2018-03-20 18:05:46 -04:00
{
"CVE_data_meta" : {
2018-09-26 14:08:10 -04:00
"ASSIGNER" : "ics-cert@hq.dhs.gov" ,
"DATE_PUBLIC" : "2018-08-31T00:00:00" ,
2018-03-20 18:05:46 -04:00
"ID" : "CVE-2018-8854" ,
2018-09-26 14:08:10 -04:00
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "e-Alert Unit (non-medical device)" ,
"version" : {
"version_data" : [
{
"version_value" : "R2.1 and prior"
}
]
}
}
]
} ,
"vendor_name" : "Philips"
}
]
}
2018-03-20 18:05:46 -04:00
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2018-09-26 14:08:10 -04:00
"value" : "Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "UNCONTROLLED RESOURCE CONSUMPTION ('RESOURCE EXHAUSTION') CWE-400"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
2018-09-26 15:07:25 -04:00
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01" ,
"refsource" : "MISC" ,
2018-09-26 14:08:10 -04:00
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01"
2018-09-26 15:07:25 -04:00
} ,
{
"name" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security" ,
"refsource" : "CONFIRM" ,
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
2018-09-27 06:06:23 -04:00
} ,
{
"name" : "105194" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/105194"
2018-03-20 18:05:46 -04:00
}
]
}
}
