ID |
CVE-2018-14789
|
Summary |
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:philips:intellispace_cardiovascular:-:*:*:*:*:*:*:*
cpe:2.3:a:philips:intellispace_cardiovascular:-:*:*:*:*:*:*:*
-
cpe:2.3:a:philips:intellispace_cardiovascular:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:philips:intellispace_cardiovascular:2.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:philips:intellispace_cardiovascular:3.1:*:*:*:*:*:*:*
cpe:2.3:a:philips:intellispace_cardiovascular:3.1:*:*:*:*:*:*:*
-
cpe:2.3:a:philips:xcelera:4.1:*:*:*:*:*:*:*
cpe:2.3:a:philips:xcelera:4.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.6 (as of 22-04-2022 - 19:23) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-428 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
22-04-2022 - 19:23 |
Published |
22-08-2018 - 18:29 |
Last modified |
22-04-2022 - 19:23 |