Описание
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party AdvisoryUS Government Resource
- Issue TrackingMitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party AdvisoryUS Government Resource
- Issue TrackingMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.3.0 (включая)Версия до r4.1l1 (включая)
Одно из
cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*
cpe:2.3:a:philips:xcelera:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01003
Низкий
7.2 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements.
EPSS
Процентиль: 77%
0.01003
Низкий
7.2 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522