8.1

CVE-2018-5454

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhilipsIntellispace Portal Version8.0
PhilipsIntellispace Portal Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.54% 0.878
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-489 Active Debug Code

The product is released with debugging code still enabled or active.

https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
Third Party Advisory
US Government Resource
https://www.usa.philips.com/healthcare/about/customer-support/product-security
Vendor Advisory
http://www.securityfocus.com/bid/103182
Third Party Advisory
VDB Entry