Input Validation Vulnerability in Philips Intellispace Portal
CVE-2018-5474

9.8CRITICAL

Key Information:

Vendor
Philips
Status
Philips Intellispace Portal
Vendor
CVE Published:
26 March 2018

Summary

Philips Intellispace Portal versions 7.0.x and 8.0.x are affected by an input validation flaw that could enable remote attackers to execute arbitrary code or disrupt application functionality. This vulnerability highlights the critical need for robust input validation measures to safeguard sensitive healthcare data and maintain application integrity.

Affected Version(s)

Philips IntelliSpace Portal 8.0.x

Philips IntelliSpace Portal 7.0.x

References

https://www.usa.philips.com/healthcare/about/customer-sup...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/103182
vdb-entryx_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.