CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5470
https://notcve.org/view.php?id=CVE-2018-5470
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges. Philips IntelliSpace Portal, en todas las versiones 8.0.x y 7.0.x, se ha identificado una vulnerabilidad de elemento o ruta de búsqueda no entrecomillados. Esto podría permitir a un usuario local autorizado ejecutar código arbitrario y escalar su nivel de privilegios. • http://www.securityfocus.com/bid/103182 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-426: Untrusted Search Path CWE-428: Unquoted Search Path or Element •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2018-5474
https://notcve.org/view.php?id=CVE-2018-5474
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash. Philips IntelliSpace Portal, en todas las versiones 7.0.x y 8.0.x, contiene una vulnerabilidad de validación de entradas que podría permitir a n atacante remoto ejecutar código arbitrario o provocar el cierre inesperado de la aplicación. • http://www.securityfocus.com/bid/103182 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5458
https://notcve.org/view.php?id=CVE-2018-5458
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information. Philips IntelliSpace Portal, en todas las versiones 8.0.x y 7.0.x, contiene una vulnerabilidad al emplear cifrado SSL heredado que podría permitir a un atacante obtener acceso no autorizado a recursos e información. • http://www.securityfocus.com/bid/103182 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5462
https://notcve.org/view.php?id=CVE-2018-5462
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. Philips IntelliSpace Portal, en todas las versiones 8.0.x y 7.0.x, contiene una vulnerabilidad de certificado de nombre de host incorrecto. Esto podría permitir a un atacante obtener acceso no autorizado a recursos e información. • http://www.securityfocus.com/bid/103182 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5454
https://notcve.org/view.php?id=CVE-2018-5454
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime. Philips IntelliSpace Portal, en todas las versiones 8.0.x y 7.0.x, contiene una vulnerabilidad por la que se habilitan métodos de depuración de código. Esto podría permitir que un atacante ejecute código arbitrario de forma remota durante el tiempo de ejecución. • http://www.securityfocus.com/bid/103182 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-489: Active Debug Code •