Vulnerability Details CVE-2018-8844
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/105194
- https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
- http://www.securityfocus.com/bid/105194
- https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01
- https://www.usa.philips.com/healthcare/about/customer-support/product-security
Products affected by CVE-2018-8844
-
cpe:2.3:o:philips:e-alert_firmware:-
-
cpe:2.3:o:philips:e-alert_firmware:2.1
-
cpe:2.3:o:philips:e-alert_firmware:r2.1