Publishing CVE-2018-19010 content using on 1/28/2019 information provided by the CNA.

2025-06-08 22:18:26 +00:00 · 2019-01-28 16:37:03 -05:00 · 2019-01-28 16:37:03 -05:00 · dc149b7a7d
commit dc149b7a7d
parent b2f9a3c62e
1 changed files with 46 additions and 3 deletions
--- a/2018/19xxx/CVE-2018-19010.json
+++ b/2018/19xxx/CVE-2018-19010.json
@ -1,8 +1,32 @@
 {
   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER" : "ics-cert@hq.dhs.gov",
+      "DATE_PUBLIC" : "2019-01-22T00:00:00",
      "ID" : "CVE-2018-19010",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "Dr&#195;&#164;ger Infinity Delta",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions."
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "ICS-CERT"
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +35,26 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "Dr&#195;&#164;ger Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. A malformed network packet may cause the monitor to reboot. By repeatedly sending the malformed network packet, an attacker may be able to disrupt patient monitoring by causing the monitor to repeatedly reboot until it falls back to default configuration and loses network connectivity."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "IMPROPER INPUT VALIDATION CWE-20"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01"
         }
      ]
   }