admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submissions from ICS-CERT for ICSMA-18-058-02 from 2018-03-23.

Browse Source
This commit is contained in:
CVE Team 2018-03-26 09:06:34 -04:00
parent 97335d2b5e
commit 0e704c3ca4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 468 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2018/5xxx/CVE-2018-5454.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5454",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "LEFTOVER DEBUG CODE CWE-489"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5458.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5458",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CRYPTOGRAPHIC ISSUES CWE-310"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5462.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5462",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CRYPTOGRAPHIC ISSUES CWE-310"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5464.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5464",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CRYPTOGRAPHIC ISSUES CWE-310"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5466.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5466",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CRYPTOGRAPHIC ISSUES CWE-310"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5468.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5468",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips Intellispace Portal all versions 7.0.x and 8.0.x have an remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5470.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5470",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "UNQUOTED SEARCH PATH OR ELEMENT CWE-428"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5472.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5472",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}

55
2018/5xxx/CVE-2018-5474.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-02-27T00:00:00",
"ID" : "CVE-2018-5474",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Philips IntelliSpace Portal",
"version" : {
"version_data" : [
{
"version_value" : "8.0.x"
},
{
"version_value" : "7.0.x"
}
]
}
}
]
},
"vendor_name" : "Philips"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "IMPROPER INPUT VALIDATION CWE-20"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"url" : "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
]
}