CVE-2018-7498

Опубликовано: 28 мар. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.

Ссылки

http://www.securityfocus.com/bid/103537
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSMA-18-086-01
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/103537
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSMA-18-086-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:philips:alice_6_firmware:*:*:*:*:*:*:*:*

Версия до r8.0.2 (включая)

cpe:2.3:h:philips:alice_6:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-311

Связанные уязвимости

GHSA-pq95-pr6f-3r24