System has an extensive ambulatory netwo
Since its start in 1855 as the nation's first hospital devoted exclusively to caring for children, The Children's Hospital of Philadelphia has been the birthplace for many dramatic firsts in pediatric medicine. The Hospital has fostered medical discoveries and innovations that have improved pediatri
Geisinger is among the nation’s leading providers of value-based care, serving 1.2 million people in urban and rural communities across Pennsylvania. Founded in 1915 by philanthropist Abigail Geisinger, the nonprofit system generates $10 billion in annual revenues across 126 care sites — including 1
Johns Hopkins Medicine is a governing structure for the University’s School of Medicine and the health system, coordinating their research, teaching, patient care, and related enterprises. The Johns Hopkins Hospital opened in 1889, followed four years later by the university’s School of Medicine
American Medical Response
American Medical Response, America’s leading provider of medical transportation, has a single mission: making a difference by caring for people in need. AMR solutions include 911 emergency, interfacility transportation, event medical, advanced & basic life support transports and federal disaster res
Omega Healthcare Management Services
Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) empowers healthcare to thrive via intelligent solutions that optimize revenue cycle operations, administrative workflows, care coordination, and clinical research on a global scale. The company works with providers, payers, li
Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems across 14 states, CHS is committed to helping people get well and live healthier. CHS affiliates operate 70 acute-care hospitals and more than 1,000 other sites of care,
Rochester Regional Health
Rochester Regional Health, headquartered in Rochester, NY, is an integrated health services organization serving the people of Western New York, the Finger Lakes, St. Lawrence County, and beyond. We are dedicated to helping our community stay healthy and live fulfilling lives. Together, we find the
Cedars-Sinai
Since its beginning in 1902, Cedars-Sinai has evolved to meet the healthcare needs of one of the most diverse regions in the nation, continually setting new standards for quality and innovation in patient care, research, teaching and community service. Today, Cedars-Sinai is widely known for its na
.png)
Michigan Medicine CyberSecurity News
October 21, 2025 03:00 PM
Government shutdown brings uncertainty to UMich
This week, the federal government shutdown brought uncertainty to the University of Michigan, the University's Board of Regents discussed...
October 16, 2025 07:00 AM
UMich Board of Regents discusses cybersecurity, Big Ten financial deal and OSCR appeals board
The University of Michigan's Board of Regents met to discuss campus cybersecurity and a potential financial deal with the Big Ten...
September 23, 2025 07:00 AM
Michigan Critical Access Hospital Suffers Two Hacking Incidents Affecting Almost 78,000 Individuals
Sturgis Hospital, a rural critical access hospital in Michigan, has recently reported two security incidents to the HHS' Office for Civil...
September 19, 2025 07:00 AM
Cyber Security Headlines Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical
This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine,...
August 26, 2025 07:00 AM
Thumb hospital system hacked as cybercriminals move to rural heath care industry
The personal data of nearly 139000 people in Michigan's Thumb has been compromised in a cybersecurity breach at Aspire Rural Health System.
August 24, 2025 07:00 AM
Hack of Michigan health system exposes patients’ lab results
Aspire Rural Health Systems suffered a major cyberattack exposing 140000 patients' medical records, financial data, and personal info.
August 15, 2025 07:00 AM
Langdon & Company; Michigan Medicine Announce Data Breaches
A cyberattack has been announced by the North Carolina accountancy firm Langdon & Company, and Michigan Medicine has experienced a mailing...
July 09, 2025 07:00 AM
Hospitals can fight cybercriminals by prioritizing security of billing data, not medical records
Health care cybersecurity policy rests on a fundamental misunderstanding of what cybercriminals actually want. For years, regulators and...
July 07, 2025 07:00 AM
Embracing AI-Native DLP with Orion Security
DLP can be a bit of a four-letter word in cybersecurity. False positives are a major problem with any traditional DLP solution because...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Michigan Medicine CyberSecurity History Information
Official Website of Michigan Medicine
The official website of Michigan Medicine is http://www.uofmhealth.org.
Michigan Medicine’s AI-Generated Cybersecurity Score
According to Rankiteo, Michigan Medicine’s AI-generated cybersecurity score is 700, reflecting their Moderate security posture.
How many security badges does Michigan Medicine’ have ?
According to Rankiteo, Michigan Medicine currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Michigan Medicine have SOC 2 Type 1 certification ?
According to Rankiteo, Michigan Medicine is not certified under SOC 2 Type 1.
Does Michigan Medicine have SOC 2 Type 2 certification ?
According to Rankiteo, Michigan Medicine does not hold a SOC 2 Type 2 certification.
Does Michigan Medicine comply with GDPR ?
According to Rankiteo, Michigan Medicine is not listed as GDPR compliant.
Does Michigan Medicine have PCI DSS certification ?
According to Rankiteo, Michigan Medicine does not currently maintain PCI DSS compliance.
Does Michigan Medicine comply with HIPAA ?
According to Rankiteo, Michigan Medicine is not compliant with HIPAA regulations.
Does Michigan Medicine have ISO 27001 certification ?
According to Rankiteo,Michigan Medicine is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Michigan Medicine
Michigan Medicine operates primarily in the Hospitals and Health Care industry.
Number of Employees at Michigan Medicine
Michigan Medicine employs approximately 14,206 people worldwide.
Subsidiaries Owned by Michigan Medicine
Michigan Medicine presently has no subsidiaries across any sectors.
Michigan Medicine’s LinkedIn Followers
Michigan Medicine’s official LinkedIn profile has approximately 106,875 followers.
NAICS Classification of Michigan Medicine
Michigan Medicine is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Michigan Medicine’s Presence on Crunchbase
No, Michigan Medicine does not have a profile on Crunchbase.
Michigan Medicine’s Presence on LinkedIn
Yes, Michigan Medicine maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/michigan-medicine.
Cybersecurity Incidents Involving Michigan Medicine
As of November 27, 2025, Rankiteo reports that Michigan Medicine has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Michigan Medicine has an estimated 29,962 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Michigan Medicine ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach, Data Leak and Cyber Attack.
How does Michigan Medicine detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with employee's access was immediately cut off, and and remediation measures with implemented additional safeguards, and containment measures with disabled compromised email accounts, containment measures with changed passwords..
Incident Details
Can you provide details on each incident ?
Title: Michigan Medicine Data Security Incident
Description: The patient information of Michigan Medicine was leaked in a data security incident after an employee email account was compromised. A newly-hired employee accessed patients' electronic medical records of about 2,920 patients without any business need. The compromised information included demographic and clinical information such as diagnosis, treatment, and test results. The employee's excess was immediately cut off and further investigation revealed that no information was misused and the employee checked the records out of curiosity.
Type: Data Breach
Attack Vector: Compromised Email Account
Threat Actor: Internal Employee
Motivation: Curiosity
Title: Michigan Medicine Cyber Attack
Description: Michigan Medicine was targeted in a cyber attack that lured employees to a webpage that got them to enter their login information. Four Michigan Medicine employees entered login information and accepted multifactor authentication prompts which gave attackers access to their email accounts and resulted in a breach. The incident compromised the patients' names, addresses, birth dates, treatment information, medical record numbers, and health insurance information of about 33,850 patients. Michigan Medicine took steps immediately to investigate the matter and implemented additional safeguards to reduce risk to our patients.
Type: Data Breach
Attack Vector: Phishing
Vulnerability Exploited: Human Error
Title: Cyber Attack on Michigan Medicine
Description: Michigan Medicine experienced intermittent problems with its public websites due to a cyber attack on a third-party vendor hosting some of their sites. The websites were targeted, but patient information remained secure and was not compromised.
Type: Cyber Attack
Attack Vector: Third-party vendor compromise
Title: Phishing Email Campaign at Michigan Medicine
Description: Michigan Medicine notified approximately 5,500 patients about a phishing email campaign that exposed some of their health information. Emails containing a malicious link were sent to over 3,200 Michigan Medicine employees, and three employees opened the email, giving the attacker access to their email accounts.
Type: Phishing
Attack Vector: Email
Vulnerability Exploited: Human
Title: Michigan Medicine Data Breach
Description: A data breach at Michigan Medicine occurred from August 15 to August 23, 2022, due to a phishing attack targeting its employees. The breach potentially exposed identifiable patient information, including names, medical record numbers, addresses, dates of birth, and health insurance information.
Date Detected: 2022-08-23
Date Publicly Disclosed: 2022-11-10
Type: Data Breach
Attack Vector: Phishing
Vulnerability Exploited: Human
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Email Account, Email and Phishing email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MIC173012522
Data Compromised: Demographic information, Clinical information
Incident : Data Breach MIC05131122
Data Compromised: Names, Addresses, Birth dates, Treatment information, Medical record numbers, Health insurance information
Systems Affected: Email Accounts
Incident : Cyber Attack MIC8259223
Systems Affected: Public websites hosted by a third-party provider
Operational Impact: Intermittent problems with public websites
Incident : Phishing MIC4393423
Data Compromised: Names, Medical record numbers, Addresses, Dates of birth, Diagnostic and treatment information, Health insurance information
Incident : Data Breach MIC514072725
Data Compromised: Names, Medical record numbers, Addresses, Dates of birth, Health insurance information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Demographic Information, Clinical Information, , Personally Identifiable Information, Health Information, , Names, Medical Record Numbers, Addresses, Dates Of Birth, Diagnostic And Treatment Information, Health Insurance Information, , Names, Medical Record Numbers, Addresses, Dates Of Birth, Health Insurance Information and .
Which entities were affected by each incident ?
Incident : Data Breach MIC173012522
Entity Name: Michigan Medicine
Entity Type: Healthcare
Industry: Healthcare
Location: Michigan
Customers Affected: 2920
Incident : Data Breach MIC05131122
Entity Name: Michigan Medicine
Entity Type: Healthcare Provider
Industry: Healthcare
Location: Michigan
Customers Affected: 33850
Incident : Cyber Attack MIC8259223
Entity Name: Michigan Medicine
Entity Type: Healthcare
Industry: Healthcare
Location: Michigan, USA
Incident : Phishing MIC4393423
Entity Name: Michigan Medicine
Entity Type: Healthcare
Industry: Healthcare
Customers Affected: 5500
Incident : Data Breach MIC514072725
Entity Name: Michigan Medicine
Entity Type: Healthcare
Industry: Healthcare
Location: Michigan
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MIC173012522
Containment Measures: Employee's access was immediately cut off
Incident : Cyber Attack MIC8259223
Remediation Measures: Implemented additional safeguards
Incident : Phishing MIC4393423
Containment Measures: Disabled compromised email accountsChanged passwords
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MIC173012522
Type of Data Compromised: Demographic information, Clinical information
Number of Records Exposed: 2920
Sensitivity of Data: High
Personally Identifiable Information: Demographic Information
Incident : Data Breach MIC05131122
Type of Data Compromised: Personally identifiable information, Health information
Number of Records Exposed: 33850
Sensitivity of Data: High
Personally Identifiable Information: NamesAddressesBirth DatesMedical Record NumbersHealth Insurance Information
Incident : Phishing MIC4393423
Type of Data Compromised: Names, Medical record numbers, Addresses, Dates of birth, Diagnostic and treatment information, Health insurance information
Number of Records Exposed: 5500
Sensitivity of Data: High
Incident : Data Breach MIC514072725
Type of Data Compromised: Names, Medical record numbers, Addresses, Dates of birth, Health insurance information
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented additional safeguards, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by employee's access was immediately cut off, disabled compromised email accounts, changed passwords and .
References
Where can I find more information about each incident ?
Incident : Data Breach MIC514072725
Source: Vermont Office of the Attorney General
Date Accessed: 2022-11-10
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Office of the Attorney GeneralDate Accessed: 2022-11-10.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach MIC173012522
Investigation Status: Resolved
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach MIC173012522
Entry Point: Compromised Email Account
Incident : Phishing MIC4393423
Entry Point: Email
Incident : Data Breach MIC514072725
Entry Point: Phishing email
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach MIC173012522
Root Causes: Internal Employee Curiosity
Incident : Data Breach MIC514072725
Root Causes: Phishing attack targeting employees
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Internal Employee.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-08-23.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-11-10.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Demographic Information, Clinical Information, , Names, Addresses, Birth Dates, Treatment Information, Medical Record Numbers, Health Insurance Information, , Names, Medical record numbers, Addresses, Dates of birth, Diagnostic and treatment information, Health insurance information, , names, medical record numbers, addresses, dates of birth, health insurance information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Email Accounts and Public websites hosted by a third-party provider.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Employee's access was immediately cut off and Disabled compromised email accountsChanged passwords.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Medical Record Numbers, Names, names, dates of birth, Addresses, Medical record numbers, Clinical Information, Birth Dates, medical record numbers, Dates of birth, health insurance information, Diagnostic and treatment information, Treatment Information, addresses, Health insurance information, Demographic Information and Health Insurance Information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.2K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Vermont Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Resolved.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Phishing email, Compromised Email Account and Email.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Internal Employee Curiosity, Phishing attack targeting employees.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=michigan-medicine' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
