Nhi

Health Insurance Web Service Component

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-35217

  • EPSS 0.07%
  • Veröffentlicht 02.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:10:54

The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute ...

5.5

CVE-2022-35218

  • EPSS 0.05%
  • Veröffentlicht 02.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:10:54

The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

5.5

CVE-2022-35219

  • EPSS 0.05%
  • Veröffentlicht 02.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:10:54

The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

7.8

CVE-2021-45918

  • EPSS 0.68%
  • Veröffentlicht 20.06.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 06:33:16

NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the progr...