admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-162xx/CVE-2020-16220.json
cad-safe-bot 308d9c270e Auto-Update: 2023-12-12T23:00:18.803294+00:00
2023-12-12 23:00:22 +00:00

124 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-16220",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2020-09-11T14:15:11.503",
"lastModified": "2023-12-12T21:15:07.717",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In Patient Information Center iX (PICiX) Versions C.02, C.03, \nPerformanceBridge Focal Point Version A.01, the product receives input \nthat is expected to be well-formed (i.e., to comply with a certain \nsyntax) but it does not validate or incorrectly validates that the input\n complies with the syntax, causing the certificate enrollment service to\n crash. It does not impact monitoring but prevents new devices from \nenrolling.\n\n\n\n"
},
{
"lang": "es",
"value": "Patient Information Center iX (PICiX) Versiones B.02, C.02, C.03, PerformanceBridge Focal Point Versi\u00f3n A.01, Monitores de paciente IntelliVue MX100, MX400-MX850 y MP2-MP90 Versiones N y anteriores, IntelliVue X3 y X2 Versiones N y anteriores. El producto recibe una entrada que se espera que est\u00e9 bien formada (es decir, que cumpla con una determinada sintaxis) pero no comprueba o comprueba incorrectamente que la entrada cumple con la sintaxis, causando que el servicio de inscripci\u00f3n de certificados se bloque. No impacta la supervisi\u00f3n, pero evita que se inscriban nuevos dispositivos"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1286"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FA1FEC-5139-48C1-856C-8062436AE6C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4CF59B-32DC-4F48-88C5-77B96E937E93"
}
]
}
]
}
],
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.philips.com/productsecurity",
"source": "ics-cert@hq.dhs.gov"
}
]
}
Reference in New Issue View Git Blame Copy Permalink