Vulnerability Details CVE-2018-8867
In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2018-8867
-
cpe:2.3:h:ge:pacsystems_cpu320:-
-
cpe:2.3:h:ge:pacsystems_cru320:-
-
cpe:2.3:h:ge:pacsystems_rsti-ep_cpe_100:-
-
cpe:2.3:h:ge:pacsystems_rx3i_cpe305:-
-
cpe:2.3:h:ge:pacsystems_rx3i_cpe310:-
-
cpe:2.3:h:ge:pacsystems_rxi:-
-
cpe:2.3:h:ge:rx3i_cpe330:-
-
cpe:2.3:h:ge:rx3i_cpe_400:-
-
cpe:2.3:o:ge:pacsystems_cpu320_firmware:-
-
cpe:2.3:o:ge:pacsystems_cru320_firmware:-
-
cpe:2.3:o:ge:pacsystems_rsti-ep_cpe_100_firmware:-
-
cpe:2.3:o:ge:pacsystems_rx3i_cpe305_firmware:9.20
-
cpe:2.3:o:ge:pacsystems_rx3i_cpe310_firmware:9.20
-
cpe:2.3:o:ge:pacsystems_rxi_firmware:-
-
cpe:2.3:o:ge:rx3i_cpe330_firmware:9.21
-
cpe:2.3:o:ge:rx3i_cpe_400_firmware:9.30